powerel7
/
base
2
0
Fork 0
Code Issues Pull Requests Releases Activity
Browse Source

m2crypto package creation 

Signed-off-by: basebuilder_pel7x64builder0 <basebuilder@powerel.org>
master
basebuilder_pel7x64builder0 6 years ago
parent
546c255152
commit
9a9e7ddc77
20 changed files with 3106 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 33
      SOURCES/m2crypto-0.20.2-check.patch
  2. 220
      SOURCES/m2crypto-0.20.2-fips.patch
  3. 23
      SOURCES/m2crypto-0.21.1-AES_crypt.patch
  4. 60
      SOURCES/m2crypto-0.21.1-IPv6.patch
  5. 57
      SOURCES/m2crypto-0.21.1-SAN-ip.patch
  6. 22
      SOURCES/m2crypto-0.21.1-SSL_CTX_new.patch
  7. 669
      SOURCES/m2crypto-0.21.1-certs.patch
  8. 11
      SOURCES/m2crypto-0.21.1-gcc_macros.patch
  9. 43
      SOURCES/m2crypto-0.21.1-https-proxy.patch
  10. 174
      SOURCES/m2crypto-0.21.1-memoryview.patch
  11. 166
      SOURCES/m2crypto-0.21.1-smime-doc.patch
  12. 43
      SOURCES/m2crypto-0.21.1-sni.patch
  13. 31
      SOURCES/m2crypto-0.21.1-ssl23.patch
  14. 162
      SOURCES/m2crypto-0.21.1-supported-ec.patch
  15. 30
      SOURCES/m2crypto-0.21.1-test_cookie_str_changed.patch
  16. 44
      SOURCES/m2crypto-0.21.1-tests-no-SIGHUP.patch
  17. 14
      SOURCES/m2crypto-0.21.1-tests-no-export-ciphers.patch
  18. 216
      SOURCES/m2crypto-0.21.1-tests-random-ports.patch
  19. 599
      SOURCES/m2crypto-0.21.1-timeouts.patch
  20. 489
      SPECS/m2crypto.spec

33
SOURCES/m2crypto-0.20.2-check.patch
Unescape View File

@ -0,0 +1,33 @@ @@ -0,0 +1,33 @@
diff -up M2Crypto-0.20.2/M2Crypto/SSL/Connection.py.check M2Crypto-0.20.2/M2Crypto/SSL/Connection.py
--- M2Crypto-0.20.2/M2Crypto/SSL/Connection.py.check 2010-07-09 00:05:56.000000000 +0200
+++ M2Crypto-0.20.2/M2Crypto/SSL/Connection.py 2010-07-09 00:08:20.677169899 +0200
@@ -54,6 +54,10 @@ class Connection:
self.ssl_close_flag = m2.bio_noclose
+ if self.ctx.post_connection_check is not None:
+ self.set_post_connection_check_callback \
+ (self.ctx.post_connection_check)
+
def __del__(self):
if getattr(self, 'sslbio', None):
diff -up M2Crypto-0.20.2/M2Crypto/SSL/Context.py.check M2Crypto-0.20.2/M2Crypto/SSL/Context.py
--- M2Crypto-0.20.2/M2Crypto/SSL/Context.py.check 2009-10-07 06:24:28.000000000 +0200
+++ M2Crypto-0.20.2/M2Crypto/SSL/Context.py 2010-07-09 00:06:47.551169489 +0200
@@ -36,12 +36,14 @@ class Context:
m2_ssl_ctx_free = m2.ssl_ctx_free
- def __init__(self, protocol='sslv23', weak_crypto=None):
+ def __init__(self, protocol='sslv23', weak_crypto=None,
+ post_connection_check=None):
proto = getattr(m2, protocol + '_method', None)
if proto is None:
raise ValueError, "no such protocol '%s'" % protocol
self.ctx = m2.ssl_ctx_new(proto())
self.allow_unknown_ca = 0
+ self.post_connection_check = post_connection_check
map()[long(self.ctx)] = self
m2.ssl_ctx_set_cache_size(self.ctx, 128L)
if weak_crypto is None:

220
SOURCES/m2crypto-0.20.2-fips.patch
Unescape View File

@ -0,0 +1,220 @@ @@ -0,0 +1,220 @@
diff -up M2Crypto-0.20.2/SWIG/_evp.i.fips M2Crypto-0.20.2/SWIG/_evp.i
--- M2Crypto-0.20.2/SWIG/_evp.i.fips 2010-05-19 07:06:44.029090567 +0200
+++ M2Crypto-0.20.2/SWIG/_evp.i 2010-05-19 07:06:44.049115516 +0200
@@ -250,7 +250,10 @@ PyObject *hmac_init(HMAC_CTX *ctx, PyObj
if (m2_PyObject_AsReadBufferInt(key, &kbuf, &klen) == -1)
return NULL;
- HMAC_Init(ctx, kbuf, klen, md);
+ if (!HMAC_Init(ctx, kbuf, klen, md)) {
+ PyErr_SetString(_evp_err, "HMAC_Init failed");
+ return NULL;
+ }
Py_INCREF(Py_None);
return Py_None;
}
@@ -262,7 +265,10 @@ PyObject *hmac_update(HMAC_CTX *ctx, PyO
if (PyObject_AsReadBuffer(blob, &buf, &len) == -1)
return NULL;
- HMAC_Update(ctx, buf, len);
+ if (!HMAC_Update(ctx, buf, len)) {
+ PyErr_SetString(_evp_err, "HMAC_Update failed");
+ return NULL;
+ }
Py_INCREF(Py_None);
return Py_None;
}
@@ -276,7 +282,10 @@ PyObject *hmac_final(HMAC_CTX *ctx) {
PyErr_SetString(PyExc_MemoryError, "hmac_final");
return NULL;
}
- HMAC_Final(ctx, blob, (unsigned int *)&blen);
+ if (!HMAC_Final(ctx, blob, (unsigned int *)&blen)) {
+ PyErr_SetString(_evp_err, "HMAC_Final failed");
+ return NULL;
+ }
ret = PyString_FromStringAndSize(blob, blen);
PyMem_Free(blob);
return ret;
diff -up M2Crypto-0.20.2/SWIG/_rsa.i.fips M2Crypto-0.20.2/SWIG/_rsa.i
--- M2Crypto-0.20.2/SWIG/_rsa.i.fips 2010-05-19 07:06:44.030090773 +0200
+++ M2Crypto-0.20.2/SWIG/_rsa.i 2010-05-19 07:06:44.038095292 +0200
@@ -423,15 +423,17 @@ void genrsa_callback(int p, int n, void
Py_XDECREF(ret);
}
-RSA *rsa_generate_key(int bits, unsigned long e, PyObject *pyfunc) {
+PyObject *rsa_generate_key(int bits, unsigned long e, PyObject *pyfunc) {
RSA *rsa;
Py_INCREF(pyfunc);
rsa = RSA_generate_key(bits, e, genrsa_callback, (void *)pyfunc);
Py_DECREF(pyfunc);
- if (!rsa)
+ if (!rsa) {
PyErr_SetString(_rsa_err, ERR_reason_error_string(ERR_get_error()));
- return rsa;
+ return NULL;
+ }
+ return SWIG_NewPointerObj((void *)rsa, SWIGTYPE_p_RSA, 0);
}
int rsa_type_check(RSA *rsa) {
diff -up M2Crypto-0.20.2/tests/test_evp.py.fips M2Crypto-0.20.2/tests/test_evp.py
--- M2Crypto-0.20.2/tests/test_evp.py.fips 2009-10-07 06:24:44.000000000 +0200
+++ M2Crypto-0.20.2/tests/test_evp.py 2010-05-19 07:06:44.039121270 +0200
@@ -97,7 +97,7 @@ class EVPTestCase(unittest.TestCase):
"""
Testing retrieving the RSA key from the PKey instance.
"""
- rsa = RSA.gen_key(512, 3, callback=self._gen_callback)
+ rsa = RSA.gen_key(1024, 3, callback=self._gen_callback)
assert isinstance(rsa, RSA.RSA)
pkey = EVP.PKey()
pkey.assign_rsa(rsa)
@@ -130,7 +130,7 @@ class EVPTestCase(unittest.TestCase):
pkey = EVP.PKey()
self.assertRaises(ValueError, pkey.get_modulus)
- rsa = RSA.gen_key(512, 3, callback=self._gen_callback)
+ rsa = RSA.gen_key(1024, 3, callback=self._gen_callback)
pkey.assign_rsa(rsa)
mod = pkey.get_modulus()
assert len(mod) > 0, mod
@@ -373,21 +373,21 @@ class PBKDF2TestCase(unittest.TestCase):
class HMACTestCase(unittest.TestCase):
data1=['', 'More text test vectors to stuff up EBCDIC machines :-)', \
- h2b("e9139d1e6ee064ef8cf514fc7dc83e86")]
+ h2b("b760e92d6662d351eb3801057695ac0346295356")]
data2=[h2b('0b'*16), "Hi There", \
- h2b("9294727a3638bb1c13f48ef8158bfc9d")]
+ h2b("675b0b3a1b4ddf4e124872da6c2f632bfed957e9")]
data3=['Jefe', "what do ya want for nothing?", \
- h2b("750c783e6ab0b503eaa86e310a5db738")]
+ h2b("effcdf6ae5eb2fa2d27416d5f184df9c259a7c79")]
data4=[h2b('aa'*16), h2b('dd'*50), \
- h2b("0x56be34521d144c88dbb8c733f0e8b3f6")]
+ h2b("d730594d167e35d5956fd8003d0db3d3f46dc7bb")]
data=[data1, data2, data3, data4]
def test_simple(self):
- algo = 'md5'
+ algo = 'sha1'
for d in self.data:
h = EVP.HMAC(d[0], algo)
h.update(d[1])
diff -up M2Crypto-0.20.2/tests/test_rc4.py.fips M2Crypto-0.20.2/tests/test_rc4.py
--- M2Crypto-0.20.2/tests/test_rc4.py.fips 2009-10-07 06:24:39.000000000 +0200
+++ M2Crypto-0.20.2/tests/test_rc4.py 2010-05-19 07:08:10.754839354 +0200
@@ -8,12 +8,16 @@ import unittest
from binascii import hexlify
from M2Crypto import RC4
+from fips import fips_mode
+
class RC4TestCase(unittest.TestCase):
def test_vectors(self):
"""
Test with test vectors from Wikipedia: http://en.wikipedia.org/wiki/Rc4
"""
+ if fips_mode:
+ return
vectors = (('Key', 'Plaintext', 'BBF316E8D940AF0AD3'),
('Wiki', 'pedia', '1021BF0420'),
('Secret', 'Attack at dawn', '45A01F645FC35B383552544B9BF5'))
@@ -26,6 +30,8 @@ class RC4TestCase(unittest.TestCase):
self.assertEqual(rc4.final(), '')
def test_bad(self):
+ if fips_mode:
+ return
rc4 = RC4.RC4('foo')
self.assertNotEqual(hexlify(rc4.update('bar')).upper(), '45678')
diff -up M2Crypto-0.20.2/tests/test_rsa.py.fips M2Crypto-0.20.2/tests/test_rsa.py
--- M2Crypto-0.20.2/tests/test_rsa.py.fips 2009-10-07 06:26:42.000000000 +0200
+++ M2Crypto-0.20.2/tests/test_rsa.py 2010-05-19 07:06:44.039121270 +0200
@@ -8,6 +8,8 @@ import unittest
import sha, md5, os, sys
from M2Crypto import RSA, BIO, Rand, m2, EVP, X509
+from fips import fips_mode
+
class RSATestCase(unittest.TestCase):
errkey = 'tests/dsa.priv.pem'
@@ -187,9 +189,10 @@ class RSATestCase(unittest.TestCase):
else:
import hashlib
- algos = {'sha1': 43,
- 'ripemd160': 43,
- 'md5': 47}
+ algos = {'sha1': 43}
+ if not fips_mode:
+ algos['md5'] = 47
+ algos['ripemd160'] = 43
if m2.OPENSSL_VERSION_NUMBER >= 0x90800F:
algos['sha224'] = 35
@@ -217,7 +220,7 @@ class RSATestCase(unittest.TestCase):
"""
rsa = RSA.load_key(self.privkey)
message = "This is the message string"
- digest = md5.md5(message).digest()
+ digest = 'a' * 16
self.assertRaises(ValueError, rsa.sign,
digest, 'bad_digest_method')
@@ -227,7 +230,7 @@ class RSATestCase(unittest.TestCase):
"""
rsa = RSA.load_key(self.privkey)
message = "This is the message string"
- digest = md5.md5(message).digest()
+ digest = 'a' * 16
signature = rsa.sign(digest, 'sha1')
self.assertRaises(ValueError, rsa.verify,
digest, signature, 'bad_digest_method')
diff -up M2Crypto-0.20.2/tests/test_smime.py.fips M2Crypto-0.20.2/tests/test_smime.py
--- M2Crypto-0.20.2/tests/test_smime.py.fips 2010-05-19 07:06:44.035105357 +0200
+++ M2Crypto-0.20.2/tests/test_smime.py 2010-05-19 07:06:44.040120779 +0200
@@ -219,7 +219,7 @@ class WriteLoadTestCase(unittest.TestCas
buf = BIO.MemoryBuffer()
assert SMIME.load_pkcs7(self.filename).write_der(buf) == 1
s = buf.read()
- assert len(s) in (1204, 1243), len(s)
+ assert len(s) in (1188, 1204, 1243), len(s)
def test_load_pkcs7(self):
assert SMIME.load_pkcs7(self.filename).type() == SMIME.PKCS7_SIGNED
diff -up M2Crypto-0.20.2/tests/test_ssl.py.fips M2Crypto-0.20.2/tests/test_ssl.py
--- M2Crypto-0.20.2/tests/test_ssl.py.fips 2010-05-19 07:06:44.019113781 +0200
+++ M2Crypto-0.20.2/tests/test_ssl.py 2010-05-19 07:06:44.040120779 +0200
@@ -51,7 +51,7 @@ class VerifyCB:
def __call__(self, ok, store):
return verify_cb_new_function(ok, store)
-sleepTime = float(os.getenv('M2CRYPTO_TEST_SSL_SLEEP', 0.5))
+sleepTime = float(os.getenv('M2CRYPTO_TEST_SSL_SLEEP', 1.5))
def find_openssl():
if os.name == 'nt' or sys.platform == 'cygwin':
diff -up M2Crypto-0.20.2/tests/test_x509.py.fips M2Crypto-0.20.2/tests/test_x509.py
--- M2Crypto-0.20.2/tests/test_x509.py.fips 2010-05-19 07:06:44.019113781 +0200
+++ M2Crypto-0.20.2/tests/test_x509.py 2010-05-19 07:06:44.040120779 +0200
@@ -394,7 +394,7 @@ class X509TestCase(unittest.TestCase):
return
def test_load_request_bio(self):
- (req, _) = self.mkreq(512)
+ (req, _) = self.mkreq(1024)
r1 = X509.load_request_der_string(req.as_der())
r2 = X509.load_request_string(req.as_der(), X509.FORMAT_DER)

