[issue1975] signals not always delivered to main thread, since other threads have the signal unmasked

Antoine Pitrou added the comment: > 1. On FreeBSD, we must assume that every blocking system call, in *every > thread*, can be interrupted, and we need to catch EINTR. > > 2. On FreeBSD, we cannot block indefinitely in the main thread and expect to > handle signals. This means that indefini

[issue1975] signals not always delivered to main thread, since other threads have the signal unmasked

Duncan Findlay added the comment: I've been digging into this quite a bit, and I've been able to dig up a little more info. * In Python 2.1, the behavior was very similar to what we have now -- signals were not blocked. http://bugs.python.org/issue465673 was filed reporting issues with readl

[issue13616] Never ending loop in in update_refs Modules/gcmodule.c

Jesús Cea Avión added the comment: David, if you get desperate, let us know. If you can deal with Mercurial and compiling Python code, I could post a mercurial repository/branch with code modifications to help you to debug this. But it is almost Christmas and I am VERY busy and have to do a f

[issue13616] Never ending loop in in update_refs Modules/gcmodule.c

Jesús Cea Avión added the comment: Instrumentalize: check for this pathological case (an object with a GC pointer back to itself) in the code that modify the GC pointers. Lets say, everytime code change the pointers, you test for this. Luckily you can learn the codepath creating this situatio

[issue13616] Never ending loop in in update_refs Modules/gcmodule.c

David Butler added the comment: 2011/12/19 Jesús Cea Avión I am willing to work toward a simplified test case, but its going to be difficult, I am hoping that I can narrow down the source of the problem... Forgive me, I'm gdb is actually a new thing to me... how could I check the object type?

[issue11638] python setup.py sdist --formats tar* crashes if version is unicode

Changes by Jason R. Coombs : Added file: http://bugs.python.org/file24059/9e9ea96eb0dd.diff ___ Python tracker ___ ___ Python-bugs-list mailin

[issue11638] python setup.py sdist --formats tar* crashes if version is unicode

Jason R. Coombs added the comment: I've created a repo to continue this work. I've integrated David's patch (thanks). It's not obvious to me what the encoding should be. Python and the tarfile module can accept unicode filenames. It seems that only the gzip part of tarfile fails if a unicode

[issue13640] add mimetype for application/vnd.apple.mpegurl

New submission from Hiroaki Kawai : Add application/vnd.apple.mpegurl, which is used by smartphones recently. It is registered in IANA : http://www.iana.org/assignments/media-types/application/vnd.apple.mpegurl An application is described in http://tools.ietf.org/html/draft-pantos-http-live-st

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

Changes by Jesús Cea Avión : -- nosy: +jcea ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.

[issue13635] Python SSL stack doesn't support ordering of Ciphers

Changes by Jesús Cea Avión : -- nosy: +jcea ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.

[issue13634] Python SSL stack doesn't support Compression configuration

Changes by Jesús Cea Avión : -- nosy: +jcea ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.

[issue11638] python setup.py sdist --formats tar* crashes if version is unicode

Jason R. Coombs added the comment: I believe the underlying cause of this issue is #13639. -- ___ Python tracker ___ ___ Python-bugs-

[issue13639] UnicodeDecodeError when creating tar.gz with unicode name

New submission from Jason R. Coombs : python -c "import tarfile; tarfile.open(u'hello.tar.gz', 'w|gz')" produces Traceback (most recent call last): File "", line 1, in File "C:\Users\jaraco\projects\public\cpython\Lib\tarfile.py", line 1687, in open _Stream(name, filemode, comptype, f

[issue13616] Never ending loop in in update_refs Modules/gcmodule.c

Jesús Cea Avión added the comment: It seems to be a real infinite loop. Bad thing. Could be a bug in an extension, difficult to say. This is going to be VERY difficult to debug without a reproductible case we can try. Could you possibly check the object type of the "infinite loop" object?. I

[issue13405] Add DTrace probes

Stan Cox added the comment: systemtap doesn't have have a ustack helper, but if the frame pointer were provided to PYTHON_FUNCTION_ENTRY, then it could be cached to provide python stack frame access. --- Python/ceval.c.12011-12-07 11:18:03.733659382 -0500 +++ Python/ceval.c 2011-12-1

[issue13620] Support Chrome in webbrowser.py

Arnaud Calmettes added the comment: Here is a patch against the 3.3 documentation, mentionning the new supported browser types. -- Added file: http://bugs.python.org/file24057/webbrowser_doc.patch ___ Python tracker

