[issue32954] Lazy Literal String Interpolation (PEP-498-based fl-strings)

Arcadiy Ivanov added the comment: As an example this is the current state of affairs: >>> def x(): ... foo = "foo" ... s1 = f"S1 value {foo}" ... s2 = f"S2 value {s1}" ... print(s2) ... >>> dis.dis(x) 2 0 LOAD_CONST 1 ('foo') 2 STORE_FAST

[issue32954] Lazy Literal String Interpolation (PEP-498-based fl-strings)

Serhiy Storchaka added the comment: class FL: def __init__(self, func): self.func = func def __str__(self): return self.func() extra = FL(lambda: f'{extra},waiters:{len(self._waiters)}') -- nosy: +serhiy.storchaka ___ Python

[issue32954] Lazy Literal String Interpolation (PEP-498-based fl-strings)

New submission from Arcadiy Ivanov : I'd like to start a discussion on/gauge interest for introducing an enhancement to PEP-498 in a form of delayed/lazy/lambda f-string. The proposed change is, conceptually, minor and would not differ from PEP-498 syntactically at all except for string prefix

[issue31711] ssl.SSLSocket.send(b"") fails

Christian Heimes added the comment: The message "EOF occurred in violation of protocol" is set by Python. Python maps SSL_ERROR_SYSCALL with SSL error code == 0 and len == 0 to that error message. https://github.com/python/cpython/blob/master/Modules/_ssl.c#L682-L689 https://github.com/pytho

[issue32610] asyncio.all_tasks() should return only non-finished tasks.

Andrew Svetlov added the comment: After re-thinking I come to another idea: let's keep `all_tasks()` behavior as is but add an `active_tasks()` function for returning all non-finished tasks. It should be done in Python 3.8 -- versions: +Python 3.8 -Python 3.7

[issue32932] better error message when __all__ contains non-str objects

Serhiy Storchaka added the comment: I was fooled by similarity of Python and C code, but actually Python and C code are not different implementations of the same algorithm, they have different purposes. The purpose of _bootstrap._handle_fromlist() is importing requested submodules first than

[issue30141] If you forget to call do_handshake, then everything seems to work but hostname checking is disabled

Nathaniel Smith added the comment: I agree that backporting X509_VERIFY_PARAM_set1_host is unreasonable, at least until the openssl ecosystem has moved forward a bit. But in earlier versions, would it be easy to detect that do_handshake() hasn't been called and raise an error? The docs say y

[issue32929] Change dataclasses hashing to use unsafe_hash boolean (default to False)

Eric V. Smith added the comment: New changeset 4cffe2f66b581fa7538f6de884d54a5c7364d8e0 by Eric V. Smith (Miss Islington (bot)) in branch '3.7': bpo-32929: Dataclasses: Change the tri-state hash parameter to the boolean unsafe_hash. (GH-5891) (GH-5902) https://github.com/python/cpython/commit

[issue31711] ssl.SSLSocket.send(b"") fails

Nathaniel Smith added the comment: If openssl says the behavior is undefined, then don't we have to first make it defined before we can document it? And if we're going to detect this case and guarantee some behavior, making it a no-op like it is on regular sockets seems the way to go...

[issue30141] If you forget to call do_handshake, then everything seems to work but hostname checking is disabled

Christian Heimes added the comment: Correct, the fix is in 3.7 and 3.8 only. I don't see a realistic way to address the problem in 3.6 and 2.7 without breaking people on old LTS releases and BSD. (The bug tracker changes status automatically when you reply to a pending ticket.) -- re

[issue32932] better error message when __all__ contains non-str objects

Nick Coghlan added the comment: I +1'ed Serhiy's patch for issue 32946, so we'll have to take that micro-optimisation into account if we decide to rely on the Python level `_handle_fromlist` to cover the "*" import case. Given that optimisation, it's probably simpler to just enhance the C err

