Re: [Python-Dev] csv changed from python 2.4 to 2.5

Nick Craig-Wood wrote: > Christian K <[EMAIL PROTECTED]> wrote: [...] >> Python 2.5.1 (r251:54863, May 2 2007, 16:56:35) >> [GCC 4.1.2 (Ubuntu 4.1.2-0ubuntu4)] on linux2 >> Type "help", "copyright", "credits" or "licen

Re: [Python-Dev] PEP 476: Enabling certificate validation by default!

root certificates. Christian ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] PEP 476: Enabling certificate validation by default!

a081/Lib/ssl.py#l376 Christian PS: SSL_CERT_DIR and SSL_CERT_FILE are the default names. It's possible to change the names in OpenSSL. ssl.get_default_verify_paths() returns the names and paths to the default verify locations. ___ Python-Dev mailing list Py

Re: [Python-Dev] PEP 476: Enabling certificate validation by default!

e, too. The certificate is trusted for any and all connections. Python's SSL module has no way to trust a specific certificate for a host. Christian ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-de

Re: [Python-Dev] PEP 476: Enabling certificate validation by default!

identify a certificate. For example it's used in Google's CRLSet. http://dev.chromium.org/Home/chromium-security/crlsets * the cert validation exception could use some additional information. There are probably some more things mising. An X509 object would help, too. Christian ___

Re: [Python-Dev] PEP 476: Enabling certificate validation by default!

x27;s wiki has an example for the expired certs http://wiki.openssl.org/index.php/Manual:X509_STORE_CTX_set_verify_cb%283%29#EXAMPLES Christian ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] PEP 476: Enabling certificate validation by default!

own. It's fully backward compatible, doesn't add any flags and developers have the full power of Python for configuration and customization. Christian ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev

Re: [Python-Dev] PEP 476: Enabling certificate validation by default!

:( https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1207004 Christian ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] PEP 476: Enabling certificate validation by default!

ied > "sslcustomize", just as they disable "import site". A malicious package can already play havoc with your installation with a custom ssl module. If somebody is able to sneak in a ssl.py then you are screwed anyway. sslcust

Re: [Python-Dev] PEP 476: Enabling certificate validation by default!

On 01.09.2014 17:35, Nick Coghlan wrote: > Oh, now I get what you mean - yes, sitecustomize already poses the same > kind of problem as the proposed sslcustomize (hence the existence of the > related command line options). If an attacker is able to place a module like sitecustomize.py in an import

Re: [Python-Dev] PEP 476: Enabling certificate validation by default!

s and more. In order to write useful verify callbacks me or somebody else has to write a X509_STORE_CTX type and X509 cert type. It's something I want to do for more than a year but I don't find any spare time. :( Christian ___ Python-Dev maili

Re: [Python-Dev] Sad status of Python 3.x buildbots

my person: i am christian staffa and actually living in germany. Chris Sent from my Sony Xperia™ smartphone Nick Coghlan wrote >___ >Python-Dev mailing list >Python-Dev@python.org >https://mail.python.org/mailman/listinf

Re: [Python-Dev] PEP 476: Enabling certificate validation by default!

e certificate is valid, not expired and its CN or SAN matches the hostname of the service. When the hostname doesn't match then you have to set context.check_hostname = False Christian ___ Python-Dev mailing list Python-Dev@python.org https://ma

Re: [Python-Dev] PEP 476: Enabling certificate validation by default!

e SSL handshake properly. The default settings must stay until we decide to backport the context argument and have a way to configure the default behavior. Nick and me are planing a PEP. Christian ___ Python-Dev mailing list Python-Dev@python.org http

Re: [Python-Dev] PEP 476: Enabling certificate validation by default!

