|  | Commit message (Collapse) | Author | Age | Files | Lines | 
|---|
| | 
| 
| 
| 
| 
| | Issue #26735: Fix os.urandom() on Solaris 11.3 and newer when reading more than
1,024 bytes: call getrandom() multiple times with a limit of 1024 bytes per
call. | 
| |\ |  | 
| | | 
| | 
| | 
| | 
| | | getentropy() is blocking, whereas os.urandom() should not block. getentropy()
is supported since Solaris 11.3. | 
| | | 
| | 
| | 
| | 
| | 
| | | function instead of the getentropy() function. The getentropy() function is
blocking to generate very good quality entropy, os.urandom() doesn't need such
high-quality entropy. | 
| | | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | 
| | | See the latest version of getrandom() manual page:
http://man7.org/linux/man-pages/man2/getrandom.2.html#NOTES
    The behavior when a call to getrandom() that is blocked while reading from
    /dev/urandom is interrupted by a signal handler depends on the
    initialization state of the entropy buffer and on the request size, buflen.
    If the entropy is not yet initialized, then the call will fail with the
    EINTR error.  If the entropy pool has been initialized and the request size
    is large (buflen > 256), the call either succeeds, returning a partially
    filled buffer, or fails with the error EINTR.  If the entropy pool has been
    initialized and the request size is small (buflen <= 256), then getrandom()
    will not fail with EINTR.  Instead, it will return all of the bytes that
    have been requested.
Note: py_getrandom() calls getrandom() with flags=0. | 
| |\ \  
| |/  
| |   
| | | getentropy() is used (OpenBSD 5.6+). | 
| | | 
| | 
| | 
| | | (OpenBSD 5.6+). | 
| | | 
| | 
| | 
| | | instead of reading /dev/urandom, to get pseudo-random bytes. | 
| | | 
| | 
| | 
| | | implementation is used. | 
| | | 
| | 
| | 
| | | Add _Py_fstat_noraise() function when a Python exception is not welcome. | 
| | | 
| | 
| | 
| | 
| | 
| | 
| | | read() is interrupted by a signal.
dev_urandom_python() now calls _Py_read() helper instead of calling directly
read(). | 
| | | 
| | 
| | 
| | | opening /dev/urandom. | 
| | | 
| | 
| | 
| | 
| | 
| | | and stored in pyconfig.h as the new HAVE_GETRANDOM_SYSCALL define.
Fix os.urandom() tests using file descriptors if os.urandom() uses getrandom(). | 
| | | 
| | 
| | 
| | 
| | 
| | | available, syscall introduced in the Linux kernel 3.17. It is more reliable
and more secure, because it avoids the need of a file descriptor and waits
until the kernel has enough entropy. | 
| | | 
| | 
| | 
| | 
| | 
| | 
| | 
| | | * _Py_open() now raises exceptions on error. If open() fails, it raises an
  OSError with the filename.
* _Py_open() now releases the GIL while calling open()
* Add _Py_open_noraise() when _Py_open() cannot be used because the GIL is not
  held | 
| | | 
| | 
| | 
| | 
| | 
| | | Windows.
fstat() may fail with EOVERFLOW on files larger than 2 GB because the file size type is an signed 32-bit integer. | 
| | | 
| | 
| | 
| | | instead of reading /dev/urandom, to get pseudo-random bytes. | 
| |\ \  
| |/ |  | 
| | | |  | 
| | | |  | 
| |/ |  | 
| | 
| 
| 
| | replaced, and open it anew. | 
| | |  | 
| | 
| 
| 
| | Python now uses SipHash24 on all major platforms. | 
| | 
| 
| 
| | CryptGenRandom() | 
| |\ |  | 
| | | |  | 
| | | 
| | 
| | 
| | | descriptor, so as to avoid using many file descriptors when run in parallel from multiple threads. | 
| | | 
| | 
| | 
| | 
| | | are now created non-inheritable; add functions os.get/set_inheritable(),
os.get/set_handle_inheritable() and socket.socket.get/set_inheritable(). | 
| |\ \  
| |/  
| |   
| | | due to something else than /dev/urandom not existing. | 
| | | 
| | 
| | 
| | | due to something else than /dev/urandom not existing. | 
| |/  
|   
|   
|   
| | Drop SDK version configuration for Tk compilation, to not bind it to W2k
anymore. Binding it to XP would conflict with Tk's own binding of tkMenu to W2k. | 
| | 
| 
| 
| 
| 
| | opened.
This was a regression caused by the hash randomization patch. | 
| | |  | 
| | |  | 
| | |  | 
|  | bytes, datetime)
in order to make algorithmic complexity attacks on (e.g.) web apps much more complicated.
The environment variable PYTHONHASHSEED and the new command line flag -R control this
behavior. |