23
SOURCES/m2crypto-0.21.1-AES_crypt.patch
Unescape View File

@ -0,0 +1,23 @@ @@ -0,0 +1,23 @@
Index: SWIG/_aes.i
===================================================================
--- SWIG/_aes.i (revision 724)
+++ SWIG/_aes.i (working copy)
@@ -64,6 +64,7 @@
const void *buf;
Py_ssize_t len;
unsigned char *out;
+ PyObject *res;
if (PyObject_AsReadBuffer(in, &buf, &len) == -1)
return NULL;
@@ -76,7 +77,9 @@
AES_encrypt((const unsigned char *)in, out, key);
else
AES_decrypt((const unsigned char *)in, out, key);
- return PyString_FromStringAndSize((char*)out, outlen);
+ res = PyString_FromStringAndSize((char*)out, outlen);
+ PyMem_Free(out);
+ return res;
}
int AES_type_check(AES_KEY *key) {

60
SOURCES/m2crypto-0.21.1-IPv6.patch
Unescape View File

@ -0,0 +1,60 @@ @@ -0,0 +1,60 @@
diff -urN M2Crypto/M2Crypto/httpslib.py M2Crypto-0.21.1/M2Crypto/httpslib.py
--- M2Crypto/M2Crypto/httpslib.py 2011-01-15 20:10:05.000000000 +0100
+++ M2Crypto-0.21.1/M2Crypto/httpslib.py 2012-03-13 15:04:13.848836581 +0100
@@ -44,10 +44,33 @@
HTTPConnection.__init__(self, host, port, strict)
def connect(self):
- self.sock = SSL.Connection(self.ssl_ctx)
- if self.session:
- self.sock.set_session(self.session)
- self.sock.connect((self.host, self.port))
+ error = None
+ # We ignore the returned sockaddr because SSL.Connection.connect needs
+ # a host name.
+ for (family, _, _, _, _) in \
+ socket.getaddrinfo(self.host, self.port, 0, socket.SOCK_STREAM):
+ sock = None
+ try:
+ try:
+ sock = SSL.Connection(self.ssl_ctx, family=family)
+ if self.session is not None:
+ sock.set_session(self.session)
+ sock.connect((self.host, self.port))
+
+ self.sock = sock
+ sock = None
+ return
+ except socket.error, e:
+ # Other exception are probably SSL-related, in that case we
+ # abort and the exception is forwarded to the caller.
+ error = e
+ finally:
+ if sock is not None:
+ sock.close()
+
+ if error is None:
+ raise AssertionError("Empty list returned by getaddrinfo")
+ raise error
def close(self):
# This kludges around line 545 of httplib.py,
diff -urN M2Crypto/M2Crypto/SSL/Connection.py M2Crypto-0.21.1/M2Crypto/SSL/Connection.py
--- M2Crypto/M2Crypto/SSL/Connection.py 2012-03-13 15:00:25.058411492 +0100
+++ M2Crypto-0.21.1/M2Crypto/SSL/Connection.py 2012-03-13 15:04:13.849836578 +0100
@@ -38,13 +38,13 @@
m2_bio_free = m2.bio_free
m2_ssl_free = m2.ssl_free
- def __init__(self, ctx, sock=None):
+ def __init__(self, ctx, sock=None, family=socket.AF_INET):
self.ctx = ctx
self.ssl = m2.ssl_new(self.ctx.ctx)
if sock is not None:
self.socket = sock
else:
- self.socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+ self.socket = socket.socket(family, socket.SOCK_STREAM)
self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
self._fileno = self.socket.fileno()

57
SOURCES/m2crypto-0.21.1-SAN-ip.patch
Unescape View File

@ -0,0 +1,57 @@ @@ -0,0 +1,57 @@
diff -ur M2Crypto/M2Crypto/SSL/Checker.py M2Crypto-0.21.1/M2Crypto/SSL/Checker.py
--- M2Crypto/M2Crypto/SSL/Checker.py 2011-01-15 20:10:05.000000000 +0100
+++ M2Crypto-0.21.1/M2Crypto/SSL/Checker.py 2015-07-07 16:41:53.887094222 +0200
@@ -11,6 +11,7 @@
'WrongHost', 'Checker']
from M2Crypto import util, EVP, m2
+import socket
import re
class SSLVerificationError(Exception):
@@ -161,6 +162,10 @@
self.useSubjectAltNameOnly = True
if self._match(host, certHost[4:]):
return True
+ elif certHost[:11] == 'ip address:':
+ self.useSubjectAltNameOnly = True
+ if self._matchIPAddress(host, certHost[11:]):
+ return True
return False
@@ -218,6 +223,34 @@
return False
+ def _matchIPAddress(self, host, certHost):
+ """
+ >>> check = Checker()
+ >>> check._matchIPAddress(host='my.example.com', certHost='my.example.com')
+ False
+ >>> check._matchIPAddress(host='1.2.3.4', certHost='1.2.3.4')
+ True
+ >>> check._matchIPAddress(host='1.2.3.4', certHost='*.2.3.4')
+ False
+ >>> check._matchIPAddress(host='1.2.3.4', certHost='1.2.3.40')
+ False
+ >>> check._matchIPAddress(host='::1', certHost='::1')
+ True
+ >>> check._matchIPAddress(host='::1', certHost='0:0:0:0:0:0:0:1')
+ True
+ >>> check._matchIPAddress(host='::1', certHost='::2')
+ False
+ """
+ try:
+ canonical = socket.getaddrinfo(host, 0, 0, socket.SOCK_STREAM, 0,
+ socket.AI_NUMERICHOST)
+ certCanonical = socket.getaddrinfo(certHost, 0, 0,
+ socket.SOCK_STREAM, 0,
+ socket.AI_NUMERICHOST)
+ except:
+ return False
+ return canonical == certCanonical
+
if __name__ == '__main__':
import doctest