2.7.9 will have the same feature set as Python 3.4. Christian ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] PEP 476: Enabling certificate validation by default!

up with. You are welcome! :) I like to see cert checks in Python 2.7, too. Eventually Python 2.7 should have them enabled by default or at least have one very simple way to enable them globally. Right now we aren't there yet. Perhaps Python 2.7.10 or 2.7.11 will have

Re: [Python-Dev] Backwards compatibility after certificate autovalidation

clean but simple interface for structured configuration. Monkey patching of stdlib modules is ugly and error-prone. Christian ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] PEP476: Enabling certificate validation by default

On 19.09.2014 18:53, Alex Gaynor wrote: > Hi all, > > I've just updated the PEP to reflect the API suggestions from Nick, and the > fact that the necessary changes to urllib were landed. > > I think this is ready for pronouncement, Guido? There is still the issue with SSL_CERT_DIR and SSL_CERT_F

Re: [Python-Dev] PEP476: Enabling certificate validation by default

On 21.09.2014 01:03, Nick Coghlan wrote: > We may also need some clarification from Ned regarding the status of > OpenSSL and the potential impact switching from dynamic linking to > static linking of OpenSSL may have in terms of the > "OPENSSL_X509_TEA_DISABLE" setting. You may want to ask Hynek,

Re: [Python-Dev] Microsoft Visual C++ Compiler for Python 2.7

On 26.09.2014 20:01, Steve Dower wrote: > Hi all, > > (This is advance notice since people on this list will be interested. > Official announcements are coming when setuptools makes their next release.) > > Microsoft has released a compiler package targeting Python 2.7 (i.e. VC9). > We've produ

Re: [Python-Dev] bytes-like objects

buffer protocol"""? cheers - Chris -- Christian Tismer :^) tis...@stackless.com Software Consulting : http://www.stackless.com/ Karl-Liebknecht-Str. 121 : http://www.pydica.net/ 14482 Potsdam: GPG key -> 0xFB7B

Re: [Python-Dev] Fixing 2.7.x

V with an extent over more than 10 years. I believe, such a thing does not exist for the Python 3.X series at all. My impression is that no 3.X user ever would want to stick with any older version. Is that true, or am I totally wrong? cheers -- Chris - -- Christian Tismer

[Python-Dev] shebang policy, and pip

n__ file. I guess this is wrong and should be in the executable file, which is __main__ . cheers - Chris - -- Christian Tismer :^) tis...@stackless.com Software Consulting : http://www.stackless.com/ Karl-Liebknecht-Str. 121 : http://www.py

Re: [Python-Dev] shebang policy, and pip

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 08.10.14 14:20, Donald Stufft wrote: > >> On Oct 8, 2014, at 6:16 AM, Christian Tismer wrote: >> >> >> ... >> >> So is there anything officially preferred, and should that go into pep 8? > > Some ed

Re: [Python-Dev] libffi embedded in CPython

ed in the diff file https://hg.python.org/cpython/file/3de678cd184d/Modules/_ctypes/libffi.diff . The file *should* be up to date. Christian ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsu

Re: [Python-Dev] Starting CPython development w/ Docker

th speed up the build process a lot. For ccache you have to install the package and put /usr/lib64/ccache in front of PATH. Christian -BEGIN PGP SIGNATURE- iQEcBAEBCgAGBQJVNRgSAAoJEIZoUkkhLbaJZF0IAJQHcVJvxCnWXjtnsgW7y4Rc sTccSCvBU6Qlwghnb8jn5+fMLGpgBpT1JQqvX8jdzXS

Re: [Python-Dev] Fwd: Coverity Scan update

must have sent it out to the initial project owner. I'm planning to do a final round of fixes when the first beta is out. Currently CPython is down to about 5 issues. The new version might reveal additional problems or false-positives. Let's see if I can get it down to zero again. Christia

Re: [Python-Dev] PEP 553: Built-in debug()

oach can be augmented to allow calling a class method, too. So "package.module:myclass.classfunc" would do : from package.module import myclass myclass.classfunc Regards, Christian [1] https://setuptools.readthedocs.io/en/latest/setuptools.html#automatic-script-creation __

