Skip to content

bpo-43908: Mark ssl, hash, and hmac types as immutable (GH-25792) #25792

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
May 2, 2021
Merged

bpo-43908: Mark ssl, hash, and hmac types as immutable (GH-25792) #25792

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions Lib/test/test_hashlib.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -944,6 +944,15 @@ def test_hash_disallow_instanciation(self):
):
HASHXOF()

def test_readonly_types(self):
for algorithm, constructors in self.constructors_to_test.items():
# all other types have DISALLOW_INSTANTIATION
for constructor in constructors:
hash_type = type(constructor())
with self.subTest(hash_type=hash_type):
with self.assertRaisesRegex(TypeError, "immutable type"):
hash_type.value = False


class KDFTests(unittest.TestCase):

Expand Down
3 changes: 3 additions & 0 deletions Lib/test/test_hmac.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -444,6 +444,9 @@ def test_internal_types(self):
):
C_HMAC()

with self.assertRaisesRegex(TypeError, "immutable type"):
C_HMAC.value = None

@unittest.skipUnless(sha256_module is not None, 'need _sha256')
def test_with_sha256_module(self):
h = hmac.HMAC(b"key", b"hash this!", digestmod=sha256_module.sha256)
Expand Down
19 changes: 19 additions & 0 deletions Lib/test/test_ssl.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -345,6 +345,25 @@ def test_constants(self):
ssl.OP_NO_TLSv1_2
self.assertEqual(ssl.PROTOCOL_TLS, ssl.PROTOCOL_SSLv23)

def test_ssl_types(self):
ssl_types = [
_ssl._SSLContext,
_ssl._SSLSocket,
_ssl.MemoryBIO,
_ssl.Certificate,
_ssl.SSLSession,
_ssl.SSLError,
]
for ssl_type in ssl_types:
with self.subTest(ssl_type=ssl_type):
with self.assertRaisesRegex(TypeError, "immutable type"):
ssl_type.value = None
with self.assertRaisesRegex(
TypeError,
"cannot create '_ssl.Certificate' instances"
):
_ssl.Certificate()

def test_private_init(self):
with self.assertRaisesRegex(TypeError, "public constructor"):
with socket.socket() as s:
Expand Down
2 changes: 1 addition & 1 deletion Modules/_blake2/blake2b_impl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -409,6 +409,6 @@ static PyType_Slot blake2b_type_slots[] = {
PyType_Spec blake2b_type_spec = {
.name = "_blake2.blake2b",
.basicsize = sizeof(BLAKE2bObject),
.flags = Py_TPFLAGS_DEFAULT,
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_IMMUTABLETYPE,
.slots = blake2b_type_slots
};
2 changes: 1 addition & 1 deletion Modules/_blake2/blake2s_impl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -408,6 +408,6 @@ static PyType_Slot blake2s_type_slots[] = {
PyType_Spec blake2s_type_spec = {
.name = "_blake2.blake2s",
.basicsize = sizeof(BLAKE2sObject),
.flags = Py_TPFLAGS_DEFAULT,
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_IMMUTABLETYPE,
.slots = blake2s_type_slots
};
6 changes: 3 additions & 3 deletions Modules/_hashopenssl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -588,7 +588,7 @@ static PyType_Spec EVPtype_spec = {
"_hashlib.HASH", /*tp_name*/
sizeof(EVPobject), /*tp_basicsize*/
0, /*tp_itemsize*/
Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE | Py_TPFLAGS_DISALLOW_INSTANTIATION,
Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
EVPtype_slots
};

Expand Down Expand Up @@ -737,7 +737,7 @@ static PyType_Spec EVPXOFtype_spec = {
"_hashlib.HASHXOF", /*tp_name*/
sizeof(EVPobject), /*tp_basicsize*/
0, /*tp_itemsize*/
Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE | Py_TPFLAGS_DISALLOW_INSTANTIATION,
Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
EVPXOFtype_slots
};

Expand Down Expand Up @@ -1729,7 +1729,7 @@ static PyType_Slot HMACtype_slots[] = {
PyType_Spec HMACtype_spec = {
"_hashlib.HMAC", /* name */
sizeof(HMACobject), /* basicsize */
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION,
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
.slots = HMACtype_slots,
};

Expand Down
2 changes: 1 addition & 1 deletion Modules/_sha3/sha3module.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -525,7 +525,7 @@ static PyGetSetDef SHA3_getseters[] = {
static PyType_Spec type_spec_obj = { \
.name = "_sha3." type_name, \
.basicsize = sizeof(SHA3object), \
.flags = Py_TPFLAGS_DEFAULT, \
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_IMMUTABLETYPE, \
.slots = type_slots \
}