22
SOURCES/m2crypto-0.21.1-SSL_CTX_new.patch
Unescape View File

@ -0,0 +1,22 @@ @@ -0,0 +1,22 @@
diff -ur M2Crypto/SWIG/_ssl.i M2Crypto-0.21.1/SWIG/_ssl.i
--- M2Crypto/SWIG/_ssl.i 2013-12-07 05:11:09.638393899 +0100
+++ M2Crypto-0.21.1/SWIG/_ssl.i 2013-12-07 05:54:06.791902199 +0100
@@ -60,8 +60,18 @@
%rename(tlsv1_method) TLSv1_method;
extern SSL_METHOD *TLSv1_method(void);
+%typemap(out) SSL_CTX * {
+ if ($1 != NULL)
+ $result = SWIG_NewPointerObj($1, $1_descriptor, 0);
+ else {
+ PyErr_SetString(_ssl_err, ERR_reason_error_string(ERR_get_error()));
+ $result = NULL;
+ }
+}
%rename(ssl_ctx_new) SSL_CTX_new;
extern SSL_CTX *SSL_CTX_new(SSL_METHOD *);
+%typemap(out) SSL_CTX *;
+
%rename(ssl_ctx_free) SSL_CTX_free;
extern void SSL_CTX_free(SSL_CTX *);
%rename(ssl_ctx_set_verify_depth) SSL_CTX_set_verify_depth;