[Python-Dev] make multissltests

2.5.3 * LibreSSL 2.5.5 Christian ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Investigating time for `import requests`

ssl.match_hostname with OpenSSL function. The ssl module will no longer depend on re and ipaddress module. > ssl itself took 2.9 ms.  It's because ssl has six enums. Why are enums so slow? Christian ___ Python-Dev mailing list Python-Dev@pytho

[Python-Dev] Python startup optimization: script vs. service

into functions or implementing lazy modes, until we have figured out how to satisfy requirements of both scripts and long running services. We probably need a PEP... Christian ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mail

Re: [Python-Dev] Python startup optimization: script vs. service

Python optimized for long-running processes and introduce a new mode / option to optimize for short-running scripts. Christian ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.

Re: [Python-Dev] Python startup optimization: script vs. service

n importlib that handles deferred imports: modulename = importlib.deferred_import('modulename') def deferred_import(name): if name in sys.modules: # special case 'None' here return sys.modules[name] else: return ModuleProxy(name) ModuleProxy is a module type

Re: [Python-Dev] Python startup optimization: script vs. service

On 2017-10-02 16:59, Barry Warsaw wrote: > On Oct 2, 2017, at 10:48, Christian Heimes wrote: >> >> That approach could work, but I think that it is the wrong approach. I'd >> rather keep Python optimized for long-running processes and introduce a >> new mode / opti

Re: [Python-Dev] Python startup optimization: script vs. service

On 2017-10-02 19:29, Brett Cannon wrote: > My current design for an opt-in lazy importing setup includes an > explicit function for importlib that's mainly targeted for the stdlib > and it's startup module needs, but could be used by others: > https://notebooks.azure.com/Brett/libraries/di2Btqj7zSI

Re: [Python-Dev] [edk2] Official port of Python on EDK2

at is Python 3). I would > be interested in hearing your thoughts on this idea. In general your proposal sounds like a good idea. A new platform may require a PEP, though. You can start now by submitting pull requests for the header fixes. Even in the case we decide not to support E

[Python-Dev] unittest isolation and warnings

er. My question: Is that known, and is that intended? To what extent are the test cases isolated from each other? I do admit that my usage of warnings is somewhat special. But it is very convenient to report many errors on remote servers. Cheers -- Chris -- Christian Tismer :^)

Re: [Python-Dev] unittest isolation and warnings

test for > the exception (I'm at the airport, hence why I don't know the name of > the context manager; the warnings module docs actually have a sample on > how best to write tests the involve warnings). > > > On Fri, Nov 17, 2017, 01:34 Christian Tismer, <mailto:t

Re: [Python-Dev] What's the status of PEP 505: None-aware operators?

On 2017-11-28 21:31, Raymond Hettinger wrote: > >> I also cc python-dev to see if anybody here is strongly in favor or against >> this inclusion. > > Put me down for a strong -1. The proposal would occasionally save a few > keystokes but comes at the expense of giving Python a more Perlish lo

[Python-Dev] [ssl] The weird case of IDNA

s is an backwards incompatible fix. On the other hand, IDNA is totally broken without the fix. Also in my opinion, PR [3] is not going far enough. Since we have to break backwards compatibility anyway, I'd like to modify SSLContext.set_servername_callback() at the same time. Questions: - Is

Re: [Python-Dev] [ssl] The weird case of IDNA

On 2017-12-30 11:28, Antoine Pitrou wrote: > On Fri, 29 Dec 2017 21:54:46 +0100 > Christian Heimes wrote: >> >> On the other hand ssl module is currently completely broken. It converts >> hostnames from bytes to text with 'idna' codec in s

Re: [Python-Dev] [ssl] The weird case of IDNA

NA 2008 support [1] can be considered a security problem for German, Greek, Japanese, Chinese and Korean domains [2]. I neither have resources nor expertise to address the encoding issue. Christian [1] https://bugs.python.org/issue17305 [2] https://www.unicode.org/

