(cherry picked from commit bc3f2289)
Co-authored-by: Xiang Zhang <angwerzx@126.com>

(cherry picked from commit 8a387219)
Co-authored-by: Yury Selivanov <yury@magic.io>

Like Python, IDLE optionally runs one startup file in the Shell window
before presenting the first interactive input prompt.  For IDLE,
option -s runs a file named in environmental variable IDLESTARTUP or
PYTHONSTARTUP; -r file runs file.  Python sets __file__ to the startup
file name before running the file and unsets it before the first
prompt.  IDLE now does the same when run normally, without the -n
option.
(cherry picked from commit 22c82be5)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>

(cherry picked from commit 74382a3f)
Co-authored-by: Cheryl Sabella <cheryl.sabella@gmail.com>

* Prevent low-grade poplib REDOS (CVE-2018-1060)

The regex to test a mail server's timestamp is susceptible to
catastrophic backtracking on long evil responses from the server.

Happily, the maximum length of malicious inputs is 2K thanks
to a limit introduced in the fix for CVE-2013-1752.

A 2KB evil response from the mail server would result in small slowdowns
(milliseconds vs. microseconds) accumulated over many apop calls.
This is a potential DOS vector via accumulated slowdowns.

Replace it with a similar non-vulnerable regex.

The new regex is RFC compliant.
The old regex was non-compliant in edge cases.

* Prevent difflib REDOS (CVE-2018-1061)

The default regex for IS_LINE_JUNK is susceptible to
catastrophic backtracking.
This is a potential DOS vector.

Replace it with an equivalent non-vulnerable regex.

Also introduce unit and REDOS tests for difflib.
Co-authored-by: Tim Peters <tim.peters@gmail.com>
Co-authored-by: Christian Heimes <christian@python.org>.
(cherry picked from commit 0e6c8ee2)

(cherry picked from commit 13cfd57d)
Co-authored-by: Joongi Kim <me@daybreaker.info>

(cherry picked from commit b21d155f)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>

(cherry picked from commit 3e197c7a)
Co-authored-by: Alexey Izbyshev <izbyshev@users.noreply.github.com>

The new code also runs faster.
(cherry picked from commit f0daa880)
Co-authored-by: Cheryl Sabella <cheryl.sabella@gmail.com>

(cherry picked from commit 0954c9e9)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>

(cherry picked from commit 6f600ff1)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>

(cherry picked from commit 72d9b2be)
Co-authored-by: Joffrey F <f.joffrey@gmail.com>

(cherry picked from commit eee72d47)
Co-authored-by: Tobotimus <Tobotimus@users.noreply.github.com>

(cherry picked from commit 63ae0446)

This reverts commit a71397fb.

dictview_repr(): Use a Py_ReprEnter() / Py_ReprLeave() pair to check
for recursion, and produce "..." if so.

test_recursive_repr(): Check for the string rather than a
RecursionError.  (Test cannot be any tighter as contents are
implementation-dependent.)

test_deeply_nested_repr(): Add new test, replacing the original
test_recursive_repr().  It checks that a RecursionError is raised in
the case of a non-recursive but deeply nested structure.  (Very
similar to what test_repr_deep() in test/test_dict.py does for a
normal dict.)

OrderedDictTests: Add new test case, to test behavior on OrderedDict
instances containing their own values() or items().
(cherry picked from commit d7773d92)

(cherry picked from commit fbee8824)
Co-authored-by: Mario Corchero <mariocj89@gmail.com>

By default `print` adds spaces between its arguments.
(cherry picked from commit 84c4b0cc)
Co-authored-by: Cheryl Sabella <cheryl.sabella@gmail.com>

This code never did anything correct or useful. The class attribute will never be affected, and the condition will never be true.
(cherry picked from commit 5fb632e8)
Co-authored-by: Aaron Gallagher <habnabit@users.noreply.github.com>

Signed-off-by: Christian Heimes <christian@python.org>.
(cherry picked from commit 29eab553)
Co-authored-by: Christian Heimes <christian@python.org>

The ctypes module used to depend on indirect linking for dlopen. The shared
extension is now explicitly linked against libdl on platforms with dl.
Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit 5bb96925)
Co-authored-by: Christian Heimes <christian@python.org>

The ssl module now detects missing NPN support in LibreSSL.
Co-Authored-By: Bernard Spil <brnrd@FreeBSD.org>
Signed-off-by: Christian Heimes <christian@python.org>.
(cherry picked from commit 6cdb7954)
Co-authored-by: Christian Heimes <christian@python.org>

The SSL module no longer sends IP addresses in SNI TLS extension on
platforms with OpenSSL 1.0.2+ or inet_pton.
Signed-off-by: Christian Heimes <christian@python.org>

The 'optimization' is for space in the executable file, not for run time.
(cherry picked from commit 186b606d)
Co-authored-by: Cheryl Sabella <cheryl.sabella@gmail.com>

Debian Unstable has disabled TLS 1.0 and 1.1 for SSLv23_METHOD(). Change
TLS/SSL protocol of some tests to PROTOCOL_TLS or PROTOCOL_TLSv1_2 to
make them pass on Debian.
Signed-off-by: Christian Heimes <christian@python.org>

(cherry picked from commit 42c35d9c)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>

Adjust tests and user modules to match.
(cherry picked from commit c29c03a3)
Co-authored-by: Cheryl Sabella <cheryl.sabella@gmail.com>

`whilst` and `while` are both english words, `whilst` is not as commonly used.
This can be confusing to readers whose primary language is not english.
(cherry picked from commit 98f42aac)
Co-authored-by: Mariatta <Mariatta@users.noreply.github.com>

Make test.support.temp_cwd() fork-safe. The context manager test.support.temp_cwd() no longer removes the temporary directory when executing in a process other than the parent it entered from.
If a forked child exits the context manager it won't do the cleanup..
(cherry picked from commit 33dddac0)
Co-authored-by: Anselm Kruis <a.kruis@science-computing.de>

(cherry picked from commit 0febc053)
Co-authored-by: cocoatomo <cocoatomo77@gmail.com>

bpo-32457: Improves handling of denormalized executable path when launching Python (GH-5756) (#5818)

(cherry picked from commit 2b44e302)
Co-authored-by: Aaron Hall, MBA <aaronchall@yahoo.com>

dump is similar to print but less flexible.  lastopenbracketpos is now always initialized in _study2, as was stmt_bracketing, so the class settings are not needed.  get_last_open_bracket_pos is never called.
(cherry picked from commit 451d1eda)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>

There are no code changes other than comments and docstrings.
(cherry picked from commit c84cf6c0)
Co-authored-by: Cheryl Sabella <cheryl.sabella@gmail.com>

Py_ADDRESS_IN_RANGE was renamed address_in_range in 3.6
(commit 3924f937).
(cherry picked from commit ba518804)
Co-authored-by: Paul Price <price@astro.princeton.edu>

It's bad form to pin to an old version of TLS. ssl.SSLContext has the right
protocol default, so let's not pass anyway.
(cherry picked from commit e9edee0b)
Co-authored-by: Benjamin Peterson <benjamin@python.org>

(cherry picked from commit 52c6b897)
Co-authored-by: Harshul jain <harshulrobo@gmail.com>

os.dup2() tests for dup3() system call availability at runtime,
but doesn't remember the result across calls, repeating
the test on each call with inheritable=False.

Since the caller of os.dup2() is expected to hold the GIL,
fix this by making the variable holding the test result static.
(cherry picked from commit b3caf388)
Co-authored-by: Alexey Izbyshev <izbyshev@users.noreply.github.com>