669
SOURCES/m2crypto-0.21.1-certs.patch
Unescape View File

@ -0,0 +1,669 @@ @@ -0,0 +1,669 @@
Index: tests/ca.pem
===================================================================
--- tests/ca.pem (revision 739)
+++ tests/ca.pem (working copy)
@@ -2,61 +2,56 @@
Data:
Version: 3 (0x2)
Serial Number:
- d1:b6:bf:af:06:17:8c:bd
+ b4:7e:b2:de:87:00:03:0b
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, O=M2Crypto, CN=Heikki Toivonen
Validity
- Not Before: Jul 28 04:30:50 2009 GMT
- Not After : Jul 27 04:30:50 2012 GMT
+ Not Before: Nov 21 15:31:30 2012 GMT
+ Not After : Nov 21 15:31:30 2015 GMT
Subject: C=US, ST=California, O=M2Crypto, CN=Heikki Toivonen
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:c8:9b:59:18:c2:bf:21:68:dc:d4:62:30:1f:43:
- 29:52:85:8d:36:fc:20:7f:11:1b:c6:f3:e6:c2:7a:
- d0:17:0e:6e:78:43:21:e9:e2:df:9f:31:87:e8:7a:
- 37:88:1f:a4:56:a1:e9:cb:13:7b:1b:c0:28:cf:5a:
- db:a3:e7:50:6c:c6:55:76:e3:61:e8:73:4b:c2:8c:
- ee:1c:29:c1:ee:2d:fd:e2:30:34:69:06:ea:d0:af:
- bd:c5:db:86:70:92:26:0a:33:1b:70:a9:e7:6e:a4:
- 2e:ee:4a:8a:f3:b2:6c:c9:97:28:39:28:28:3f:c5:
- 90:4d:4e:83:0a:0e:cd:98:93
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:d2:2f:57:58:be:05:6d:45:14:d0:70:90:56:10:
+ 80:f6:e3:e6:8a:ff:1e:0b:58:fa:a1:e6:95:a1:23:
+ 8d:01:c6:48:85:99:ab:f9:1b:e0:9a:15:6a:d1:50:
+ 73:fb:8f:7c:d2:73:4e:4a:c0:88:f9:54:f9:86:d9:
+ 01:86:4e:02:68:bc:d0:1c:8d:d2:2e:ce:7e:54:ac:
+ 45:a5:b7:39:c6:e9:f4:e0:70:2c:57:e6:21:24:f6:
+ 52:f8:fa:0b:b3:63:53:ea:eb:11:ca:ef:90:32:9f:
+ 15:08:6b:2d:0e:3d:61:69:22:f2:0f:dc:08:65:45:
+ 34:a2:29:8e:66:5e:45:95:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- AD:64:45:74:8F:83:C7:2C:D5:D7:A0:85:91:10:40:9A:9C:96:CF:EE
+ 80:D9:6A:1E:15:FE:8B:61:51:62:60:4D:B3:CC:95:44:78:2D:89:E6
X509v3 Authority Key Identifier:
- keyid:AD:64:45:74:8F:83:C7:2C:D5:D7:A0:85:91:10:40:9A:9C:96:CF:EE
- DirName:/C=US/ST=California/O=M2Crypto/CN=Heikki Toivonen
- serial:D1:B6:BF:AF:06:17:8C:BD
+ keyid:80:D9:6A:1E:15:FE:8B:61:51:62:60:4D:B3:CC:95:44:78:2D:89:E6
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
- c8:11:af:7d:6d:fb:1c:82:0d:c0:e7:41:f4:b2:a5:b0:69:6d:
- 18:e3:04:aa:49:e6:4a:69:6d:c3:e3:8b:ab:d1:18:ac:72:ef:
- 48:9e:49:c7:57:75:2d:00:1e:08:9f:c3:dc:ca:5f:91:38:0d:
- ac:f8:1f:cc:fc:f7:c2:5b:ce:d7:0c:cf:b2:fe:c9:a9:ce:b8:
- 07:45:17:1c:cf:b3:07:f9:1f:69:6a:94:03:be:62:62:9c:af:
- a2:24:25:2d:1f:63:0a:91:6b:bb:e3:6c:ec:20:de:80:d3:04:
- b4:5e:42:1f:27:bc:1f:79:98:18:ba:fb:8a:34:24:a9:40:1e:
- b9:7b
+ b0:37:88:ab:56:c5:19:e7:1b:d2:d3:c0:00:98:ff:f0:0a:35:
+ 89:ff:a0:a8:14:bd:fc:84:b6:ee:6b:05:92:20:87:58:38:69:
+ b2:16:b8:89:f3:4f:3c:9d:0f:da:b6:ea:35:9f:cf:e9:4f:05:
+ 19:8b:6a:06:68:51:96:1c:0f:60:23:80:19:ff:cd:3e:2b:4b:
+ 0c:1a:ff:bd:f6:0d:6b:11:25:0f:ba:87:2c:46:47:c0:32:e8:
+ 8a:14:4c:30:26:35:2b:58:9c:6b:c6:0e:d1:e3:c8:6a:b0:c0:
+ e0:82:98:77:07:2e:67:ba:0c:e5:a5:04:0d:81:ca:54:92:b5:
+ 27:fa
-----BEGIN CERTIFICATE-----
-MIICzjCCAjegAwIBAgIJANG2v68GF4y9MA0GCSqGSIb3DQEBBQUAME8xCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQKEwhNMkNyeXB0bzEY
-MBYGA1UEAxMPSGVpa2tpIFRvaXZvbmVuMB4XDTA5MDcyODA0MzA1MFoXDTEyMDcy
-NzA0MzA1MFowTzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAP
-BgNVBAoTCE0yQ3J5cHRvMRgwFgYDVQQDEw9IZWlra2kgVG9pdm9uZW4wgZ8wDQYJ
-KoZIhvcNAQEBBQADgY0AMIGJAoGBAMibWRjCvyFo3NRiMB9DKVKFjTb8IH8RG8bz
-5sJ60BcObnhDIeni358xh+h6N4gfpFah6csTexvAKM9a26PnUGzGVXbjYehzS8KM
-7hwpwe4t/eIwNGkG6tCvvcXbhnCSJgozG3Cp526kLu5KivOybMmXKDkoKD/FkE1O
-gwoOzZiTAgMBAAGjgbEwga4wHQYDVR0OBBYEFK1kRXSPg8cs1deghZEQQJqcls/u
-MH8GA1UdIwR4MHaAFK1kRXSPg8cs1deghZEQQJqcls/uoVOkUTBPMQswCQYDVQQG
-EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEChMITTJDcnlwdG8xGDAW
-BgNVBAMTD0hlaWtraSBUb2l2b25lboIJANG2v68GF4y9MAwGA1UdEwQFMAMBAf8w
-DQYJKoZIhvcNAQEFBQADgYEAyBGvfW37HIINwOdB9LKlsGltGOMEqknmSmltw+OL
-q9EYrHLvSJ5Jx1d1LQAeCJ/D3MpfkTgNrPgfzPz3wlvO1wzPsv7Jqc64B0UXHM+z
-B/kfaWqUA75iYpyvoiQlLR9jCpFru+Ns7CDegNMEtF5CHye8H3mYGLr7ijQkqUAe
-uXs=
+MIICbDCCAdWgAwIBAgIJALR+st6HAAMLMA0GCSqGSIb3DQEBBQUAME8xCzAJBgNV
+BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQKDAhNMkNyeXB0bzEY
+MBYGA1UEAwwPSGVpa2tpIFRvaXZvbmVuMB4XDTEyMTEyMTE1MzEzMFoXDTE1MTEy
+MTE1MzEzMFowTzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAP
+BgNVBAoMCE0yQ3J5cHRvMRgwFgYDVQQDDA9IZWlra2kgVG9pdm9uZW4wgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBANIvV1i+BW1FFNBwkFYQgPbj5or/HgtY+qHm
+laEjjQHGSIWZq/kb4JoVatFQc/uPfNJzTkrAiPlU+YbZAYZOAmi80ByN0i7OflSs
+RaW3Ocbp9OBwLFfmIST2Uvj6C7NjU+rrEcrvkDKfFQhrLQ49YWki8g/cCGVFNKIp
+jmZeRZWRAgMBAAGjUDBOMB0GA1UdDgQWBBSA2WoeFf6LYVFiYE2zzJVEeC2J5jAf
+BgNVHSMEGDAWgBSA2WoeFf6LYVFiYE2zzJVEeC2J5jAMBgNVHRMEBTADAQH/MA0G
+CSqGSIb3DQEBBQUAA4GBALA3iKtWxRnnG9LTwACY//AKNYn/oKgUvfyEtu5rBZIg
+h1g4abIWuInzTzydD9q26jWfz+lPBRmLagZoUZYcD2AjgBn/zT4rSwwa/732DWsR
+JQ+6hyxGR8Ay6IoUTDAmNStYnGvGDtHjyGqwwOCCmHcHLme6DOWlBA2BylSStSf6
-----END CERTIFICATE-----
Index: tests/recipient.pem
===================================================================
--- tests/recipient.pem (revision 739)
+++ tests/recipient.pem (working copy)
@@ -2,26 +2,26 @@
Data:
Version: 3 (0x2)
Serial Number:
- d1:b6:bf:af:06:17:8c:c1
+ b4:7e:b2:de:87:00:03:0f
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, O=M2Crypto, CN=Heikki Toivonen
Validity
- Not Before: Jul 28 04:39:19 2009 GMT
- Not After : Jul 26 04:39:19 2019 GMT
+ Not Before: Nov 21 15:39:34 2012 GMT
+ Not After : Jan 8 15:39:34 2023 GMT
Subject: C=US, ST=California, O=M2Crypto, CN=Recipient/emailAddress=recipient@example.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:c2:21:a3:4f:64:59:9c:21:39:21:d2:3c:e7:0a:
- 60:72:c8:39:b3:c3:27:4a:6d:56:8f:a0:5d:1b:c6:
- e4:3e:26:61:09:a9:ae:04:83:69:3f:9d:2b:12:7e:
- d4:f7:8e:d0:6e:a9:8c:9b:d1:bf:17:0c:bd:d0:73:
- 99:02:6e:7e:cb:7a:80:2d:cf:b1:29:c0:30:36:3f:
- 68:12:3e:4e:bf:f9:8b:3d:1d:56:af:24:94:ae:d5:
- 59:b4:00:50:0c:c0:2b:59:c3:99:b3:8a:19:f1:86:
- 14:bd:ee:e9:c4:f1:d7:6a:0c:e9:67:8a:94:9a:2d:
- 2d:60:25:22:c6:72:68:c2:0d
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:ac:b6:2e:f0:34:34:7d:d4:e6:63:79:60:53:b9:
+ fe:91:a5:bf:49:ec:99:4c:33:2f:85:96:55:e8:09:
+ dc:18:47:1a:72:49:04:a2:e8:78:73:57:c7:bb:e9:
+ c7:aa:c5:07:84:14:b6:01:1c:e3:8a:fd:f3:19:01:
+ 11:9d:48:bc:24:8a:0f:c6:40:ed:d7:30:b1:92:ab:
+ c2:61:8c:5d:ea:08:c6:c4:d6:a5:22:00:d9:aa:da:
+ 57:5d:cc:2f:1a:35:1b:31:de:dc:c7:3b:83:91:38:
+ d9:07:e1:c7:a7:54:bd:94:95:10:c6:2d:dc:00:e1:
+ 28:99:b5:3b:28:95:aa:4e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
@@ -29,33 +29,33 @@
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
- 11:CB:60:AC:55:85:52:84:C5:C8:20:5A:50:13:D0:89:C7:7A:B7:81