[Python-Dev] subprocess not escaping "^" on Windows

hon by some shell=True replacement (emulate_shell=True?) to match the normal user expectations without using the shell? Cheers - Chris -- Christian Tismer-Sperling:^) tis...@stackless.com Software Consulting : http://www.stackless.com/ Karl-Liebknecht-Str. 121 : https:/

Re: [Python-Dev] subprocess not escaping "^" on Windows

follow that code completely, but I see that it escapes double > quotes. Why is there a need to escape other characters? Is there a > definitive list of special characters somewhere? > > On Sun, Jan 7, 2018 at 8:17 AM, Christian Tismer <mailto:tis...@stackless.com>> wrote: >

Re: [Python-Dev] subprocess not escaping "^" on Windows

correct. And that is not trivial, either. On 07.01.18 18:22, Guido van Rossum wrote: > On Sun, Jan 7, 2018 at 8:17 AM, Christian Tismer <mailto:tis...@stackless.com>> wrote: > > As a side note: In most cases where shell=True is found, people > seem to need evalua

Re: [Python-Dev] subprocess not escaping "^" on Windows

Ok, I thought only about Windows where people often use shell=True. I did not see that as a Linux problem, too. Not meant as a proposal, just loud thinking... :-) But as said, the incomplete escaping is a complete mess. Ciao -- Chris On 07.01.18 19:54, Christian Tismer wrote: > By "nor

Re: [Python-Dev] subprocess not escaping "^" on Windows

access to > a Windows box to try it) but on Windows that would create *two* > arguments, the first one being 'a b' and the second one 'c'. > > At this point I can understand that Christian recommends against > shell=True -- it

[Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3

r Linux and BSD distributions have at least 1.0.2 [6]. The only relevant exception is Ubuntu 14.04 LTS, because Travis CI is running 14.04. PR 3562 [7] contains a PoC to compile a custom build of OpenSSL on Travis. Builds are cached. Regards, Christian [1] https://github.com/tiran/peps/blob/sslmodule37/pep-999

Re: [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3

On 2018-01-13 14:23, Antoine Pitrou wrote: > On Sat, 13 Jan 2018 13:54:33 +0100 > Christian Heimes wrote: >> >> If we agree to drop support for OpenSSL 0.9.8 and 1.0.1, then I can land >> bunch of useful goodies like proper hostname verification [2], proper >> fix fo

[Python-Dev] Deprecate PEP 370 Per user site-packages directory?

ut -s or -I option. I propose to deprecate the feature and remove it in Python 4.0. Regards, Christian [1] https://www.python.org/dev/peps/pep-0370/ ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/

Re: [Python-Dev] Deprecate PEP 370 Per user site-packages directory?

On 2018-01-13 19:04, Random832 wrote: > On Sat, Jan 13, 2018, at 12:06, Christian Heimes wrote: >> Hi, >> >> PEP 370 [1] was my first PEP that got accepted. I created it exactly one >> decade and two days ago for Python 2.6 and 3.0. Back then we didn't have >>

Re: [Python-Dev] Deprecate PEP 370 Per user site-packages directory?

On 2018-01-13 20:08, Oleg Broytman wrote: > Hi! > > On Sat, Jan 13, 2018 at 06:06:16PM +0100, Christian Heimes > wrote: >> Hi, >> >> PEP 370 [1] was my first PEP that got accepted. I created it exactly one >> decade and two days ago for Python 2.6 and 3.0.

Re: [Python-Dev] Deprecate PEP 370 Per user site-packages directory?