[issue13051] Infinite recursion in curses.textpad.Textbox

Brian Curtin added the comment: Would you be able to produce a unit test which fails before your patch is applied, but succeeds after applying your changes? That'll make your changes more likely to get accepted. -- nosy: +brian.curtin ___ Python tr

[issue13620] Support Chrome in webbrowser.py

Oleg Broytman added the comment: I'm fine with that version. -- ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue13620] Support Chrome in webbrowser.py

Changes by Oleg Broytman : Removed file: http://bugs.python.org/file24055/webbrowser.py.patch ___ Python tracker ___ ___ Python-bugs-list mail

[issue13620] Support Chrome in webbrowser.py

Arnaud Calmettes added the comment: The new patch works under Ubuntu but not not under Archlinux anymore (where the program is named "chromium"). Here is a patch that works with python 3.3 under both distributions. -- Added file: http://bugs.python.org/file24056/webbrowser.py-2.patch

[issue13601] sys.stderr should always be line-buffered

Geoffrey Bache added the comment: I think we all agree line-buffering is sufficient, so I change the title. -- title: sys.stderr should be unbuffered (or always line-buffered) -> sys.stderr should always be line-buffered ___ Python tracker

[issue13597] Improve documentation of stdout/stderr buffering in Python 3.x

Geoffrey Bache added the comment: The changes are good as far as they go, but they only affect the documentation of sys.stderr and sys.stdout. I also suggested changes to the documentation of the "-u" flag, and to "What's New in Python 3.0", can someone look at that also? -- __

[issue13601] sys.stderr should be unbuffered (or always line-buffered)

Geoffrey Bache added the comment: > I'm hesitant to make it line-buffered by default when directed to a > file, since this could significantly slow down a program that for some > reason produces super-voluminous output (e.g. when running a program > with heavy debug logging turned on). Is that

[issue13620] Support Chrome in webbrowser.py

Oleg Broytman added the comment: I updated the patch. Thank you for reviewing! -- keywords: +patch Added file: http://bugs.python.org/file24055/webbrowser.py.patch ___ Python tracker __

[issue13620] Support Chrome in webbrowser.py

Changes by Oleg Broytman : Removed file: http://bugs.python.org/file23986/webbrowser.py.patch ___ Python tracker ___ ___ Python-bugs-list mail

[issue13051] Infinite recursion in curses.textpad.Textbox

Changes by Ned Deily : -- nosy: +haypo stage: -> patch review ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue13620] Support Chrome in webbrowser.py

Arnaud Calmettes added the comment: Hi. The patch works fine on my box with Chromium 16 under Archlinux. However, I think it might not work under Ubuntu or Debian, since the program is named "chromium-browser" on these distros, and it is missing from the list of tested browser. I am setting u

[issue8684] improvements to sched.py

Giampaolo Rodola' added the comment: This should now be fixed. Thanks for signaling. -- status: open -> closed ___ Python tracker ___

[issue8684] improvements to sched.py

Roundup Robot added the comment: New changeset 50267d2bb320 by Giampaolo Rodola' in branch 'default': (bug #8684) fix 'fedora without thread buildbot' as per http://bugs.python.org/issue8684 http://hg.python.org/cpython/rev/50267d2bb320 -- ___ Pytho

[issue13616] Never ending loop in in update_refs Modules/gcmodule.c

David Butler added the comment: sorry for the delay, I had to wait until the problem occurred again... I gdb'ed into the process again, the backtrace is a little different this time... (gdb) bt #0 0xb76adfc6 in update_refs (containers=) at Modules/gcmodule.c:292 #1 collect (generation=2) a

[issue13630] IDLE: Find(ed) text is not highlighted while dialog box is open

Roger Serwy added the comment: IDLE does have a color scheme configuration for "found" as listed in the highlighting config dialog and internally as the Tkinter Text tag "hit". This looks like the stubs for functionality that never got implemented. Take a look at the SearchBar IDLE extension.