+ CD:26:EB:42:79:6D:04:7F:95:23:46:1E:03:C9:40:2D:D2:00:AE:71
X509v3 Authority Key Identifier:
- keyid:AD:64:45:74:8F:83:C7:2C:D5:D7:A0:85:91:10:40:9A:9C:96:CF:EE
+ keyid:80:D9:6A:1E:15:FE:8B:61:51:62:60:4D:B3:CC:95:44:78:2D:89:E6
Signature Algorithm: sha1WithRSAEncryption
- 87:56:17:6d:ba:3b:a6:c4:22:af:20:f1:a0:e5:9d:27:c4:50:
- bd:79:eb:d2:84:e5:9a:00:5f:5d:5a:c3:34:58:77:f5:a9:00:
- f9:76:e9:2d:89:b4:3f:9d:e3:cf:15:0c:64:1b:0a:03:db:e4:
- 6f:2b:ff:1c:82:89:1a:0f:7e:83:58:0f:e6:da:af:26:97:49:
- 4a:59:d7:61:3f:4b:ed:1d:5b:51:00:3b:83:96:c7:1e:3d:84:
- f4:91:1f:70:69:12:b9:a7:2c:5b:1b:05:cd:74:90:2b:a0:ba:
- e7:70:cd:6b:7d:ac:be:d7:92:50:e9:f5:c0:42:29:04:ef:8f:
- a1:68
+ a9:5e:b2:4c:24:15:dd:49:d1:4d:e3:dd:e3:da:6b:23:99:45:
+ 2d:a1:84:f2:9b:6e:48:3c:e9:ce:f8:7f:f3:1f:d3:85:99:94:
+ 7e:19:8c:ca:be:3a:ca:97:b9:de:c8:4f:08:28:fc:7f:24:37:
+ 95:e1:d5:60:97:07:2b:be:62:f4:02:1d:27:8f:9e:0d:36:1a:
+ d5:45:6f:27:c3:34:21:13:1b:28:93:9d:cb:a6:30:0d:8f:4a:
+ 5f:4c:4a:97:7b:fe:ed:ce:18:84:5a:ec:4f:f8:84:2e:cb:72:
+ 28:90:cb:e3:5a:f4:83:16:bd:a8:ef:f0:f5:12:6c:26:3e:af:
+ c7:a8
-----BEGIN CERTIFICATE-----
-MIICtzCCAiCgAwIBAgIJANG2v68GF4zBMA0GCSqGSIb3DQEBBQUAME8xCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQKEwhNMkNyeXB0bzEY
-MBYGA1UEAxMPSGVpa2tpIFRvaXZvbmVuMB4XDTA5MDcyODA0MzkxOVoXDTE5MDcy
-NjA0MzkxOVowbzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAP
-BgNVBAoTCE0yQ3J5cHRvMRIwEAYDVQQDEwlSZWNpcGllbnQxJDAiBgkqhkiG9w0B
+MIICtzCCAiCgAwIBAgIJALR+st6HAAMPMA0GCSqGSIb3DQEBBQUAME8xCzAJBgNV
+BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQKDAhNMkNyeXB0bzEY
+MBYGA1UEAwwPSGVpa2tpIFRvaXZvbmVuMB4XDTEyMTEyMTE1MzkzNFoXDTIzMDEw
+ODE1MzkzNFowbzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAP
+BgNVBAoMCE0yQ3J5cHRvMRIwEAYDVQQDDAlSZWNpcGllbnQxJDAiBgkqhkiG9w0B
CQEWFXJlY2lwaWVudEBleGFtcGxlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
-gYkCgYEAwiGjT2RZnCE5IdI85wpgcsg5s8MnSm1Wj6BdG8bkPiZhCamuBINpP50r
-En7U947QbqmMm9G/Fwy90HOZAm5+y3qALc+xKcAwNj9oEj5Ov/mLPR1WrySUrtVZ
-tABQDMArWcOZs4oZ8YYUve7pxPHXagzpZ4qUmi0tYCUixnJowg0CAwEAAaN7MHkw
+gYkCgYEArLYu8DQ0fdTmY3lgU7n+kaW/SeyZTDMvhZZV6AncGEcackkEouh4c1fH
+u+nHqsUHhBS2ARzjiv3zGQERnUi8JIoPxkDt1zCxkqvCYYxd6gjGxNalIgDZqtpX
+XcwvGjUbMd7cxzuDkTjZB+HHp1S9lJUQxi3cAOEombU7KJWqTtUCAwEAAaN7MHkw
CQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2Vy
-dGlmaWNhdGUwHQYDVR0OBBYEFBHLYKxVhVKExcggWlAT0InHereBMB8GA1UdIwQY
-MBaAFK1kRXSPg8cs1deghZEQQJqcls/uMA0GCSqGSIb3DQEBBQUAA4GBAIdWF226
-O6bEIq8g8aDlnSfEUL1569KE5ZoAX11awzRYd/WpAPl26S2JtD+d488VDGQbCgPb
-5G8r/xyCiRoPfoNYD+baryaXSUpZ12E/S+0dW1EAO4OWxx49hPSRH3BpErmnLFsb
-Bc10kCuguudwzWt9rL7XklDp9cBCKQTvj6Fo
+dGlmaWNhdGUwHQYDVR0OBBYEFM0m60J5bQR/lSNGHgPJQC3SAK5xMB8GA1UdIwQY
+MBaAFIDZah4V/othUWJgTbPMlUR4LYnmMA0GCSqGSIb3DQEBBQUAA4GBAKleskwk
+Fd1J0U3j3ePaayOZRS2hhPKbbkg86c74f/Mf04WZlH4ZjMq+OsqXud7ITwgo/H8k
+N5Xh1WCXByu+YvQCHSePng02GtVFbyfDNCETGyiTncumMA2PSl9MSpd7/u3OGIRa
+7E/4hC7LciiQy+Na9IMWvajv8PUSbCY+r8eo
-----END CERTIFICATE-----
Index: tests/recipient_key.pem
===================================================================
--- tests/recipient_key.pem (revision 739)
+++ tests/recipient_key.pem (working copy)
@@ -1,15 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDCIaNPZFmcITkh0jznCmByyDmzwydKbVaPoF0bxuQ+JmEJqa4E
-g2k/nSsSftT3jtBuqYyb0b8XDL3Qc5kCbn7LeoAtz7EpwDA2P2gSPk6/+Ys9HVav
-JJSu1Vm0AFAMwCtZw5mzihnxhhS97unE8ddqDOlnipSaLS1gJSLGcmjCDQIDAQAB
-AoGAZlrJ+kAUpyc1Mkng5ogoFhzPn6ITg0Bm1U9eCBkzmjkuDKQ0JhkLUwkQ/q10
-qBnad55ZjoZmVEbZhaCNWiTcIIy0nKAMWNKRcg3vTgrnbmbjco1HECDStfJKogZl
-7egoIImHnU1f/IeKQDUYUfs/INonmnnZ1d2jrU7QsdTz84ECQQDzhT0UwP8S1oma
-0IBgeUOt5ptZs7nFdZnbIKCd+ADra6NiQznokCHe5K0WZHqPKvN9asKx1u0h+97H
-Wmk6Fw7RAkEAzBR1+mTRSrlJT8/NTCsIDPtCK/+OhmGbNy1pfsOWq1lN58Za5HV7
-fmtaH2No+MP+DlfNigsg557GzAYl2ZumfQJAHQj33W+dehuGUKUniVksDqH+R9W8
-AqUg8RWU0QDu6yLsWhz13JrCzxao5JCaZFOUsJF4IUglAfZL+6z1+u0g4QJAH5aL
-LFaujoJfdpsTi9adSGUbuPO1e9dfzwqYaaaci6knBdkN+I62rrqvGGyqstajXFT6
-24MddLx+yNWqxiPxgQJBAKF8YiR4eLqLSnq4ftqCqVCC1XbA2H9b7G5RBWi00WFq
-3Nx+B/wjLzbqsMamTCIDUCEW+MzFx6otCxduDZRMKH8=
+MIICWwIBAAKBgQCsti7wNDR91OZjeWBTuf6Rpb9J7JlMMy+FllXoCdwYRxpySQSi
+6HhzV8e76ceqxQeEFLYBHOOK/fMZARGdSLwkig/GQO3XMLGSq8JhjF3qCMbE1qUi
+ANmq2lddzC8aNRsx3tzHO4ORONkH4cenVL2UlRDGLdwA4SiZtTsolapO1QIDAQAB
+AoGAXMxCqiOStK2I4Jfdzv7XrlA9WK38rDmwZfmhzNxHWvARYKilChcYaPkYQ3pY
+IwRchnZOWIi6JftO+/dcDIOBOsqlIRPcy7T1rMrNoouNy5IglzL5nAUfkGiPzm7Q
+xW5/jl7t5OA2YO8ID4jDvFjZ8Lo+mwQRD0Pd8eXyZZ/E1Z0CQQDarp9wz2HBnBQJ
+FY8yASX6CcLN6brrateC/gy+E8Sy82t4TOwWpLC3d8LEgYD7AZtu41VB50mUCg5e
+EbrGkZrjAkEAyi9J1TOf/LzrFEYOnskYiTkKLgHG1uJuDdcF4NtGn+tEc85X7R9A
+jAQdZGFeN26fgDqmHJlm4W0473H8sXQE5wJAJpK2vQdXjvcg8ZlD8OYS9M/T9M5N
+kkj+SrTVOpHyGD6nrkijPDtAkJwnVtIhFiVqbVzcJQvPBrXfYuhtsajtUQJAHS50
+FpyL49uUhmmSJKLbsrqT2I4TF+K4hbDaPVkIuX4odBp9IFFZbJwPbfSLt650wPo2
+DXyql7C+/fhSw33+UwJAea5E2ZMIXMwPwVH/oOaeiUqwEcJ0hQ97Y3DkiI9USPBz
+U3W9Nu/6eTEuFmadfPpT6SlwAbOTjEICpuOP3oPShg==
-----END RSA PRIVATE KEY-----
Index: tests/server.pem
===================================================================
--- tests/server.pem (revision 739)
+++ tests/server.pem (working copy)
@@ -2,26 +2,26 @@
Data:
Version: 3 (0x2)
Serial Number:
- d1:b6:bf:af:06:17:8c:be
+ b4:7e:b2:de:87:00:03:0c
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, O=M2Crypto, CN=Heikki Toivonen
Validity
- Not Before: Jul 28 04:31:41 2009 GMT
- Not After : Jul 26 04:31:41 2019 GMT
+ Not Before: Nov 21 15:33:54 2012 GMT
+ Not After : Jan 8 15:33:54 2023 GMT
Subject: C=US, ST=California, O=M2Crypto, CN=localhost
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:d4:99:6f:33:3f:e6:ac:0a:34:d8:0e:45:97:f3:
- 2b:6a:50:2a:84:30:0a:52:9c:15:30:9f:05:29:3a:
- 21:f4:c1:c3:01:9e:2f:55:56:4e:35:ac:f1:16:1e:
- 26:8d:b5:26:b7:99:78:92:ea:1c:74:46:ab:41:12:
- ef:cc:53:62:cc:59:5c:9e:c4:86:df:d9:25:35:55:
- 05:4b:16:ff:d9:90:e3:f4:51:b4:b4:fa:c5:98:4b:
- 60:f0:60:7f:14:4e:1e:dd:61:9b:22:a2:9c:21:17:
- 43:a3:cb:07:80:f5:75:59:9c:55:1c:fe:e0:66:d4:
- 70:77:5e:13:06:0c:05:c7:1f
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:dd:9d:eb:7f:82:43:ed:f2:06:1c:1d:b3:fa:e1:
+ 41:8a:4b:bd:b4:1d:82:04:ee:63:b3:22:af:cf:94:
+ 88:36:52:18:3e:01:b6:37:15:59:93:7f:cc:88:5a:
+ 56:ea:02:c1:a2:bd:9f:c2:87:a4:f6:0e:cb:ca:e9:
+ b8:c6:50:3c:87:30:15:7e:e0:4b:1d:b9:5f:8e:4f:
+ 2b:af:64:9b:24:14:01:a7:6a:47:ab:72:f5:26:66:
+ a5:73:33:11:bf:81:28:4f:88:14:76:49:e1:7b:ce:
+ b8:11:fd:3c:ad:83:95:8f:be:30:ec:78:ab:d7:68:
+ b9:70:f5:87:7a:96:f7:35:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
@@ -29,47 +29,47 @@
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
- 04:05:3D:6A:A7:E8:D7:52:BD:2F:C4:52:30:7C:2C:BD:D3:81:46:C6