On 2018-01-13 19:57, Antoine Pitrou wrote: > On Sat, 13 Jan 2018 19:18:41 +0100 > Christian Heimes wrote: >> On 2018-01-13 19:04, Random832 wrote: >>> On Sat, Jan 13, 2018, at 12:06, Christian Heimes wrote: >>>> Hi, >>>> >>>> PEP 370 [1]

Re: [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3

or Fedora would do the trick, though. Maybe Barry's work on official test container could leveraged testing? Regards, Christian ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: htt

Re: [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3

On 2018-01-14 01:03, Steven D'Aprano wrote: > On Sat, Jan 13, 2018 at 02:23:19PM +0100, Antoine Pitrou wrote: >> On Sat, 13 Jan 2018 13:54:33 +0100 >> Christian Heimes wrote: >>> >>> If we agree to drop support for OpenSSL 0.9.8 and 1.0.1, then I can land &

Re: [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3

ing Travis to give them a head's up and see > how likely it is that they'll be able to support Python 3.7 if it > requires a newer version of these libraries. Unless my proposal isn't rejected, I'll contact Travis CI tomorrow. Christian ___

Re: [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3

On 2018-01-14 11:17, Antoine Pitrou wrote: > On Sat, 13 Jan 2018 23:45:07 +0100 > Christian Heimes wrote: >> On 2018-01-13 21:02, Brett Cannon wrote: >>> +1 from me as well for the improved security. >> >> Thanks, Brett! >> >> How should we handle CP

Re: [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3

licated to handle than libffi. It's a constant moving targets of attacks. Vendors and distributions also have different opinions about trust store and policies. Let's keep build dependencies a downstream and vendor problem. Christian [1] https://twitter.com/lukasaoz/status/872085966

Re: [Python-Dev] Deprecate PEP 370 Per user site-packages directory?

On 2018-01-14 04:16, Barry Warsaw wrote: > On Jan 13, 2018, at 12:06, Christian Heimes wrote: > >> These days a lot of packages are using setuptools' entry points to >> create console scripts. Entry point have no option to create a console >> script with -s or -I fl

Re: [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3

On 2018-01-14 16:54, Ned Deily wrote: > On Jan 14, 2018, at 08:39, Christian Heimes wrote: >> On 2018-01-14 09:24, Matt Billenstein wrote: >>> Correct me if I'm wrong, but Python3 on osx bundles openssl since Apple has >>> deprecated (and no longer ships the heade

Re: [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >=2.5.3

wn copy of OpenSSL on Windows. Nothing > to negotiate here except whether OpenSSL releases should trigger a > Python release, and I think that decision can stay with the RM. 3.7 will no longer use static linking. We can offer out-of-bounds updates of the OpenSSL DLLs. And by "we",

Re: [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3

neither expertise, knowledge, interest or resources to work on other implementations. AFAIK Steve would rather plug in Windows' cert validation API into OpenSSL than to provide another TLS implementation. For Apple ... no clue. How about you contact Apple support? Regards, Christian _

Re: [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3

FYI, master on Travis CI now builds and uses OpenSSL 1.1.0g [1]. I have created a daily cronjob to populate Travis' cache with OpenSSL builds. Until the cache is filled, Linux CI will take an extra 5 minute. Christian [1] https://github.com/python/cpython/pull

Re: [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL>=2.5.3

On 2018-01-16 22:47, Steve Dower wrote: > I think you mean out-of-band updates, and by “you” I'm going to pretend > you mean PyCA ;) Err, yes :) ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubs

[Python-Dev] LibreSSL support

On 2018-01-16 21:17, Christian Heimes wrote: > FYI, master on Travis CI now builds and uses OpenSSL 1.1.0g [1]. I have > created a daily cronjob to populate Travis' cache with OpenSSL builds. > Until the cache is filled, Linux CI will take an extra 5 minute. I have messed up my in

Re: [Python-Dev] LibreSSL support

ode. I cannot replace ssl.match_hostname() easily without the API. There might be a way to add a callback, but it would take a couple of days of R&D to implement it. It won't be finished for beta1 feature freeze. Christian ___ Python-Dev mailing

