stackless-dev
diff --git a/‎Doc/library/array.rst
Lines changed: 4 additions & 0 deletions b/‎Doc/library/array.rst
Lines changed: 4 additions & 0 deletions
diff --git a/‎Doc/library/asyncio-eventloop.rst
Lines changed: 19 additions & 5 deletions b/‎Doc/library/asyncio-eventloop.rst
Lines changed: 19 additions & 5 deletions
diff --git a/‎Doc/library/ssl.rst
Lines changed: 3 additions & 0 deletions b/‎Doc/library/ssl.rst
Lines changed: 3 additions & 0 deletions
diff --git a/‎Include/patchlevel.h
Lines changed: 4 additions & 4 deletions b/‎Include/patchlevel.h
Lines changed: 4 additions & 4 deletions
diff --git a/‎Lib/asyncio/base_events.py
Lines changed: 18 additions & 7 deletions b/‎Lib/asyncio/base_events.py
Lines changed: 18 additions & 7 deletions
diff --git a/‎Lib/asyncio/selector_events.py
Lines changed: 10 additions & 0 deletions b/‎Lib/asyncio/selector_events.py
Lines changed: 10 additions & 0 deletions
@@ -172,6 +172,8 @@ The following data items and methods are also supported:
 
    Deprecated alias for :meth:`frombytes`.
 
+   .. deprecated-removed:: 3.2 3.9
+
 
 .. method:: array.fromunicode(s)
 
@@ -234,6 +236,8 @@ The following data items and methods are also supported:
 
    Deprecated alias for :meth:`tobytes`.
 
+   .. deprecated-removed:: 3.2 3.9
+
 
 .. method:: array.tounicode()
 
 
@@ -429,6 +429,21 @@ Opening network connections
                         reuse_address=None, reuse_port=None, \
                         allow_broadcast=None, sock=None)
 
+   .. note::
+      The parameter *reuse_address* is no longer supported, as using
+      :py:data:`~sockets.SO_REUSEADDR` poses a significant security concern for
+      UDP. Explicitly passing ``reuse_address=True`` will raise an exception.
+
+      When multiple processes with differing UIDs assign sockets to an
+      indentical UDP socket address with ``SO_REUSEADDR``, incoming packets can
+      become randomly distributed among the sockets.
+
+      For supported platforms, *reuse_port* can be used as a replacement for
+      similar functionality. With *reuse_port*,
+      :py:data:`~sockets.SO_REUSEPORT` is used instead, which specifically
+      prevents processes with differing UIDs from assigning sockets to the same
+      socket address.
+
    Create a datagram connection.
 
    The socket family can be either :py:data:`~socket.AF_INET`,
@@ -457,11 +472,6 @@ Opening network connections
      resolution. If given, these should all be integers from the
      corresponding :mod:`socket` module constants.
 
-   * *reuse_address* tells the kernel to reuse a local socket in
-     ``TIME_WAIT`` state, without waiting for its natural timeout to
-     expire. If not specified will automatically be set to ``True`` on
-     Unix.
-
    * *reuse_port* tells the kernel to allow this endpoint to be bound to the
      same port as other existing endpoints are bound to, so long as they all
      set this flag when being created. This option is not supported on Windows
@@ -485,6 +495,10 @@ Opening network connections
       The *family*, *proto*, *flags*, *reuse_address*, *reuse_port,
       *allow_broadcast*, and *sock* parameters were added.
 
+   .. versionchanged:: 3.7.6
+      The *reuse_address* parameter is no longer supported due to security
+      concerns.
+
 .. coroutinemethod:: loop.create_unix_connection(protocol_factory, \
                         path=None, \*, ssl=None, sock=None, \
                         server_hostname=None, ssl_handshake_timeout=None)
 
@@ -1247,6 +1247,9 @@ SSL sockets also have the following additional methods and attributes:
       The returned dictionary includes additional X509v3 extension items
         such as ``crlDistributionPoints``, ``caIssuers`` and ``OCSP`` URIs.
 
+   .. versionchanged:: 3.7.6
+      IPv6 address strings no longer have a trailing new line.
+
 .. method:: SSLSocket.cipher()
 
    Returns a three-value tuple containing the name of the cipher being used, the
 
@@ -18,12 +18,12 @@
 /*--start constants--*/
 #define PY_MAJOR_VERSION        3
 #define PY_MINOR_VERSION        7
-#define PY_MICRO_VERSION        5
-#define PY_RELEASE_LEVEL        PY_RELEASE_LEVEL_FINAL
-#define PY_RELEASE_SERIAL       0
+#define PY_MICRO_VERSION        6
+#define PY_RELEASE_LEVEL        PY_RELEASE_LEVEL_GAMMA
+#define PY_RELEASE_SERIAL       1
 
 /* Version as a string */
-#define PY_VERSION              "3.7.5+"
+#define PY_VERSION              "3.7.6rc1"
 /*--end constants--*/
 
 /* Version as a single 4-byte hex number, e.g. 0x010502B2 == 1.5.2b2.
 