+ 14:E4:DE:06:C8:F0:45:E8:3B:FD:48:7A:6C:9C:AC:14:1F:D5:DB:E0
X509v3 Authority Key Identifier:
- keyid:AD:64:45:74:8F:83:C7:2C:D5:D7:A0:85:91:10:40:9A:9C:96:CF:EE
+ keyid:80:D9:6A:1E:15:FE:8B:61:51:62:60:4D:B3:CC:95:44:78:2D:89:E6
Signature Algorithm: sha1WithRSAEncryption
- ac:2b:ad:86:36:96:5c:fb:34:2c:02:ca:d9:5f:a7:8e:b6:58:
- 24:1d:27:b6:8e:81:aa:69:0e:60:26:64:2e:72:a1:ff:d8:ba:
- bb:7e:5d:46:c7:07:2d:a8:c8:4c:df:1e:ba:c8:bc:21:5b:f2:
- b3:01:4c:d6:3b:10:fd:49:70:e6:83:01:f3:24:e2:a9:97:d7:
- c3:9c:5b:2d:d7:64:2b:e5:e2:0e:3e:d9:8c:e6:93:86:39:32:
- 50:43:5f:36:4a:3b:b0:05:e7:65:a3:b3:ef:50:56:7f:7e:dc:
- f0:65:83:ac:42:7e:97:a0:c0:7e:63:c6:c8:c6:35:d3:60:d1:
- 4f:51
+ 74:b4:9d:87:61:b0:e5:8e:7b:38:11:1b:26:18:ba:f6:03:38:
+ 1b:84:3f:be:95:70:eb:d6:1d:2c:d7:1e:d8:b7:26:62:84:db:
+ cb:f4:40:6b:af:97:0e:76:5f:fb:da:d7:2b:bb:c8:bd:38:a3:
+ 02:c1:f2:60:f4:ec:11:d8:81:54:b6:7a:a4:5b:66:72:40:cb:
+ 72:ff:12:a3:8f:e7:6a:76:73:b3:9f:72:4e:68:40:0c:11:bd:
+ bd:4d:93:2e:33:27:7d:8d:0a:93:c2:71:de:4f:a2:58:0c:8e:
+ f0:ad:d2:28:05:bc:04:72:30:6d:5b:d1:4e:73:48:f1:1d:83:
+ 65:a6
-----BEGIN CERTIFICATE-----
-MIICkTCCAfqgAwIBAgIJANG2v68GF4y+MA0GCSqGSIb3DQEBBQUAME8xCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQKEwhNMkNyeXB0bzEY
-MBYGA1UEAxMPSGVpa2tpIFRvaXZvbmVuMB4XDTA5MDcyODA0MzE0MVoXDTE5MDcy
-NjA0MzE0MVowSTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAP
-BgNVBAoTCE0yQ3J5cHRvMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBANSZbzM/5qwKNNgORZfzK2pQKoQwClKcFTCfBSk6IfTB
-wwGeL1VWTjWs8RYeJo21JreZeJLqHHRGq0ES78xTYsxZXJ7Eht/ZJTVVBUsW/9mQ
-4/RRtLT6xZhLYPBgfxROHt1hmyKinCEXQ6PLB4D1dVmcVRz+4GbUcHdeEwYMBccf
+MIICkTCCAfqgAwIBAgIJALR+st6HAAMMMA0GCSqGSIb3DQEBBQUAME8xCzAJBgNV
+BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQKDAhNMkNyeXB0bzEY
+MBYGA1UEAwwPSGVpa2tpIFRvaXZvbmVuMB4XDTEyMTEyMTE1MzM1NFoXDTIzMDEw
+ODE1MzM1NFowSTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAP
+BgNVBAoMCE0yQ3J5cHRvMRIwEAYDVQQDDAlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBAN2d63+CQ+3yBhwds/rhQYpLvbQdggTuY7Mir8+UiDZS
+GD4BtjcVWZN/zIhaVuoCwaK9n8KHpPYOy8rpuMZQPIcwFX7gSx25X45PK69kmyQU
+AadqR6ty9SZmpXMzEb+BKE+IFHZJ4XvOuBH9PK2DlY++MOx4q9douXD1h3qW9zXd
AgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2Vu
-ZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBQEBT1qp+jXUr0vxFIwfCy904FG
-xjAfBgNVHSMEGDAWgBStZEV0j4PHLNXXoIWREECanJbP7jANBgkqhkiG9w0BAQUF
-AAOBgQCsK62GNpZc+zQsAsrZX6eOtlgkHSe2joGqaQ5gJmQucqH/2Lq7fl1Gxwct
-qMhM3x66yLwhW/KzAUzWOxD9SXDmgwHzJOKpl9fDnFst12Qr5eIOPtmM5pOGOTJQ
-Q182SjuwBedlo7PvUFZ/ftzwZYOsQn6XoMB+Y8bIxjXTYNFPUQ==
+ZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBQU5N4GyPBF6Dv9SHpsnKwUH9Xb
+4DAfBgNVHSMEGDAWgBSA2WoeFf6LYVFiYE2zzJVEeC2J5jANBgkqhkiG9w0BAQUF
+AAOBgQB0tJ2HYbDljns4ERsmGLr2AzgbhD++lXDr1h0s1x7YtyZihNvL9EBrr5cO
+dl/72tcru8i9OKMCwfJg9OwR2IFUtnqkW2ZyQMty/xKjj+dqdnOzn3JOaEAMEb29
+TZMuMyd9jQqTwnHeT6JYDI7wrdIoBbwEcjBtW9FOc0jxHYNlpg==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQDUmW8zP+asCjTYDkWX8ytqUCqEMApSnBUwnwUpOiH0wcMBni9V
-Vk41rPEWHiaNtSa3mXiS6hx0RqtBEu/MU2LMWVyexIbf2SU1VQVLFv/ZkOP0UbS0
-+sWYS2DwYH8UTh7dYZsiopwhF0OjyweA9XVZnFUc/uBm1HB3XhMGDAXHHwIDAQAB
-AoGBALBHrSm8kYMTT2/anZ/5tIUJhcdnohePbg6LvJbLqf4tb4l25V6IGn9tL9Yc
-F/GmRD02VwDSd9d+BWAG2Kj+d0rfdCLfKY9O8PVVm0DF6grLZ7ugItYqUHRDYOdV
-MOVOQrx+mCIzHtoEtQ6HLqmqt2rIX731L1TA7OLNm3XHyISJAkEA/mgNNNg0e23G
-64z83yxxwPEnBrnKd1+xjH9QJ0Z9SJJuF4sNXRIFA4YUNvv2MNe3gMS4Hg9w78HL
-PwcEzLnO9QJBANXuWAZGV58CdkM2w7H9+ukxMbQeLSnmgjpdddo31qqbfgFAYZMK
-LppRqyosj+a2qQ6vua0ndstTImSi7KPmCUMCQQDbwr5Fu836ISYIK830aswIw0fX
-A37mB3+zwfZXNwjaO8NmCvQMRZiXJqcnqBdOsckOLuBs9yGzuk/7rfBzeL5RAkA2
-uBcly7o/vsZ3HLvjfB5ApUecVZehvwcSXLN3VI8A5nLNaSVMEe+nozoPuIQ6NAB7
-9DCe/JgjG6mRaibzKTS3AkEAjTl5MTKkYR78+2u3NRU/ypa1iKCicSvI/Ryw7p/z
-Q8XmVA0CmNRvltf9gA1gJ04ZijBPtl+s09uppaCw9L3vuA==
+MIICXAIBAAKBgQDdnet/gkPt8gYcHbP64UGKS720HYIE7mOzIq/PlIg2Uhg+AbY3
+FVmTf8yIWlbqAsGivZ/Ch6T2DsvK6bjGUDyHMBV+4EsduV+OTyuvZJskFAGnaker
+cvUmZqVzMxG/gShPiBR2SeF7zrgR/Tytg5WPvjDseKvXaLlw9Yd6lvc13QIDAQAB
+AoGAIZzWHxzO2MQgkRsgNSj9G9CpESx4j+7oSD82kzFgB30kGCOCU5B1aZ20k+m/
+zPZmEBzaolKYfol392rDj7CTvVT5VQh5QzkVeU28iLOBVqUJ1fwh5gBvIy5iEXzo
+O58M8y2IDyJ2W84UUtIav8LD3xGKDxD7k14FW5TIwXfCE4ECQQD8gAI7RHfViv0M
+9qSsZ7MapR4wwJKolapfHJda8hM+uEaSanJ/2RwAe5mfn92VUubmAG+Xcoe9HR9x
+dJQ5hAllAkEA4LBSq3T8+5wNUBE7V9OUP4Eh8ytbEviurNizfM4sBTrsXBVyDoBU
++ji9BCcDtbaB+GewnpsrXeqSJ/eKxMnvGQJALInH2vxwxtIFYMwAsAh6pzCI6sCN
+Hf+IVc6NRBV/H4kRqbHtEHATaGJk7qscQsKkx9070dL57nm8mh6eJqcLoQJBALM0
+LltNrVBIQF3xwHDl8UFNDvTRSYwyB68YDt+l2Ho7arRu7k8ej6gahLbBHzZY4ARt
+PvLhM49uPS/fQTB/FlECQHaIJA/MFMtpFpv2h0Vsq5Rq0kayzFy/1Cf7k+E9wVUg
+gqcUvnEaT990We8Ffri/HlBtIuiuC7lVtv7zKu//VHU=
-----END RSA PRIVATE KEY-----
Index: tests/signer.pem
===================================================================
--- tests/signer.pem (revision 739)
+++ tests/signer.pem (working copy)
@@ -2,26 +2,26 @@
Data:
Version: 3 (0x2)
Serial Number:
- d1:b6:bf:af:06:17:8c:c0
+ b4:7e:b2:de:87:00:03:0e
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, O=M2Crypto, CN=Heikki Toivonen
Validity
- Not Before: Jul 28 04:37:25 2009 GMT
- Not After : Jul 26 04:37:25 2019 GMT
+ Not Before: Nov 21 15:37:55 2012 GMT
+ Not After : Jan 8 15:37:55 2023 GMT
Subject: C=US, ST=California, O=M2Crypto, CN=Signer/emailAddress=signer@example.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:c3:9c:76:f3:21:aa:10:19:9f:77:e3:82:1d:9d:
- c3:4a:da:bc:c3:83:71:d1:89:78:8b:82:a4:b9:c5:
- 70:bb:e3:00:bf:49:b8:99:96:67:0b:bf:fe:72:cb:
- d9:b6:63:85:f4:fb:86:55:32:22:1e:6e:ce:fd:88:
- 5c:75:9d:77:3c:92:17:c5:b2:70:04:59:02:33:ef:
- be:33:26:f1:e4:72:41:45:72:f1:bf:c4:21:b1:fe:
- de:92:b9:f3:25:3e:1a:15:4b:26:47:29:cc:38:7f:
- 58:3b:ae:b7:c5:69:e7:48:81:b6:55:61:45:c3:3f:
- b6:9d:06:e5:17:41:f6:f2:e9
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:a1:f3:c0:4b:84:03:54:c4:db:dd:95:75:4b:d2:
+ e3:4b:63:5e:fb:e9:68:32:3a:79:3a:5b:3c:f1:ae:
+ 3c:65:11:a1:a2:86:d9:45:20:c1:a8:3c:e9:64:c6:
+ 5c:9a:58:ee:ae:d3:4e:af:07:95:80:5f:4c:fe:64:
+ bd:65:ae:2c:91:fc:fa:bf:dc:aa:5f:da:36:4c:0a:
+ 77:61:e6:a4:f6:a3:54:92:bf:39:12:84:44:d9:ab:
+ 12:da:78:43:20:b6:50:6c:9d:87:3a:27:86:95:14:
+ a7:9c:f2:d8:36:29:fb:1e:24:64:61:13:48:b5:de:
+ 17:61:49:6c:2a:61:da:03:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
@@ -29,33 +29,33 @@
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
- 22:CA:29:B7:D7:39:B4:BF:35:F9:36:5E:EE:2B:E4:17:4E:F9:6E:EE
+ 07:7D:13:C0:AF:F5:E4:63:CD:7C:64:68:FF:D2:67:FC:27:46:DC:04
X509v3 Authority Key Identifier:
- keyid:AD:64:45:74:8F:83:C7:2C:D5:D7:A0:85:91:10:40:9A:9C:96:CF:EE
+ keyid:80:D9:6A:1E:15:FE:8B:61:51:62:60:4D:B3:CC:95:44:78:2D:89:E6