Re: [Python-Dev] LibreSSL support

On 2018-01-18 20:54, Wes Turner wrote: > LibreSSL is not a pressing need for me; but fallback to the existing > insecure check if LibreSSL is present shouldn't be too difficult? Please give it a try and report back. Patches welcome :)

Re: [Python-Dev] LibreSSL support

On 2018-01-18 21:49, Chris Jerdonek wrote: > > On Thu, Jan 18, 2018 at 7:34 AM Christian Heimes <mailto:christ...@python.org>> wrote: > > On 2018-01-16 21:17, Christian Heimes wrote: > We have two options until LibreSSL has addressed the issue: > >

Re: [Python-Dev] Drop support for old unsupported FreeBSD and Linux kernels?

t something, it will break quickly > without buildbot validation. Do you mean minor release? We haven't done a major release in about a decade. :) I was going to suggest a similar policy for OpenSSL. Christian ___ Python-Dev mailing list Pyth

Re: [Python-Dev] LibreSSL support

On 2018-01-19 10:43, Steve Holden wrote: > On Fri, Jan 19, 2018 at 12:09 AM, Nathaniel Smith <mailto:n...@pobox.com>> wrote: > > On Jan 18, 2018 07:34, "Christian Heimes" <mailto:christ...@python.org>> wrote: > > On 2018-01-16 21:

Re: [Python-Dev] LibreSSL support

On 2018-01-19 15:42, Christian Heimes wrote: > On 2018-01-19 10:43, Steve Holden wrote: >> On Fri, Jan 19, 2018 at 12:09 AM, Nathaniel Smith > <mailto:n...@pobox.com>> wrote: >> >> On Jan 18, 2018 07:34, "Christian Heimes" > <mailto:christ..

Re: [Python-Dev] Why is Python for Windows compiled with MSVC?

dows compiler for over 20 years now. IIRC Microsoft started to donate MSDN subscription for about 5 years and Steve has been helping out with Windows improvement for about 5 years. Christian ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

[Python-Dev] Deprecate crypt module and revert PR 3854

;d like to raise the motion to revert 3854 and deprecate the crypt module. The whole module should be rather moved into 3rd party library that wraps xcrypt. Regards, Christian [1] https://github.com/python/cpython/pull/3854 [2] https://www.phoronix.com/scan.php?page=news_item&px=Fedora-28-libx

Re: [Python-Dev] Deprecate crypt module and revert PR 3854

. It's a direct interface to /etc/shadown using Linux-only APIs. The shadow DB API requires root permission. I think it even circumvents system security policies and identity provider. tl;dr pwd + grp == good, required crypt + spwd == bad Regards, Christian (*) Most Linux distros

Re: [Python-Dev] A minimal Python interpreter written in Python for experimenting with language changes

igned for the purpose of allowing rapid > experimentation with the language, is on topic for this list. > > Well spoken! -- Christian Tismer-Sperling:^) tis...@stackless.com Software Consulting : http://www.stackless.com/ Karl-Liebknecht-Str. 121 : https://github.c

Re: [Python-Dev] Deprecate crypt module and revert PR 3854

On 2018-02-02 21:31, Antoine Pitrou wrote: > On Fri, 2 Feb 2018 16:23:20 +0100 > Christian Heimes wrote: >> Hi, >> >> in PR 3854 [1] Serhiy added blowfish, extended DES and NT-Hash to >> Python's crypt mdodule. I vetoed against addition of the APIs because >

Re: [Python-Dev] Deprecate crypt module and revert PR 3854

On 2018-02-02 21:21, Nathaniel Smith wrote: > On Feb 2, 2018 7:24 AM, "Christian Heimes" <mailto:christ...@python.org>> wrote: > > Shortly after the PR has landed, I was made aware that glibc has > deprecated crypt(3) API [2] and favor of an external li