[issue13626] Python SSL stack doesn't support DH ciphers

Antoine Pitrou added the comment: Here is a patch adding the load_dh_params method on SSL contexts, and the OP_SINGLE_DH_USE option flag. -- keywords: +patch stage: needs patch -> patch review Added file: http://bugs.python.org/file24053/dh.patch __

[issue11638] python setup.py sdist --formats tar* crashes if version is unicode

Jason R. Coombs added the comment: This error is also encountered if the package name is unicode. The error can be simply reproduced with this command: python -c "from setuptools import setup; setup(name=u'foo')" sdist --formats gztar The error also occurs with the bdist command, and probabl

[issue11638] python setup.py sdist --formats tar* crashes if version is unicode

Jason R. Coombs added the comment: I meant to paste the repro with distutils.core: python -c "from distutils.core import setup; setup(name=u'foo')" sdist --formats gztar -- ___ Python tracker ___

[issue13638] PyErr_SetFromErrnoWithFilenameObject is undocumented

New submission from Antoine Pitrou : Its declaration can be found in Include/pyerrors.h. Same for PyErr_SetExcFromWindowsErrWithFilenameObject. -- assignee: docs@python components: Documentation messages: 149877 nosy: arnaudc, docs@python, haypo, pitrou priority: normal severity: normal

[issue13637] binascii.a2b_* functions could accept unicode strings

New submission from Antoine Pitrou : a2b_hex and friends accept only byte strings: >>> binascii.a2b_hex(b'00') b'\x00' >>> binascii.a2b_hex('00') Traceback (most recent call last): File "", line 1, in TypeError: 'str' does not support the buffer interface But they could just as well accept A

[issue13627] Python SSL stack doesn't support Elliptic Curve ciphers

Antoine Pitrou added the comment: Patch now committed in 3.3. -- resolution: -> fixed stage: patch review -> committed/rejected status: open -> closed ___ Python tracker ___ __

[issue13627] Python SSL stack doesn't support Elliptic Curve ciphers

Roundup Robot added the comment: New changeset 8b729d65cfd2 by Antoine Pitrou in branch 'default': Issue #13627: Add support for SSL Elliptic Curve-based Diffie-Hellman http://hg.python.org/cpython/rev/8b729d65cfd2 -- nosy: +python-dev ___ Python tra

[issue6743] Add function compatible with print to pprint module

Changes by Antoine Pitrou : -- nosy: +rhettinger ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.pyt

[issue5424] Packed IPaddr conversion tests should be extended

Antoine Pitrou added the comment: I have finally committed the patch. Thank you! -- resolution: -> fixed stage: patch review -> committed/rejected status: open -> closed ___ Python tracker

[issue5424] Packed IPaddr conversion tests should be extended

Roundup Robot added the comment: New changeset 71e5a083f9b1 by Antoine Pitrou in branch '3.2': Issue #5424: add tests for inet_ntoa, inet_ntop, inet_aton and inet_pton. http://hg.python.org/cpython/rev/71e5a083f9b1 New changeset a3d5f522065f by Antoine Pitrou in branch 'default': Issue #5424: a

[issue13583] sqlite3.Row doesn't support slice indexes

Antoine Pitrou added the comment: Thanks for the patch. Two things: - there is a compilation warning using gcc: /home/antoine/cpython/default/Modules/_sqlite/row.c: In function ‘pysqlite_row_subscript’: /home/antoine/cpython/default/Modules/_sqlite/row.c:128:26: attention : passing argument

[issue13612] xml.etree.ElementTree says unknown encoding of a regular encoding

Changes by Antoine Pitrou : -- nosy: +flox, haypo versions: +Python 3.2, Python 3.3 ___ Python tracker ___ ___ Python-bugs-list mailin

[issue13453] Tests and network timeouts

Roundup Robot added the comment: New changeset 2228d985fdcc by Charles-François Natali in branch '2.7': Issue #13453: Try to increase some socket timeouts to make some buildbots stop http://hg.python.org/cpython/rev/2228d985fdcc New changeset d7daf98c068e by Charles-François Natali in branch '3

[issue13453] Tests and network timeouts

Antoine Pitrou added the comment: Jesus is the OpenIndiana buildbots' administrator. -- nosy: +jcea ___ Python tracker ___ ___ Python

[issue13453] Tests and network timeouts

Antoine Pitrou added the comment: > File "/var/lib/buildslave/3.x.murray-gentoo/build/Lib/socket.py", line 275, > in readinto > raise IOError("cannot read from timed out object") > OSError: cannot read from timed out object Ah, annoying. The NNTP tests use a single connection, and when a

[issue13453] Tests and network timeouts

Charles-François Natali added the comment: Another failure on an OpenIndiana buildbot: """ == ERROR: testTimeoutConnect (test.test_ftplib.TestTimeouts) -- Trace

[issue13620] Support Chrome in webbrowser.py

Changes by Antoine Pitrou : -- keywords: +easy, needs review -patch nosy: +georg.brandl stage: -> patch review versions: +Python 3.3 ___ Python tracker ___ _