[issue29612] TarFile.extract() suffers from hard links inside tarball

Joachim Trouverie added the comment: I created a PR for this issue for Python 2.7 (https://github.com/python/cpython/pull/5753/files). I just skip the link creation if the target path is equals to the link target. I don't see any corner case where this would be an unwanted behavior. I am not

[issue31711] ssl.SSLSocket.send(b"") fails

Christian Heimes added the comment: It's a bit too late to change the behavior of send(). Let's document the issue instead. -- assignee: christian.heimes -> docs@python components: +Documentation nosy: +alex, docs@python, dstufft, janssen, njs stage: -> needs patch versions: +Python 2

[issue32533] SSLSocket read/write thread-unsafety

Change by Christian Heimes : -- assignee: christian.heimes -> steve.dower stage: -> needs patch versions: +Python 3.8 ___ Python tracker ___ ___

[issue15670] PEP 3121, 384 Refactoring applied to ssl module

Change by Christian Heimes : -- versions: +Python 3.8 -Python 3.7 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscrib

[issue28453] SSLObject.selected_alpn_protocol() not documented

Change by Christian Heimes : -- stage: -> needs patch versions: +Python 3.8 ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue30226] Modernize make_ssl_certs

Change by Christian Heimes : -- versions: +Python 3.8 -Python 3.7 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscrib

[issue28695] Add SSL_CTX_set_client_cert_engine

Change by Christian Heimes : -- versions: +Python 3.8 -Python 3.7 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscrib

[issue32947] Support OpenSSL 1.1.1

Christian Heimes added the comment: Ned, Benjamin OpenSSL 1.1.1 is scheduled to be released just before 3.7.0rc1 will come out. I'd rather address as many issues now instead of adding last minute patches to the release candidate. Once OpenSSL 1.1.1 is out and Python 3.7 supports it, we can d

[issue32883] Key agreement parameters not accessible

Change by Christian Heimes : -- stage: -> needs patch versions: +Python 3.8 ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue30141] If you forget to call do_handshake, then everything seems to work but hostname checking is disabled

Nathaniel Smith added the comment: ...huh, not sure why that shows me changing the status. I just typed something in the text box, didn't touch any of the dropdowns... -- status: open -> pending ___ Python tracker

[issue32706] test_check_hostname() of test_ftplib started to fail randomly

Christian Heimes added the comment: Ned, I'm going to rewrite part of the test infrastructure during beta phase. The ssl module now works according to specifications. When the client doesn't recognize a hostname, it aborts the TLS connection with a TLS ALERT message. The old asynchat test sys

[issue30141] If you forget to call do_handshake, then everything seems to work but hostname checking is disabled

Nathaniel Smith added the comment: Do you mean, the fix is in 3.7 only? -- status: pending -> open ___ Python tracker ___ ___ Python

[issue31399] Let OpenSSL verify hostname and IP address

Christian Heimes added the comment: The feature has been implemented. I'll take care of the failing tests in #32706. -- resolution: -> fixed stage: patch review -> resolved status: open -> closed versions: +Python 3.8 ___ Python tracker

[issue29406] asyncio SSL contexts leak sockets after calling close with certain Apache servers

Christian Heimes added the comment: Andrew, Yury, PR 4402 is still open. Should the fix land in 3.7? I have removed the SSL component because it's not a bug in the ssl module. -- components: -SSL nosy: +christian.heimes versions: +Python 3.8 -Python 3.5 __

[issue17128] OS X system openssl deprecated - installer should build local libssl

Christian Heimes added the comment: Ned, is this issue still relevant? It targets 3.5 and hasn't seen much activity since 2016. -- status: open -> pending ___ Python tracker _

[issue32359] Add getters for all SSLContext internal configuration

Christian Heimes added the comment: Let's see how much we can fix in 3.8. Maybe I'll find enough free time to implement PEP 543 for Python 3.8. -- assignee: christian.heimes -> stage: -> needs patch type: -> enhancement versions: +Python 3.8 ___