Re: [Python-Dev] A minimal Python interpreter written in Python for experimenting with language changes

stay compatible, and where do you plan to deviate? The reason that I'm asking is that by compatible I mean the compatibility of PyPy. If you can reach that, and be it just by a subset, then it makes sense to speak of Python. Cheers - Chris -- Christian Tismer-Sperling:^) tis...@stackless.co

Re: [Python-Dev] Deprecate crypt module and revert PR 3854

m/tiran/legacycrypt . I'll release the package as soon as I find time to polish the documentation and give Serhiy his will deserved credit for his work. Christian ___ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/py

Re: [Python-Dev] Python Test suite hangining

ose whether your latest certs are so new compared to what > others who run the test suite are using that that's what is causing your > failure compared to others. Python's test suite should depend on public CAs. The issue in poplib is related to https://bugs.python.org/issue3

Re: [Python-Dev] Why is pickle.DEFAULT_PROTOCOL still 3?

t; > This is too late for 3.7 which is a shame but can we at least bump it for 3.8? It sounds like a reasonable request. Python 3.4 is out of commission by then. I'm sure the release manager for 3.8 is going to agree with you, too. :) Christian _

[Python-Dev] ssl module and LibreSSL CVE-2018-8970

hour ago. I like to thank Bob Beck (LibreSSL), Adam Langley (Google) and David Benjamin (Google) for their assistance and cooperation. Regards, Christian [1] https://bugs.python.org/issue31399 [2] https://github.com/libressl-portable/portable/issues/381 [3] https://bugs.chromium.org/p/chromium

Re: [Python-Dev] Trying to build from source, test-poplib fails

On 2018-04-08 01:33, Skip Montanaro wrote: >> Do you have ca-certificates installed? > > It seems so: > > % apt search ca-certificates | grep installed > > ca-certificates/artful,artful,now 20170717 all [installed] > ca-certificates-mono/artful,artful,now 4.6.2.7+dfsg-1ubuntu1 all > [installed,a

Re: [Python-Dev] Trying to build from source, test-poplib fails

andshake alert and an exception on the server side. Sometimes the old server code in asyncore runs into a race condition and the test fails. The whole test framework needs to be rewritten from scratch and replaced with something better. I haven&#x

Re: [Python-Dev] bpo-28055: Fix unaligned accesses in siphash24(). (GH-6123)

s.python.org/issue28055#msg276257 At least for latest GCC, the change seems to be fine. GCC emits the same assembly code for X86_64 before and after your change. Did you check the output on other CPU architectures as well as clang and MSVC, too? Christian

Re: [Python-Dev] Hashes in Python3.5 for tuples and frozensets

o users (generally strings) and how it is > used. > > For the most part, it is considered a feature that integers hash to > themselves. That is very fast to compute :-) Also, it tends to prevent hash > collisions for consecutive integers. Raymond is 100% correct. Just one

[Python-Dev] Failing tests on master (asyncio, multiprocessing)

fails in: * test_stdin_broken_pipe (test.test_asyncio.test_subprocess.SubprocessFastWatcherTests) * test_stdin_broken_pipe (test.test_asyncio.test_subprocess.SubprocessSafeWatcherTests) * test_ignore (test.test_multiprocessing_forkserver.TestIgnoreEINTR) Could somebody have a look, please? Chri

Re: [Python-Dev] Failing tests on master (asyncio, multiprocessing)

On 2018-05-19 11:29, Eitan Adler wrote: > On 19 May 2018 at 02:05, Christian Heimes wrote: >> Hi, >> >> several of my PRs as well as local tests have started failing recently. >> On my local Fedora 27 machine, four sendfile related tests of >> test_asyncio'

[Python-Dev] PyIndex_Check conflicts with PEP 384

umber->nb_index != NULL) This contradicts PEP 384, because there is no way for non-heaptype types to access the nb_index field. If nobody objects, I would like to submit a patch that adds the function back when the limited API is active. I think to fix that before Python 3.7 is out. Ciao