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

Antoine Pitrou added the comment: > About ECDHE use as a default, prioritized key exchange method, google > is using it along with RC4: Hmmm... do note that RC4 is disabled with "HIGH". -- ___ Python tracker

[issue13634] Python SSL stack doesn't support Compression configuration

Antoine Pitrou added the comment: (note that some OpenSSLs are built without compression, such as Mageia's) -- ___ Python tracker ___ ___

[issue13634] Python SSL stack doesn't support Compression configuration

Antoine Pitrou added the comment: Here is a patch. -- keywords: +patch stage: needs patch -> patch review Added file: http://bugs.python.org/file24052/compression.patch ___ Python tracker _

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

naif added the comment: I confirm, tested "HIGH:!SSLv2" and MD5 cannot be negotiated. -- ___ Python tracker ___ ___ Python-bugs-list

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

Antoine Pitrou added the comment: > I would suggest to try to keep ECC/ECDH/ECDHE enabled, conceptually > we would like to have ECDHE as the first ciphers because it's the most > modern, performance and secure. However, this will also divide performance by a large factor (from 2x to 4x apparen

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

Antoine Pitrou added the comment: > MD5 has been disabled for SSL use due to it's weakness by: Apparently MD5 is already disabled by "HIGH:!SSLv2". -- ___ Python tracker ___ __

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

naif added the comment: It would be also useful to "Sort" the order of ciphers by it's strength. This is done by the parameter @STRENGTH" : >From http://www.openssl.org/docs/apps/ciphers.html "Additionally the cipher string @STRENGTH can be used at any point to sort the current cipher list i

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

naif added the comment: We could also disable all the ciphers that use MD5 for authentication: MD5 has been disabled for SSL use due to it's weakness by: - Firefox (All mozilla products now refuse any MD5 ciphers) https://www.thesslstore.com/blog/index.php/firefox-to-stop-supporting-md5-based-

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

naif added the comment: About ECDHE use as a default, prioritized key exchange method, google is using it along with RC4: http://www.julianevansblog.com/2011/11/https-encryption-increased-for-gmail-and-google.html -- ___ Python tracker

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

naif added the comment: Yes, i can do the test for the ordered set of ciphers with all the patches in-place, can build a custom python 3.2 with the patch applied. I would suggest to try to keep ECC/ECDH/ECDHE enabled, conceptually we would like to have ECDHE as the first ciphers because it's

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

Antoine Pitrou added the comment: > We must disable SSLv1 with !SSLv2, for example i am using just now > 'HIGH:!aNULL:!eNULL:!SSLv2:@STRENGTH' . Ok, thanks for the investigation. I think "HIGH:!aNULL:!eNULL:!SSLv2" is sufficient. -- ___ Python track

[issue13628] python-gdb.py: patch to improve support of optimized Python

STINNER Victor added the comment: > It is possible to retrieve "f" from the caller, PyEval_EvalCodeEx() It does not always work, but it works sometimes, so it's better to try :-) I applied my fix to Python 2.7, 3.2 and 3.3. lipython.py of Python 2.7 is outdated, it should be resynchronized wi

[issue13628] python-gdb.py: patch to improve support of optimized Python

Roundup Robot added the comment: New changeset 1cc8e9565339 by Victor Stinner in branch '2.7': Issue #13628: python-gdb.py is now able to retrieve more frames in the Python http://hg.python.org/cpython/rev/1cc8e9565339 -- ___ Python tracker

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

naif added the comment: To disable SSLv2 you must specifically disable it. Look, i tried a server we're working on http://github.com/hellais/tor2web that's running on: privacyresearch.infosecurity.ch port With 'HIGH:!aNULL:!eNULL' SSLv2 can connect: openssl s_client -connect privacyre

[issue13628] python-gdb.py: patch to improve support of optimized Python

Roundup Robot added the comment: New changeset 0b03cb97dac0 by Victor Stinner in branch '3.2': Issue #13628: python-gdb.py is now able to retrieve more frames in the Python http://hg.python.org/cpython/rev/0b03cb97dac0 New changeset 5e3a172bba89 by Victor Stinner in branch 'default': (Merge 3.2

[issue11867] Make test_mailbox deterministic

Charles-François Natali added the comment: Should be fixed now, thanks! -- resolution: -> fixed stage: patch review -> committed/rejected status: open -> closed ___ Python tracker

