bpo-32758: Warn that ast.parse() and ast.literal_eval() can segfault the interpreter (GH-5960) (GH-16565)

(cherry picked from commit 7a7f100e)
Co-authored-by: Brett Cannon <brettcannon@users.noreply.github.com>

(cherry picked from commit f7a6ff6f)
Co-authored-by: Brett Cannon <brettcannon@users.noreply.github.com>

(cherry picked from commit 4504b450)
Co-authored-by: Julien Palard <julien@palard.fr>

Rather than requiring the path to blurb and/or sphinx-build to be specified to the make rule, enhance the Doc/Makefile to look for each first in a virtual environment created by make venv and, if not found, look on the normal process PATH. This allows the Doc/Makefile to take advantage of an installed spinx-build or blurb and, thus, do the right thing most of the time. Also, make the directory for the venv be configurable and document the `make venv` target..
(cherry picked from commit 590665c3)
Co-authored-by: Ned Deily <nad@python.org>

Previous to commit ee171a26 the logline was working because of self.info() (now
deprecated) defaults to an empty message.
(cherry picked from commit c3f52a59)
Co-authored-by: Xtreak <tirkarthi@users.noreply.github.com>

Also addresses doc build failures documented in bpo-32200.
(cherry picked from commit 7324b5ce)
Co-authored-by: Julien Palard <julien@palard.fr>

(cherry picked from commit ee171a26)
Co-authored-by: Pablo Galindo <Pablogsal@gmail.com>

[2.7] bpo-38216, bpo-36274: Allow subclasses to separately override validation and encoding behavior (GH-16476)

Backporting this change, I observe a couple of things:

1. The _encode_request call is no longer meaningful because the request construction will implicitly encode the request using the default encoding when the format string is used (request = '%s %s %s'...). In order to keep the code as consistent as possible, I decided to include the call as a pass-through. I'd be just as happy to remove it entirely, but I'll leave that up to the reviewer to decide. It's okay that this functionality is disabled on Python 2 because this functionality was mainly around bpo-36274, which was mainly a concern with the transition to Python 3.
2. Because _encode_request is no longer meaningful, neither is the test for it, so I've removed that test. Therefore, the meaningful part of this test is that for bpo-38216, adding a (underscore-protected) hook to customize/disable validation.

(cherry picked from commit 7774d783)
Co-authored-by: Jason R. Coombs <jaraco@jaraco.com>

(cherry picked from commit 10c452b8)
Co-authored-by: Pradyun Gedam <pradyunsg@gmail.com>

Fix race in PyThread_release_lock that was leading to memory corruption and
deadlocks. The fix applies to POSIX systems where Python locks are implemented
with mutex and condition variable because POSIX semaphores are either not
provided, or are known to be broken. One particular example of such system is
macOS.

On Darwin, even though this is considered as POSIX, Python uses
mutex+condition variable to implement its lock, and, as of 2019-08-28, Py2.7
implementation, even though similar issue was fixed for Py3 in 2012, contains
synchronization bug: the condition is signalled after mutex unlock while the
correct protocol is to signal condition from under mutex:

  https://github.com/python/cpython/blob/v2.7.16-127-g0229b56d8c0/Python/thread_pthread.h#L486-L506
  https://github.com/python/cpython/commit/187aa545165d (py3 fix)

PyPy has the same bug for both pypy2 and pypy3:

  https://bitbucket.org/pypy/pypy/src/578667b3fef9/rpython/translator/c/src/thread_pthread.c#lines-443:465
  https://bitbucket.org/pypy/pypy/src/5b42890d48c3/rpython/translator/c/src/thread_pthread.c#lines-443:465

Signalling condition outside of corresponding mutex is considered OK by
POSIX, but in Python context it can lead to at least memory corruption if we
consider the whole lifetime of python level lock. For example the following
logical scenario:

      T1                                          T2

  sema = Lock()
  sema.acquire()

                                              sema.release()

  sema.acquire()
  free(sema)

  ...

can translate to the next C-level calls:

      T1                                          T2

  # sema = Lock()
  sema = malloc(...)
  sema.locked = 0
  pthread_mutex_init(&sema.mut)
  pthread_cond_init (&sema.lock_released)

  # sema.acquire()
  pthread_mutex_lock(&sema.mut)
  # sees sema.locked == 0
  sema.locked = 1
  pthread_mutex_unlock(&sema.mut)

                                              # sema.release()
                                              pthread_mutex_lock(&sema.mut)
                                              sema.locked = 0
                                              pthread_mutex_unlock(&sema.mut)

                      # OS scheduler gets in and relinquishes control from T2
                      # to another process
                                              ...

  # second sema.acquire()
  pthread_mutex_lock(&sema.mut)
  # sees sema.locked == 0
  sema.locked = 1
  pthread_mutex_unlock(&sema.mut)

  # free(sema)
  pthread_mutex_destroy(&sema.mut)
  pthread_cond_destroy (&sema.lock_released)
  free(sema)

  # ...
  e.g. malloc() which returns memory where sema was

                                              ...
                      # OS scheduler returns control to T2
                      # sema.release() continues
                      #
                      # BUT sema was already freed and writing to anywhere
                      # inside sema block CORRUPTS MEMORY. In particular if
                      # _another_ python-level lock was allocated where sema
                      # block was, writing into the memory can have effect on
                      # further synchronization correctness and in particular
                      # lead to deadlock on lock that was next allocated.
                                              pthread_cond_signal(&sema.lock_released)

Note that T2.pthread_cond_signal(&sema.lock_released) CORRUPTS MEMORY as it
is called when sema memory was already freed and is potentially
reallocated for another object.

The fix is to move pthread_cond_signal to be done under corresponding mutex:

  # sema.release()
  pthread_mutex_lock(&sema.mut)
  sema.locked = 0
  pthread_cond_signal(&sema.lock_released)
  pthread_mutex_unlock(&sema.mut)

To do so this patch cherry-picks thread_pthread.h part of the following 3.2 commit:

commit 187aa545
Author: Kristján Valur Jónsson <kristjan@ccpgames.com>
Date:   Tue Jun 5 22:17:42 2012 +0000

    Signal condition variables with the mutex held.  Destroy condition variables
    before their mutexes.

 Python/ceval_gil.h      |  9 +++++----
 Python/thread_pthread.h | 15 +++++++++------
 2 files changed, 14 insertions(+), 10 deletions(-)

(ceval_gil.h is Python3 specific and does not apply to Python2.7)

The bug was there since 1994 - since at least [1]. It was discussed in 2001
with original code author[2], but the code was still considered to be
race-free. In 2010 the place where pthread_cond_signal should be - before or
after pthread_mutex_unlock - was discussed with the rationale to avoid
threads bouncing[3,4,5], and in 2012 pthread_cond_signal was moved to be
called from under mutex, but only for CPython3[6,7].

In 2019 the bug was (re-)discovered while testing Pygolang[8] on macOS with
CPython2 and PyPy2 and PyPy3.

[1] https://github.com/python/cpython/commit/2c8cb9f3d240
[2] https://bugs.python.org/issue433625
[3] https://bugs.python.org/issue8299#msg103224
[4] https://bugs.python.org/issue8410#msg103313
[5] https://bugs.python.org/issue8411#msg113301
[6] https://bugs.python.org/issue15038#msg163187
[7] https://github.com/python/cpython/commit/187aa545165d
[8] https://pypi.org/project/pygolang

(cherry picked from commit 187aa545)
Co-Authored-By: Kristján Valur Jónsson <kristjan@ccpgames.com>

test.pythoninfo now logs environment variables used by OpenSSL and
Python ssl modules, and logs attributes of 3 SSL contexts
(SSLContext, default HTTPS context, stdlib context).

(cherry picked from commit 1df1c2f8df53d005ff47af81aa02c58752b84e20)

Escape the server title of DocXMLRPCServer.DocXMLRPCServer
when rendering the document page as HTML.