Expand Down
10 changes: 5 additions & 5 deletions Modules/_ssl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -437,7 +437,7 @@ static PyType_Spec sslerror_type_spec = {
"ssl.SSLError",
sizeof(PyOSErrorObject),
0,
Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE,
Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE | Py_TPFLAGS_IMMUTABLETYPE,
sslerror_type_slots
};

Expand Down Expand Up @@ -2906,7 +2906,7 @@ static PyType_Spec PySSLSocket_spec = {
"_ssl._SSLSocket",
sizeof(PySSLSocket),
0,
Py_TPFLAGS_DEFAULT,
Py_TPFLAGS_DEFAULT | Py_TPFLAGS_IMMUTABLETYPE,
PySSLSocket_slots,
};

Expand Down Expand Up @@ -4644,7 +4644,7 @@ static PyType_Spec PySSLContext_spec = {
"_ssl._SSLContext",
sizeof(PySSLContext),
0,
Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE | Py_TPFLAGS_HAVE_GC,
Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE | Py_TPFLAGS_HAVE_GC | Py_TPFLAGS_IMMUTABLETYPE,
PySSLContext_slots,
};

Expand Down Expand Up @@ -4850,7 +4850,7 @@ static PyType_Spec PySSLMemoryBIO_spec = {
"_ssl.MemoryBIO",
sizeof(PySSLMemoryBIO),
0,
Py_TPFLAGS_DEFAULT,
Py_TPFLAGS_DEFAULT | Py_TPFLAGS_IMMUTABLETYPE,
PySSLMemoryBIO_slots,
};

Expand Down Expand Up @@ -5025,7 +5025,7 @@ static PyType_Spec PySSLSession_spec = {
"_ssl.SSLSession",
sizeof(PySSLSession),
0,
Py_TPFLAGS_DEFAULT | Py_TPFLAGS_HAVE_GC,
Py_TPFLAGS_DEFAULT | Py_TPFLAGS_HAVE_GC | Py_TPFLAGS_IMMUTABLETYPE,
PySSLSession_slots,
};

Expand Down
2 changes: 1 addition & 1 deletion Modules/_ssl/cert.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -240,6 +240,6 @@ static PyType_Spec PySSLCertificate_spec = {
"_ssl.Certificate",
sizeof(PySSLCertificate),
0,
Py_TPFLAGS_DEFAULT,
Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
PySSLCertificate_slots,
};
2 changes: 1 addition & 1 deletion Modules/md5module.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -484,7 +484,7 @@ static PyType_Slot md5_type_slots[] = {
static PyType_Spec md5_type_spec = {
.name = "_md5.md5",
.basicsize = sizeof(MD5object),
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION,
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
.slots = md5_type_slots
};

Expand Down
2 changes: 1 addition & 1 deletion Modules/sha1module.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -462,7 +462,7 @@ static PyType_Slot sha1_type_slots[] = {
static PyType_Spec sha1_type_spec = {
.name = "_sha1.sha1",
.basicsize = sizeof(SHA1object),
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION,
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
.slots = sha1_type_slots
};

Expand Down
4 changes: 2 additions & 2 deletions Modules/sha256module.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -544,14 +544,14 @@ static PyType_Slot sha256_types_slots[] = {
static PyType_Spec sha224_type_spec = {
.name = "_sha256.sha224",
.basicsize = sizeof(SHAobject),
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION,
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
.slots = sha256_types_slots
};

static PyType_Spec sha256_type_spec = {
.name = "_sha256.sha256",
.basicsize = sizeof(SHAobject),
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION,
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
.slots = sha256_types_slots
};

Expand Down
4 changes: 2 additions & 2 deletions Modules/sha512module.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -602,7 +602,7 @@ static PyType_Slot sha512_sha384_type_slots[] = {
static PyType_Spec sha512_sha384_type_spec = {
.name = "_sha512.sha384",
.basicsize = sizeof(SHAobject),
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION,
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
.slots = sha512_sha384_type_slots
};

Expand All @@ -619,7 +619,7 @@ static PyType_Slot sha512_sha512_type_slots[] = {
static PyType_Spec sha512_sha512_type_spec = {
.name = "_sha512.sha512",
.basicsize = sizeof(SHAobject),
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION,
.flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
.slots = sha512_sha512_type_slots
};

Expand Down