[issue13635] Python SSL stack doesn't support ordering of Ciphers

Antoine Pitrou added the comment: The new option is now committed in 3.3. Thanks for the report! -- resolution: -> fixed stage: -> committed/rejected status: open -> closed ___ Python tracker ___

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

Antoine Pitrou added the comment: > - Disable SSLv2 It should be disabled automatically since the SSLv2 cipher suites are not part of "HIGH": see http://www.openssl.org/docs/apps/ciphers.html#SSL_v2_0_cipher_suites_ > - Enable ECC/ECDHE by default > - Enable DH/DHE by default These both req

[issue13635] Python SSL stack doesn't support ordering of Ciphers

Roundup Robot added the comment: New changeset c706f76c9ea8 by Antoine Pitrou in branch 'default': Issue #13635: Add ssl.OP_CIPHER_SERVER_PREFERENCE, so that SSL servers http://hg.python.org/cpython/rev/c706f76c9ea8 -- nosy: +python-dev ___ Python tr

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

naif added the comment: Ok for: 'HIGH:!aNULL:!eNULL' but also: - Disable SSLv2 - Enable ECC/ECDHE by default - Enable DH/DHE by default With this in place, i would then suggest to see which is the "Default ordered list of ciphers" with an SSL cipher scanner/wireshark. Then we would be able t

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

Antoine Pitrou added the comment: Here is a possible patch for 3.2. Probably needs a doc addition as well. -- keywords: +patch stage: needs patch -> patch review versions: +Python 2.7 Added file: http://bugs.python.org/file24051/default_ciphers.patch ___

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

Antoine Pitrou added the comment: Actually, it seems we want 'HIGH:!aNULL:!eNULL' to avoid non-encrypted and non-authenticated ciphers. > That way (but this is an approach to be discussed) we will pick-up > a set of widely secure ciphers Please read my message above and understand this faces

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

naif added the comment: >From Antoine Pitrou (pitrou): > Why don't you simple define your own default ciphers and call the > set_ciphers() method? > That said, we could perhaps call set_ciphers("HIGH") by default. This > excludes legacy ciphers (such as RC4, DES) without having us maintain an >

[issue11867] Make test_mailbox deterministic

Roundup Robot added the comment: New changeset c6d41dd60d2d by Charles-François Natali in branch '2.7': Issue #11867: Make test_mailbox.test_lock_conflict deterministic (and fix a http://hg.python.org/cpython/rev/c6d41dd60d2d New changeset 0053b7c68a02 by Charles-François Natali in branch '3.2'

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

Antoine Pitrou added the comment: As I said, I don't think maintaining an explicit list of ciphers ourselves is reasonable, since there are no crypto experts (AFAICT) amongst the Python core developers. Also, maintaining an explicit list of ciphers means people wouldn't benefit automatically

[issue13627] Python SSL stack doesn't support Elliptic Curve ciphers

naif added the comment: Created a ticket there for a default-setting: Python SSL Stack doesn't have a Secure Default set of ciphers http://bugs.python.org/issue13636 -- ___ Python tracker

[issue13627] Python SSL stack doesn't support Elliptic Curve ciphers

Antoine Pitrou added the comment: > If you want we can open a discussion within Tor Project to have a > "rationale method" to define a set of "default ciphers" considering > the ration of security/performance/compatibility. Why don't you simple define your own default ciphers and call the set_c

[issue13636] Python SSL Stack doesn't have a Secure Default set of ciphers

New submission from naif : By default the Python SSL/TLS Stack (client/server) expose unsecure protocols (SSLv2) and unsecure ciphers (EXPORT 40bit DES). This ticket is about defining a set of secure ciphers that should also provide maximum performance and compatibility, in order to allow any

[issue13634] Python SSL stack doesn't support Compression configuration

Antoine Pitrou added the comment: So, there are two things here: - allow to disable compression (it's enabled by default AFAICT) using the SSL_OP_NO_COMPRESSION flag - allow to query compression status on SSL sockets using the SSL_get_current_compression() API -- nosy: +pitrou stage:

[issue13635] Python SSL stack doesn't support ordering of Ciphers

naif added the comment: Looking at the code from mod_ssl i would say that this is the preference required https://issues.apache.org/bugzilla/show_bug.cgi?id=28665 -- ___ Python tracker ___

[issue13627] Python SSL stack doesn't support Elliptic Curve ciphers

naif added the comment: The Tor Project is composed of Cryptography experts, thus i am opening that ticket cause with our group we're implementing Tor2web based on Python that require *strict* security requirements for crypto. The Tor Project heavily use Python for most of tools. If you want