@@ -61,6 +61,10 @@
 # Maximum timeout passed to select to avoid OS limitations
 MAXIMUM_SELECT_TIMEOUT = 24 * 3600
 
+# Used for deprecation and removal of `loop.create_datagram_endpoint()`'s
+# *reuse_address* parameter
+_unset = object()
+
 
 def _format_handle(handle):
     cb = handle._callback
@@ -1138,7 +1142,7 @@ async def start_tls(self, transport, protocol, sslcontext, *,
     async def create_datagram_endpoint(self, protocol_factory,
                                        local_addr=None, remote_addr=None, *,
                                        family=0, proto=0, flags=0,
-                                       reuse_address=None, reuse_port=None,
+                                       reuse_address=_unset, reuse_port=None,
                                        allow_broadcast=None, sock=None):
         """Create datagram connection."""
         if sock is not None:
@@ -1147,7 +1151,7 @@ async def create_datagram_endpoint(self, protocol_factory,
                     f'A UDP Socket was expected, got {sock!r}')
             if (local_addr or remote_addr or
                     family or proto or flags or
-                    reuse_address or reuse_port or allow_broadcast):
+                    reuse_port or allow_broadcast):
                 # show the problematic kwargs in exception msg
                 opts = dict(local_addr=local_addr, remote_addr=remote_addr,
                             family=family, proto=proto, flags=flags,
@@ -1201,8 +1205,18 @@ async def create_datagram_endpoint(self, protocol_factory,
 
             exceptions = []
 
-            if reuse_address is None:
-                reuse_address = os.name == 'posix' and sys.platform != 'cygwin'
+            # bpo-37228
+            if reuse_address is not _unset:
+                if reuse_address:
+                    raise ValueError("Passing `reuse_address=True` is no "
+                                     "longer supported, as the usage of "
+                                     "SO_REUSEPORT in UDP poses a significant "
+                                     "security concern.")
+                else:
+                    warnings.warn("The *reuse_address* parameter has been "
+                                  "deprecated as of 3.7.6 and is scheduled "
+                                  "for removal in 3.11.", DeprecationWarning,
+                                  stacklevel=2)
 
             for ((family, proto),
                  (local_address, remote_address)) in addr_pairs_info:
@@ -1211,9 +1225,6 @@ async def create_datagram_endpoint(self, protocol_factory,
                 try:
                     sock = socket.socket(
                         family=family, type=socket.SOCK_DGRAM, proto=proto)
-                    if reuse_address:
-                        sock.setsockopt(
-                            socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
                     if reuse_port:
                         _set_reuseport(sock)
                     if allow_broadcast:
 
@@ -39,6 +39,11 @@ def _test_selector_event(selector, fd, event):
         return bool(key.events & event)
 
 
+def _check_ssl_socket(sock):
+    if ssl is not None and isinstance(sock, ssl.SSLSocket):
+        raise TypeError("Socket cannot be of type SSLSocket")
+
+
 class BaseSelectorEventLoop(base_events.BaseEventLoop):
     """Selector event loop.
 
@@ -345,6 +350,7 @@ async def sock_recv(self, sock, n):
         The maximum amount of data to be received at once is specified by
         nbytes.
         """
+        _check_ssl_socket(sock)
         if self._debug and sock.gettimeout() != 0:
             raise ValueError("the socket must be non-blocking")
         fut = self.create_future()
@@ -378,6 +384,7 @@ async def sock_recv_into(self, sock, buf):
         The received data is written into *buf* (a writable buffer).
         The return value is the number of bytes written.
         """
+        _check_ssl_socket(sock)
         if self._debug and sock.gettimeout() != 0:
             raise ValueError("the socket must be non-blocking")
         fut = self.create_future()
@@ -415,6 +422,7 @@ async def sock_sendall(self, sock, data):
         raised, and there is no way to determine how much data, if any, was
         successfully processed by the receiving end of the connection.
         """
+        _check_ssl_socket(sock)
         if self._debug and sock.gettimeout() != 0:
             raise ValueError("the socket must be non-blocking")
         fut = self.create_future()
@@ -451,6 +459,7 @@ async def sock_connect(self, sock, address):
 
         This method is a coroutine.
         """
+        _check_ssl_socket(sock)
         if self._debug and sock.gettimeout() != 0:
             raise ValueError("the socket must be non-blocking")
 
@@ -508,6 +517,7 @@ async def sock_accept(self, sock):
         object usable to send and receive data on the connection, and address
         is the address bound to the socket on the other end of the connection.
         """
+        _check_ssl_socket(sock)
         if self._debug and sock.gettimeout() != 0:
             raise ValueError("the socket must be non-blocking")
         fut = self.create_future()