Re: [Python-Dev] PyIndex_Check conflicts with PEP 384

y it Qt starts using it > then that will help us shake these things out... But it also means we > need your help to catch these kinds of issues :-). Thanks! > > On Fri, Jun 1, 2018, 06:51 Christian Tismer <mailto:tis...@stackless.com>> wrote: > > Hi friends, >

Re: [Python-Dev] Stable ABI

break. I found exactly 7 locations where this is the case. My PR will contain the 7 fixes plus the analysis script to go into tools. Preparind that in the evening. cheers -- Chris -- Christian Tismer-Sperling:^) tis...@stackless.com Software Consulting : http://www.

Re: [Python-Dev] Stable ABI

On 03.06.18 13:18, Ronald Oussoren wrote: > > >> On 3 Jun 2018, at 12:03, Christian Tismer wrote: ... >> >> I have written a script that scans all relevant header files >> and analyses all sections which are reachable in the limited API >> context. &g

[Python-Dev] PySequence_Check but no __len__

the unlimited case, but it seems still to be true that sequences are always finite. Can someone please enlighten me? -- Christian Tismer-Sperling:^) tis...@stackless.com Software Consulting : http://www.stackless.com/ Karl-Liebknecht-Str. 121 : http://pyside.org 14482

Re: [Python-Dev] PySequence_Check but no __len__

out an exact definition what makes up a sequence? Sorry if I'm again the only one who misunderstands the obvious :) Best -- Chris On 21.06.18 18:29, Brett Cannon wrote: > Sorry, I don't quite follow. > > On Thu, 21 Jun 2018 at 08:50 Christian Tismer <mailto:tis...

Re: [Python-Dev] PySequence_Check but no __len__

Answering myself: PySequence_Check determines a sequence. See the docs. len() can but does not have to exist. The size is always limited. After evicting my initial fault, this is now obvious. Sorry about the noise. On 22.06.18 13:17, Christian Tismer wrote: > Hi Brett, > > becaus

Re: [Python-Dev] PEP 485 isclose() implementation review requested

> METH_VARARGS | METH_KEYWORDS, "determine if two floating point > numbers are close"}, {NULL, NULL, 0, NULL}/* Sentinel */ > }; You have to type cast the function pointer to a PyCFunction here: (PyCFunction)isclose_c The type cast is required for KEYWORD function

Re: [Python-Dev] PEP 485 isclose() implementation review requested

x27;s on a machine at home -- I'll push it tonight. But the copy on > gitHub now is mostly good -- I think the only changes are handling > the docsstrings better and some more/better tests. You're welcome! Does your latest patch handle NaN, too? I only noticed infinity checks

Re: [Python-Dev] 2.7 is here until 2020, please don't call it a waste.

n. Python runs of hundreds of thousands of machines in the cloud. Python 2.7 will be used for at least half a decade, probably longer. Servers can be replaced with faster machines later and less fossil fuel must be burned to produce power. Let's keep P

Re: [Python-Dev] 2.7 is here until 2020, please don't call it a waste.

provements. For others it could be a marketing instrument. In Germany ads are full of crazy 'green' slogans. Christian -BEGIN PGP SIGNATURE- iQEcBAEBCgAGBQJVabPTAAoJEIZoUkkhLbaJTF0H+wb8ciikP762qc8u586H2AjV 2xV9AAamI1Z6RwlvKRM7YHVk48coYIKk9WQ6DZODNlVSIhnijexI

Re: [Python-Dev] Backporting the 3.5+ Windows build project files to 2.7

a while back, I suspect it will make their lives >> easier rather than harder, but it's still worth asking for their >> input. > From a glance at the stackless repo, it looks like it still uses > VS2008's project files (which pretty much means using MSVC 9), but I > co

  1   2   3   4   5   6   7   8   9   10   >