[issue13635] Python SSL stack doesn't support ordering of Ciphers

Antoine Pitrou added the comment: Apparently it's just a matter of exposing SSL_OP_CIPHER_SERVER_PREFERENCE? -- nosy: +pitrou type: security -> enhancement versions: -Python 2.6, Python 2.7, Python 3.1, Python 3.2, Python 3.4 ___ Python tracker

[issue13626] Python SSL stack doesn't support DH ciphers

naif added the comment: In the meantime i added two other tickets on security and performance improvements of Python SSL support, to make it really complete and comparable to Apache/Dovecot/PHP in terms of configuration and capability: Python SSL stack doesn't support ordering of Ciphers htt

[issue13626] Python SSL stack doesn't support DH ciphers

Antoine Pitrou added the comment: > Wow, i saw your patch for ECC SSL ciphers on > http://bugs.python.org/issue13627 . > > Do you think we can use the same method/concept as > ssl.OP_SINGLE_ECDH_USE but ssl.OP_SINGLE_DH_USE for DH? Of course. -- _

[issue13627] Python SSL stack doesn't support Elliptic Curve ciphers

Antoine Pitrou added the comment: > So, with this patch it should be possible to strictly enable ciphers such as: > ECDHE-RSA-AES256-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1 > ECDHE-ECDSA-AES256-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1 > ECDH-RSA-AES256-SHASSLv3 Kx=E

[issue13635] Python SSL stack doesn't support ordering of Ciphers

New submission from naif : The list of Ciphers for Python SSL binding for OpenSSL cannot be ordered in a specific list of preference. This is a requirement for strict security environment where the ordered cipher list it's very important. Apache support the ordering of ciphers trough the conf

[issue13634] Python SSL stack doesn't support Compression configuration

New submission from naif : TLSv1 support compression with gzip/deflate that can provide for a lot of protocols a great improvement (just think about SIP/TLS or IMAP) in terms of bandwidth. Currenly Python SSL stack based on OpenSSL doesn't allow the configuration (enabling/disabling/forcing)

[issue13626] Python SSL stack doesn't support DH ciphers

naif added the comment: Wow, i saw your patch for ECC SSL ciphers on http://bugs.python.org/issue13627 . Do you think we can use the same method/concept as ssl.OP_SINGLE_ECDH_USE but ssl.OP_SINGLE_DH_USE for DH? -- ___ Python tracker

[issue13627] Python SSL stack doesn't support Elliptic Curve ciphers

naif added the comment: So, with this patch it should be possible to strictly enable ciphers such as: ECDHE-RSA-AES256-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1 ECDHE-ECDSA-AES256-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1 ECDH-RSA-AES256-SHASSLv3 Kx=ECDH/RSA Au=ECDH En

[issue11867] Make test_mailbox deterministic

Antoine Pitrou added the comment: Charles-François's patch looks good to me. -- nosy: +pitrou ___ Python tracker ___ ___ Python-bugs-

[issue13627] Python SSL stack doesn't support Elliptic Curve ciphers

Antoine Pitrou added the comment: Here is a patch adding a set_ecdh_curve() method on SSL contexts, and a ssl.OP_SINGLE_ECDH_USE option flag. This is enough to enable ECDH with compatible clients (I've tested with Firefox and openssl s_client). -- keywords: +patch stage: needs patch -

[issue11867] Make test_mailbox deterministic

Charles-François Natali added the comment: > Probably because I'm a threading/multiprocessing neophyte :) That's a very good reason :-) Here's a version using two multiprocessing events. Note that I use timeouts for wait() just to avoid being stuck if something goes wrong: the test now runs in

[issue13565] test_multiprocessing.test_notify_all() hangs on "AMD64 Snow Leopard 02 03.x"

Charles-François Natali added the comment: I think this could be due to the multiprocessing manager's server socket backlog value, which is a little too low: by default, it's set to 5, and the tests launch up to 3 threads and 3 processes in parallel, so if we're unlucky with the scheduling, w

[issue13550] Rewrite logging hack of the threading module

Charles-François Natali added the comment: I'm personally +1 on removing the verbose thing altogether: - it's ugly - I doubt it's really useful (I mean, printing to stderr - which is often line buffered or unbuffered - upon every action will probably change the timing) - it also brings some pro

[issue13631] readline fails to parse some forms of .editrc under editline (libedit) emulation on Mac OS X

Changes by Ned Deily : -- nosy: +ned.deily ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.o