zodalahtathi added the comment:
I think it does, when passing a context with ssl_context.verify_mode !=
ss.CERT_NONE, and when not setting the check_hostname parameter:
1. will_verify will be True
(https://hg.python.org/cpython/file/3.4/Lib/http/client.py#l1207)
2. check_hostname will be True
zodalahtathi added the comment:
Thank you
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22960
___
___
Python-bugs-list mailing list
Serhiy Storchaka added the comment:
The more I think about it, the more doubt. This patch added a behavior that is
incompatible with the regex module. The regex module proceeds lookbehind
assertions in the opposite direction, from right to left. This allows it to
work with lookbehind
Benjamin Peterson added the comment:
As the documentation says If context is specified and has a verify_mode of
either CERT_OPTIONAL or CERT_REQUIRED, then by default host is matched against
the host name(s) allowed by the server’s certificate. If you want to change
that behaviour, you can
Serhiy Storchaka added the comment:
Bruno, could you please sign a Contributor Licensing Agreement?
http://www.python.org/psf/contrib/contrib-form/
http://www.python.org/psf/contrib/
--
assignee: - serhiy.storchaka
stage: - commit review
type: - enhancement
Alex Gaynor added the comment:
This will cause it to not validate in some cases where it currently is
validating? That seems like a regression to me.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22959
Benjamin Peterson added the comment:
On Sun, Nov 30, 2014, at 11:20, Alex Gaynor wrote:
Alex Gaynor added the comment:
This will cause it to not validate in some cases where it currently is
validating? That seems like a regression to me.
I suppose. Certainly, none of the default cases
Roundup Robot added the comment:
New changeset d1f7c3f45ffe by Benjamin Peterson in branch '3.4':
backout 9fcf4008b626 (#9179) for further consideration
https://hg.python.org/cpython/rev/d1f7c3f45ffe
New changeset f385bc6e6e09 by Benjamin Peterson in branch 'default':
merge 3.4 (#9179)
Benjamin Peterson added the comment:
I just backed out the change. Thanks for brining up the issue.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue9179
___
Changes by Serhiy Storchaka storch...@gmail.com:
--
assignee: - serhiy.storchaka
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22095
___
___
zodalahtathi added the comment:
I agree that changing a default to something less secure is not something to do
lightly, however I think forcing a check that is explicitly disabled is a bug
and can be counter productive security wise.
People who don't have time to look at the stdlib code, and
Serhiy Storchaka added the comment:
What would be the best solution for 2.7?
Here is a patch which forbids any group references in lookbehind assertions
(they are not work currently and users shouldn't use them).
--
stage: - patch review
Added file:
Roundup Robot added the comment:
New changeset 64bb01bce12c by Serhiy Storchaka in branch 'default':
Issue #22902: The ip command is now used on Linux to determine MAC address
https://hg.python.org/cpython/rev/64bb01bce12c
--
nosy: +python-dev
___
Serhiy Storchaka added the comment:
Thank you for your contribution Bruno.
--
resolution: - fixed
stage: commit review - resolved
status: open - closed
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22902
Benjamin Peterson added the comment:
On Sun, Nov 30, 2014, at 12:55, Serhiy Storchaka wrote:
Serhiy Storchaka added the comment:
What would be the best solution for 2.7?
You can pick. I just always favor not changing things for release
candidates.
Here is a patch which forbids any
Serhiy Storchaka added the comment:
Updated documentation. If there are no objections I'll commit
re_forbid_groupref_in_lookbehind-2.7_2.patch to 2.7 and 3.4. For 3.5 I prefer
to add support of group references.
--
Added file:
Dmitry Kazakov added the comment:
Revisiting this issue, I realize that I made quite a few mistakes (because this
was the first issue I submitted). The patch is definitely minor, and I'm no
longer interested in it. This issue may now be closed. Cheers.
--
Changes by Dmitry Kazakov jsb...@gmail.com:
--
status: open - closed
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22619
___
___
Python-bugs-list
Simeon Visser added the comment:
Is it worth clarifying that __init__ can return a value but only the value
None? The following won't raise a TypeError:
class O(object):
def __init__(self):
return None
Admittedly the return None is the default behaviour but people may attempt
Changes by Dmitry Kazakov jsb...@gmail.com:
--
status: closed - open
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22619
___
___
Python-bugs-list
R. David Murray added the comment:
I'm not familiar with app-engine, so I don't understand the code snippet in the
stackoverflow issue. But what is happening here is that whatever it is you've
supplied as the 'to' address is not a string, but sendmail expects it to be.
Now, since rcpt
R. David Murray added the comment:
And, therefore, a missing test :(. This probably snuck in when we refactored
the CLI.
--
nosy: +r.david.murray
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22966
Pekka Klärck added the comment:
For me this isn't too high priority. I typically install Python for all users
on Windows anyway, and recommend that also for my clients. I just tested this
RC to see how (ensure)pip works in practice, decided to install only for the
current user, was very happy
Serhiy Storchaka added the comment:
Updated patch provides JSONDecodeError without end* attributes and with changed
message for Extra data.
--
Added file: http://bugs.python.org/file37328/json_JSONDecodeError_2.patch
___
Python tracker
Serhiy Storchaka added the comment:
Does it look good to you Benjamin?
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22943
___
___
Benjamin Peterson added the comment:
Yes, please apply.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue22943
___
___
Python-bugs-list mailing
New submission from KHH:
When compiling with the ./configure --without-signal-module the configure file
adds Parser/intrcheck.o to SIGNAL_OBJS, but the corresponding
Parser/intercheck.c has been removed from the build tree.
Removing the Parser/intrcheck.o causes the build to fail due to
Ned Deily added the comment:
Clearly we need to support openssl's without SSLv3 so I think some version of
this needs to be applied to all branches (preferably in time for 2.7.9,
Benjamin?). Kurt, if you haven't already, could you sign the contributor
agreement so we can use the patch
New submission from David Coles:
If a task that is waiting on an asyncio.Condition is cancelled after
notification but before having successfully reacquired the associated lock, the
acquire() will be cancelled causing wait() to return without the lock held
(violating wait()'s contract and
29 matches
Mail list logo