Signature Algorithm: sha1WithRSAEncryption
- 5f:a0:da:6b:37:b4:bb:25:34:a7:ed:f3:f7:2e:f2:85:aa:91:
- 01:8f:c3:80:e5:44:87:df:9e:64:5e:5f:3e:5c:7f:c1:07:12:
- 2a:46:cc:bb:9f:a4:a5:c8:3f:84:9a:a4:9e:d5:26:33:af:b4:
- 5f:eb:8e:7d:81:65:f6:44:18:78:89:17:74:fb:07:dc:04:65:
- fa:15:0c:b2:f3:e7:e7:af:1f:d9:02:c4:c4:44:b7:95:91:47:
- fe:c0:2a:e1:7a:ae:dd:5f:f8:a9:fa:bb:dd:89:2d:0b:05:b6:
- ce:ba:12:37:7f:97:4c:48:a9:fb:d4:b7:a5:d1:61:f6:85:ea:
- 30:8c
+ 00:64:bc:be:4b:42:72:54:ca:7e:02:28:87:90:07:c8:cb:ad:
+ ac:18:fa:89:bb:1e:a8:20:c1:1a:39:d2:e3:ba:b6:d9:1c:b6:
+ bf:bb:c7:dc:46:3b:99:ac:81:13:99:f7:88:9f:b2:ae:19:ff:
+ d7:37:c2:83:aa:ca:c8:d2:03:1f:ce:00:b8:86:2a:b0:2d:80:
+ e8:83:c0:83:34:8a:dd:9f:75:c5:df:61:ff:cc:c1:8b:ab:e0:
+ e1:13:02:ff:63:4b:1d:58:0b:5d:3a:a4:e9:a3:b5:3a:19:2f:
+ dc:a4:c2:4a:b4:46:5e:0c:fa:59:4e:c5:31:5f:a2:18:aa:c8:
+ a4:92
-----BEGIN CERTIFICATE-----
-MIICsTCCAhqgAwIBAgIJANG2v68GF4zAMA0GCSqGSIb3DQEBBQUAME8xCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQKEwhNMkNyeXB0bzEY
-MBYGA1UEAxMPSGVpa2tpIFRvaXZvbmVuMB4XDTA5MDcyODA0MzcyNVoXDTE5MDcy
-NjA0MzcyNVowaTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAP
-BgNVBAoTCE0yQ3J5cHRvMQ8wDQYDVQQDEwZTaWduZXIxITAfBgkqhkiG9w0BCQEW
+MIICsTCCAhqgAwIBAgIJALR+st6HAAMOMA0GCSqGSIb3DQEBBQUAME8xCzAJBgNV
+BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQKDAhNMkNyeXB0bzEY
+MBYGA1UEAwwPSGVpa2tpIFRvaXZvbmVuMB4XDTEyMTEyMTE1Mzc1NVoXDTIzMDEw
+ODE1Mzc1NVowaTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAP
+BgNVBAoMCE0yQ3J5cHRvMQ8wDQYDVQQDDAZTaWduZXIxITAfBgkqhkiG9w0BCQEW
EnNpZ25lckBleGFtcGxlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
-w5x28yGqEBmfd+OCHZ3DStq8w4Nx0Yl4i4KkucVwu+MAv0m4mZZnC7/+csvZtmOF
-9PuGVTIiHm7O/YhcdZ13PJIXxbJwBFkCM+++Mybx5HJBRXLxv8Qhsf7ekrnzJT4a
-FUsmRynMOH9YO663xWnnSIG2VWFFwz+2nQblF0H28ukCAwEAAaN7MHkwCQYDVR0T
+ofPAS4QDVMTb3ZV1S9LjS2Ne++loMjp5Ols88a48ZRGhoobZRSDBqDzpZMZcmlju
+rtNOrweVgF9M/mS9Za4skfz6v9yqX9o2TAp3Yeak9qNUkr85EoRE2asS2nhDILZQ
+bJ2HOieGlRSnnPLYNin7HiRkYRNItd4XYUlsKmHaA7ECAwEAAaN7MHkwCQYDVR0T
BAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNh
-dGUwHQYDVR0OBBYEFCLKKbfXObS/Nfk2Xu4r5BdO+W7uMB8GA1UdIwQYMBaAFK1k
-RXSPg8cs1deghZEQQJqcls/uMA0GCSqGSIb3DQEBBQUAA4GBAF+g2ms3tLslNKft
-8/cu8oWqkQGPw4DlRIffnmReXz5cf8EHEipGzLufpKXIP4SapJ7VJjOvtF/rjn2B
-ZfZEGHiJF3T7B9wEZfoVDLLz5+evH9kCxMREt5WRR/7AKuF6rt1f+Kn6u92JLQsF
-ts66Ejd/l0xIqfvUt6XRYfaF6jCM
+dGUwHQYDVR0OBBYEFAd9E8Cv9eRjzXxkaP/SZ/wnRtwEMB8GA1UdIwQYMBaAFIDZ
+ah4V/othUWJgTbPMlUR4LYnmMA0GCSqGSIb3DQEBBQUAA4GBAABkvL5LQnJUyn4C
+KIeQB8jLrawY+om7HqggwRo50uO6ttkctr+7x9xGO5msgROZ94ifsq4Z/9c3woOq
+ysjSAx/OALiGKrAtgOiDwIM0it2fdcXfYf/MwYur4OETAv9jSx1YC106pOmjtToZ
+L9ykwkq0Rl4M+llOxTFfohiqyKSS
-----END CERTIFICATE-----
Index: tests/signer_key.pem
===================================================================
--- tests/signer_key.pem (revision 739)
+++ tests/signer_key.pem (working copy)
@@ -1,15 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDDnHbzIaoQGZ9344IdncNK2rzDg3HRiXiLgqS5xXC74wC/SbiZ
-lmcLv/5yy9m2Y4X0+4ZVMiIebs79iFx1nXc8khfFsnAEWQIz774zJvHkckFFcvG/
-xCGx/t6SufMlPhoVSyZHKcw4f1g7rrfFaedIgbZVYUXDP7adBuUXQfby6QIDAQAB
-AoGAZL24JQ85XoFTt5Lb+BS/91Uf0jFn9Nov0um9nE8q+Bi40ctN3wuulkaS7Nw/
-i8dFvh2r2USwfavjvn7z3z7xoMG8V2c1ZFJCI2CKjocuWVkGwNnIsbO7/BOG03nu
-vir/i7TXN0YbN8zMhfuFC9APmR8bdmMa2KgHXzQcLuAmI4ECQQDhDIkC97l6rMKG
-QWbYrbc7GoMZNwCsPb/fasUknGmtPmq+s818i335u1yyhAk5pwKV7HF+WyZ76S2A
-P1bZf9+FAkEA3oN98qoklVmWSK0qV+CKHjZHSqtt32q2eu6+eAO5fVZOWHwXhS/B
-MkTtfKJbIDTLyUnwhKyht/hXOniVqHE5FQJAf99VgoArvc6oAQzsWTXrpQOddhhQ
-o426lkHenrzZNvz+PjmACsJf5CRXuX9Ylo+U4ockvb0hEssddX+H47HK2QJBAIYr
-aV1SJH79pvWpnLeiSAYRmok2tyiZMvELVkQNkuI1kUYfhRslAWxrTXvyddoEm8CC
-2glWAqlokEhMf4kyxEUCQCIQbV+XFoEqkECchik34PPmcPi2ends32dv/sW+AKjQ
-pxKpWbxVB4sEOPZzpmujP0LLxvCY4HOUJDlhENGQ8MM=
+MIICXAIBAAKBgQCh88BLhANUxNvdlXVL0uNLY1776WgyOnk6WzzxrjxlEaGihtlF
+IMGoPOlkxlyaWO6u006vB5WAX0z+ZL1lriyR/Pq/3Kpf2jZMCndh5qT2o1SSvzkS
+hETZqxLaeEMgtlBsnYc6J4aVFKec8tg2KfseJGRhE0i13hdhSWwqYdoDsQIDAQAB
+AoGAOAsY1UkWugPxrellkNqmq1T07qnj09XmU6p1GZFY9wS18X9GuqROP8DsZ2I5
+c3QpDLi09t7h/m18QGBuJjyy0Tk3iFsLZ1+F1nNCFOZTeRybWA2MS91P9bpYri63
+tarTxHaDe/RsMsaXe2HBp2rjw/jxT3y5DYwwWPQWjEIgf/0CQQDT7yeEtdj5LN1O
+NW9Coj3MzAodjyz5Jz1bCRGvhXpnralaM8Oyl1Dix99wGM64VuHvE5Lg0gY1ySg2
+YJeYfuo/AkEAw6AmUTUrG8+axMkKX+rXz7LvaOR6Ad39uXO3S2lhbACQAy1Tn4W+
+gJ2x0zJY+lY8oRQpXqZi1wzdLI/JGL82DwJAQvZmcx0N8DUHu6VQgSpIAoRZkdti
+J1sJnNDxwJaZBVcukiyW4b/Ds9PZOk7sSfxRqLtzhgt2INptFTlRzMIU+wJBALYc
+1s7uoi0HvVrIlUHpy/Js73dEi1hForgMQ2yOs8TpWSe8AIcW6Nuu8iZcTnzt3w9N
+R533Yzgzn4qmaF0DVH0CQGHvjKMwb63YsnyjiUHtjG/zlN7FZWAIr3wEPNoMl2dd
+s33jU+euC2oKygr1tSUf1lSM+yLCvDTetzg+1uBNfmg=
-----END RSA PRIVATE KEY-----
Index: tests/test_ssl_offline.py
===================================================================
--- tests/test_ssl_offline.py (revision 739)
+++ tests/test_ssl_offline.py (working copy)
@@ -16,7 +16,7 @@
def test_checker(self):
check = Checker.Checker(host=srv_host,
- peerCertHash='7B754EFA41A264AAD370D43460BC8229F9354ECE')
+ peerCertHash='6D5C51BF6C90686A87E015A07731B252B7638D93')
x509 = X509.load_cert('tests/server.pem')
assert check(x509, srv_host)
self.assertRaises(Checker.WrongHost, check, x509, 'example.com')
Index: tests/test_x509.py
===================================================================
--- tests/test_x509.py (revision 739)
+++ tests/test_x509.py (working copy)
@@ -340,14 +340,14 @@
def test_fingerprint(self):
x509 = X509.load_cert('tests/x509.pem')
fp = x509.get_fingerprint('sha1')
- expected = '8D2EB9E203B5FFDC7F4FA7DC4103E852A55B808D'
+ expected = 'B2522F9B4F6F2461475D0C6267911537E738494F'
assert fp == expected, '%s != %s' % (fp, expected)
def test_load_der_string(self):
f = open('tests/x509.der', 'rb')
x509 = X509.load_cert_der_string(''.join(f.readlines()))
fp = x509.get_fingerprint('sha1')
- expected = '8D2EB9E203B5FFDC7F4FA7DC4103E852A55B808D'
+ expected = 'B2522F9B4F6F2461475D0C6267911537E738494F'
assert fp == expected, '%s != %s' % (fp, expected)
def test_save_der_string(self):
Index: tests/x509.der
===================================================================
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Index: tests/x509.pem
===================================================================
--- tests/x509.pem (revision 739)
+++ tests/x509.pem (working copy)
@@ -2,26 +2,26 @@
Data:
Version: 3 (0x2)
Serial Number:
- d1:b6:bf:af:06:17:8c:bf
+ b4:7e:b2:de:87:00:03:0d
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, O=M2Crypto, CN=Heikki Toivonen
Validity
- Not Before: Jul 28 04:34:34 2009 GMT
- Not After : Jul 26 04:34:34 2019 GMT