(cherry picked from commit 52d1b86b)
Co-authored-by: Jesús Cea <jcea@jcea.es>

Fixes CVE-2019-15903. See full changelog at https://github.com/libexpat/libexpat/blob/R_2_2_8/expat/Changes..
(cherry picked from commit 52b94080)
Co-authored-by: Benjamin Peterson <benjamin@python.org>

(cherry picked from commit 4346bad3)
Co-authored-by: Hai Shi <shihai1992@gmail.com>

A little change on first paragraph of python tutorial to be more clearly

https://bugs.python.org/issue37904

Automerge-Triggered-By: @ericvsmith
(cherry picked from commit b5748131)
Co-authored-by: Diego Alberto Barriga Martínez <diegobarriga@protonmail.com>

(cherry picked from commit 8debfa50)

``OPENSSL_VERSION_1_1`` was never defined in ``_hashopenssl.c``.

https://bugs.python.org/issue33936
(cherry picked from commit 724f1a57)
Co-authored-by: Christian Heimes <christian@python.org>

(cherry picked from commit 56a45142)

Co-authored-by: Hai Shi shihai1992@gmail.com

https://bugs.python.org/issue38168

This change skips parsing of email addresses where domains include a "@" character, which can be maliciously used since the local part is returned as a complete address. 

(cherry picked from commit 8cb65d13)

Excludes changes to Lib/email/_header_value_parser.py, which did not
exist in 2.7.
Co-authored-by: jpic <jpic@users.noreply.github.com>


https://bugs.python.org/issue34155

Fixes a build error with OpenSSL 1.1.0. There is already code in the
`_ssl.c` that handles all the weird cases of the NPN config macros (with
various OpenSSL & LibreSSL versions).
That code will provide a HAVE_NPN variable, which should be used in the
rest of the code to check whether (or what) to compile regarding NPN.

This change adds HAVE_NPN in the remaining places where it should have been
placed.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>


https://bugs.python.org/issue35264

If FormatMessageW() is passed the FORMAT_MESSAGE_FROM_SYSTEM flag
without FORMAT_MESSAGE_IGNORE_INSERTS, it will fail if there are
insert sequences in the message definition.
(cherry picked from commit a6563650)

The link we have points to the version from Unicode 6.0.0, dated 2010.
There have been numerous updates to it since then:
  https://www.unicode.org/reports/tr44/GH-Modifications

Change the link to one that points to the current version. Also, use HTTPS..
(cherry picked from commit 64c6ac74)
Co-authored-by: Greg Price <gnprice@gmail.com>

RuntimeError is now raised in this case.
(cherry picked from commit 526a0146)

https://bugs.python.org/issue37965

https://bugs.python.org/issue37965

Automerge-Triggered-By: @benjaminp
(cherry picked from commit 55aabee0)
Co-authored-by: Anonymous Maarten <madebr@users.noreply.github.com>

Fix file descriptors transfer in multiprocessing on FreeBSD: use
CMSG_SPACE() rather than CMSG_LEN(); see RFC 3542.

(cherry picked from commit d0b10a64)

Fixed wrong link to Telnet.open() method in telnetlib documentation.
(cherry picked from commit e0b6117e)
Co-authored-by: Michael Anckaert <michael.anckaert@sinax.be>

If this service had thoroughly vanished, we could just ignore the
test until someone gets around to either recreating such a service
or redesigning the test to somehow work locally.  The
`support.transient_internet` mechanism catches the failure to
resolve the domain name, and skips the test.

But in fact the domain snakebite.net does still exist, as do its
nameservers -- and they can be quite slow to reply.  As a result
this test can easily take 20-30s before it gets auto-skipped.

So, skip the test explicitly up front.
(cherry picked from commit 5b95a150)
Co-authored-by: Greg Price <gnprice@gmail.com>

[2.7] bpo-37730: Fix usage of NotImplemented instead of NotImplementedError in docs. (GH-15062). (GH-15133)

(cherry picked from commit ed5e8e06)
Co-authored-by: David H <dheiberg@mozilla.com>