[issue31727] FTP_TLS errors when use certain subcommands

Christian Heimes added the comment: Jonathan, are you able to provide a reproducer for this bug? I fear we cannot move forward without a way to test and reproduce the issue. -- assignee: christian.heimes -> status: open -> pending versions: +Python 3.8 ___

[issue18233] SSLSocket.getpeercertchain()

Change by Christian Heimes : -- versions: +Python 3.8 -Python 3.7 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscrib

[issue31892] ssl.get_server_certificate should allow specifying certificate / key type

Change by Christian Heimes : -- assignee: christian.heimes -> stage: -> needs patch versions: +Python 3.8 -Python 2.7, Python 3.6, Python 3.7 ___ Python tracker ___ __

[issue22365] SSLContext.load_verify_locations(cadata) does not accept CRLs

Change by Christian Heimes : -- assignee: christian.heimes -> components: -Extension Modules priority: normal -> low versions: +Python 3.8 -Python 3.7 ___ Python tracker ___ _

[issue32604] Expose the subinterpreters C-API in Python for testing use.

Nick Coghlan added the comment: _xxsubinterpreters has been added, and we'll use PEP 554 as the interim documentation while it's only exposed for testing purposes. -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ P

[issue31997] SSL lib does not handle trailing dot (period) in hostname or certificate

Christian Heimes added the comment: I'm closing this bug as "not a bug" because it works as intended. The trailing dot has to be handled in the application layer. -- resolution: -> not a bug stage: -> resolved status: open -> closed ___ Python tra

[issue31372] Add SSLSocket.get_verify_result()

Change by Christian Heimes : -- versions: +Python 3.8 -Python 3.7 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscrib

[issue30525] Expose SCTs on TLS connections

Change by Christian Heimes : -- versions: +Python 3.8 -Python 3.7 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscrib

[issue29334] ssl.SSLObject method getpeercert() is buggy, do_handshake() is strange

Christian Heimes added the comment: The fix hasn't been ported to 2.7 yet. -- assignee: christian.heimes -> status: -> open ___ Python tracker ___ ___

[issue31242] Add SSLContext.set_verify_callback()

Change by Christian Heimes : -- stage: -> needs patch versions: +Python 3.8 ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue18617] AIA chasing for missing intermediate certificates on TLS connections

Change by Christian Heimes : -- assignee: docs@python -> christian.heimes stage: -> needs patch versions: +Python 3.8 -Python 3.7 ___ Python tracker ___ ___

[issue19500] ftplib: Add client-side SSL session resumption

Christian Heimes added the comment: It's now an ftplib issue. It's too late to land a new feature in 3.7 because we have reached feature freeze. -- assignee: christian.heimes -> components: -Documentation, SSL priority: high -> low title: Add client-side SSL session resumption -> ft

[issue30141] If you forget to call do_handshake, then everything seems to work but hostname checking is disabled

Christian Heimes added the comment: The bug has been fixed in #31399. Since 3.7, Python uses OpenSSL's X509_VERIFY_PARAM_set1_host() to verify the host name during the handshake. Unfortunately the fix is in OpenSSL 1.0.2 only. Backport would break compatibility with OpenSSL 1.0.1 and all curr

[issue21417] Compression level for zipfile

Serhiy Storchaka added the comment: I have a concern about the _compresslevel attribute of ZipInfo. Why is it underscored and not documented? -- nosy: +serhiy.storchaka ___ Python tracker ___

[issue32257] Support Disabling Renegotiation for SSLContext

Christian Heimes added the comment: The OP_NO_RENEGOTIATION option prevents renegotiation in TLS 1.2 and lower. Renegotiation is a problematic TLS feature that has led to security issues like CVE-2009-3555. TLS 1.3 has removed renegotiation completely in favor of much more reliable and simple

[issue32257] Support Disabling Renegotiation for SSLContext

Change by Christian Heimes : -- pull_requests: +5673 stage: -> patch review ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue32949] Simplify "with"-related opcodes

Serhiy Storchaka added the comment: Updated PR seems fixes issue29988 for synchronous "with". -- ___ Python tracker ___ ___ Python-b

<    1   2