+ Not Before: Nov 21 15:35:24 2012 GMT
+ Not After : Jan 8 15:35:24 2023 GMT
Subject: C=US, ST=California, O=M2Crypto, CN=X509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:d3:62:55:12:30:b8:dc:84:7c:63:bd:80:1d:19:
- 1a:72:f2:28:f8:59:0b:2a:6b:f2:2a:23:9d:bb:0f:
- 7f:92:5e:dd:27:74:bc:78:0a:27:ab:1c:2e:23:1c:
- 26:77:48:b6:8f:03:ef:57:1c:a0:54:ae:1a:e8:f5:
- 24:a1:46:a1:27:48:55:33:98:fc:db:6a:83:2e:89:
- 3f:e0:f3:91:9d:da:4f:db:74:90:9d:a6:8d:4a:46:
- cb:9f:ba:b8:60:df:ae:ee:22:4b:3f:80:55:f7:1d:
- 89:3c:2b:28:df:46:19:d5:18:ac:e9:07:4e:40:81:
- 75:bc:da:5b:d5:e1:c2:04:15
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:ba:3b:21:75:3a:4f:78:99:14:56:ae:68:36:6f:
+ 52:f3:01:a4:c4:0c:cc:27:eb:e2:c5:e1:78:19:ba:
+ d4:47:05:35:df:d4:1c:10:8b:70:33:a2:f3:27:31:
+ 9e:1d:b7:2d:f8:ff:01:4a:4b:90:a7:29:4e:79:09:
+ ad:df:3a:85:96:fc:fd:cb:ea:8c:37:b6:e4:b2:67:
+ ec:fd:20:e1:0c:45:98:42:31:80:74:0e:78:fa:58:
+ 09:0d:2e:e5:82:38:8d:30:23:80:12:0c:40:c7:3f:
+ 26:94:e9:5b:43:f1:64:e2:1e:5d:fc:77:92:93:b4:
+ 4f:5f:8d:88:a0:03:b7:5e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
@@ -29,47 +29,47 @@
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
- B1:C4:6F:98:6F:E8:3B:8C:A1:26:11:81:97:9A:12:50:4A:1A:6C:88
+ E8:C1:6E:60:19:13:82:40:65:B9:67:26:B7:8E:D6:7C:EE:33:8D:72
X509v3 Authority Key Identifier:
- keyid:AD:64:45:74:8F:83:C7:2C:D5:D7:A0:85:91:10:40:9A:9C:96:CF:EE
+ keyid:80:D9:6A:1E:15:FE:8B:61:51:62:60:4D:B3:CC:95:44:78:2D:89:E6
Signature Algorithm: sha1WithRSAEncryption
- 3f:0b:44:bc:d2:da:5f:a9:39:be:08:53:e6:fd:10:ff:d6:f0:
- a3:51:f6:be:03:20:cc:b3:52:cf:0f:7c:3f:56:42:6f:9d:72:
- 9b:09:a5:64:3f:43:29:24:2b:d6:79:94:54:2f:99:e8:ce:fe:
- fd:de:bb:ca:43:28:16:ff:32:ac:3d:c5:56:db:87:23:3c:d4:
- 69:f7:4e:1b:c4:be:c9:d8:27:99:2a:64:be:3a:6b:7e:51:85:
- db:75:35:40:a5:6c:ae:53:c3:09:e7:00:35:17:64:1a:17:71:
- c5:d5:59:e5:8f:fc:96:4a:f9:81:33:23:4c:c1:60:71:93:18:
- 0a:c4
+ cf:57:f4:f6:7d:be:e0:32:d1:44:ba:15:f7:44:2c:69:df:54:
+ a1:09:28:7f:7f:66:37:db:71:6f:2f:4b:b0:61:f5:96:09:56:
+ 50:e4:14:87:81:70:93:bb:9d:1e:8a:65:06:e8:67:c5:fb:24:
+ b1:17:b5:36:83:cb:53:88:0e:55:5c:91:80:26:56:f2:0b:50:
+ 19:86:6c:3b:1b:37:64:e1:64:2b:18:c3:5b:aa:d3:78:84:75:
+ 4f:59:c4:46:6e:9a:fb:a2:3b:86:79:87:09:a7:a6:e3:c8:91:
+ 5d:ea:2c:76:d4:ff:a3:3e:ad:6c:bd:bb:e2:c1:1d:1e:d3:81:
+ 6c:4a
-----BEGIN CERTIFICATE-----
-MIICjDCCAfWgAwIBAgIJANG2v68GF4y/MA0GCSqGSIb3DQEBBQUAME8xCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQKEwhNMkNyeXB0bzEY
-MBYGA1UEAxMPSGVpa2tpIFRvaXZvbmVuMB4XDTA5MDcyODA0MzQzNFoXDTE5MDcy
-NjA0MzQzNFowRDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAP
-BgNVBAoTCE0yQ3J5cHRvMQ0wCwYDVQQDEwRYNTA5MIGfMA0GCSqGSIb3DQEBAQUA
-A4GNADCBiQKBgQDTYlUSMLjchHxjvYAdGRpy8ij4WQsqa/IqI527D3+SXt0ndLx4
-CierHC4jHCZ3SLaPA+9XHKBUrhro9SShRqEnSFUzmPzbaoMuiT/g85Gd2k/bdJCd
-po1KRsufurhg367uIks/gFX3HYk8KyjfRhnVGKzpB05AgXW82lvV4cIEFQIDAQAB
+MIICjDCCAfWgAwIBAgIJALR+st6HAAMNMA0GCSqGSIb3DQEBBQUAME8xCzAJBgNV
+BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQKDAhNMkNyeXB0bzEY
+MBYGA1UEAwwPSGVpa2tpIFRvaXZvbmVuMB4XDTEyMTEyMTE1MzUyNFoXDTIzMDEw
+ODE1MzUyNFowRDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAP
+BgNVBAoMCE0yQ3J5cHRvMQ0wCwYDVQQDDARYNTA5MIGfMA0GCSqGSIb3DQEBAQUA
+A4GNADCBiQKBgQC6OyF1Ok94mRRWrmg2b1LzAaTEDMwn6+LF4XgZutRHBTXf1BwQ
+i3AzovMnMZ4dty34/wFKS5CnKU55Ca3fOoWW/P3L6ow3tuSyZ+z9IOEMRZhCMYB0
+Dnj6WAkNLuWCOI0wI4ASDEDHPyaU6VtD8WTiHl38d5KTtE9fjYigA7deoQIDAQAB
o3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRl
-ZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUscRvmG/oO4yhJhGBl5oSUEoabIgwHwYD
-VR0jBBgwFoAUrWRFdI+DxyzV16CFkRBAmpyWz+4wDQYJKoZIhvcNAQEFBQADgYEA
-PwtEvNLaX6k5vghT5v0Q/9bwo1H2vgMgzLNSzw98P1ZCb51ymwmlZD9DKSQr1nmU
-VC+Z6M7+/d67ykMoFv8yrD3FVtuHIzzUafdOG8S+ydgnmSpkvjprflGF23U1QKVs
-rlPDCecANRdkGhdxxdVZ5Y/8lkr5gTMjTMFgcZMYCsQ=
+ZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU6MFuYBkTgkBluWcmt47WfO4zjXIwHwYD
+VR0jBBgwFoAUgNlqHhX+i2FRYmBNs8yVRHgtieYwDQYJKoZIhvcNAQEFBQADgYEA
+z1f09n2+4DLRRLoV90Qsad9UoQkof39mN9txby9LsGH1lglWUOQUh4Fwk7udHopl
+BuhnxfsksRe1NoPLU4gOVVyRgCZW8gtQGYZsOxs3ZOFkKxjDW6rTeIR1T1nERm6a
++6I7hnmHCaem48iRXeosdtT/oz6tbL274sEdHtOBbEo=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDTYlUSMLjchHxjvYAdGRpy8ij4WQsqa/IqI527D3+SXt0ndLx4
-CierHC4jHCZ3SLaPA+9XHKBUrhro9SShRqEnSFUzmPzbaoMuiT/g85Gd2k/bdJCd
-po1KRsufurhg367uIks/gFX3HYk8KyjfRhnVGKzpB05AgXW82lvV4cIEFQIDAQAB
-AoGATPipcY48QlAb21XNqMrTTrfPI1+JKVFVRPLjJJJoKaxRa2SenDdWaoBAbJh7
-iUP49erA5D+QQkWDlwBs7i0B0NqSkZAUVTfzRjGackTNJUQ+smfeqRLMH+Oru6DS
-VFbb818nJOJKqMMhMz8SrPrrbg+qiHlJ3JUQnNzTYohOMAECQQDvTJBSSit34ZBO
-ABj4vWYucCnOygcpICQnIsG97sZmF8tuF55tA5e+0v9R7BPuyAjrQnKJqDj3r/AY
-AxhgngGVAkEA4iMGoHzoSQvh+gT0A2rPCtVo+URNswIEZhQmMuA0VjrFCphWkZE+
-3jgDsJTNQUJs4mczQMcBzL34Nh1cJThYgQJARMMrdXn6o6gdX0yH4HIMOqvgV5uW
-Eys5OEW0hm9mc0/DFQ+UZp7xq9PVqiS8VZEFfxTI9OVx+TqFM2EwUBMXQQJBAIge
-n0mRhl0Z6v+NZbh83X3e8h5BUCf1ieJMNKYhMT/KhnsXMdzTui0XOJldKKQksNgj
-WMWgROQSYctpJuM8pIECQQCNN27XVHs4YAQ6GvBkrHsK5w6LZkm6UaJgbCqDqyeS
-eqfPp9VRurZ/FhK1mPbgNN67U4Ik1nwjR0o8wD4mreIj
+MIICXgIBAAKBgQC6OyF1Ok94mRRWrmg2b1LzAaTEDMwn6+LF4XgZutRHBTXf1BwQ
+i3AzovMnMZ4dty34/wFKS5CnKU55Ca3fOoWW/P3L6ow3tuSyZ+z9IOEMRZhCMYB0
+Dnj6WAkNLuWCOI0wI4ASDEDHPyaU6VtD8WTiHl38d5KTtE9fjYigA7deoQIDAQAB
+AoGBALdK8ZBGtuc0i28RM2K4SQUCDiAjlGCKa2Vll+aDGuFXwIGva3vhMaqw6+8c
+h8ope6cBnUx5eUL9hc3dd/Moz0dxM34p2zu/fZbiFD2yrKlkVSXHv6YobYhUagod
+htPwb+tQOrQqYpHZ/zPeVkAa/EfmM88RD603nlFHbCz5PpFBAkEA5HWMYUaXD+1M
+kX3YjXy3ESmKr3zPdbQkw6tDiQ6ijl1jUX+b4BKGSgINFYsmXlaFYM/GeJWJ0z64
+BiPkSnhueQJBANCuYg0ykia6miTUWzXv3i8r8voVt593KmrAf23JwUM+jZnAd4yl
+xwSHkJSX5Ualp1cYDfKD9wzKj8vjq4mCx2kCQQCYlJFvHnAhqQDsYrpQtKynf7Eq
+RxdfqzKqpCV00htrLZ/5fFqkqnqZzwjiDI9RjkOCRwJs4qKsPUU2hJ4hxpExAkEA
+llzwfb3wnUNbiioRRr39hFPQke5QDvEYeS8XIo57WO6brSuHeKqCynq77LW+GLeH
+6jOE6Te5LVhPYIQ9t6mp8QJAKPE2g1wc0kmlzaOkNrlj67PPcRKqRVqL1RWIaSz9
+Dh3KWyvOnOQAKbShI9EbXqdINKM7JxJAhSL4LPBd3ejxSA==
-----END RSA PRIVATE KEY-----

11
SOURCES/m2crypto-0.21.1-gcc_macros.patch
Unescape View File

@ -0,0 +1,11 @@ @@ -0,0 +1,11 @@
diff -urN M2Crypto/SWIG/_m2crypto.i M2Crypto-0.21.1/SWIG/_m2crypto.i
--- M2Crypto/SWIG/_m2crypto.i 2011-01-15 20:10:06.000000000 +0100
+++ M2Crypto-0.21.1/SWIG/_m2crypto.i 2011-01-18 15:37:33.948994579 +0100
@@ -7,6 +7,7 @@
* Copyright (c) 2009-2010 Heikki Toivonen. All rights reserved.
*
*/
+%import "gcc_macros.h"
%module(threads=1) _m2crypto
/* We really don't need threadblock (PyGILState_Ensure() etc.) anywhere.

43
SOURCES/m2crypto-0.21.1-https-proxy.patch
Unescape View File

@ -0,0 +1,43 @@ @@ -0,0 +1,43 @@
diff -urN M2Crypto/M2Crypto/httpslib.py M2Crypto-0.21.1/M2Crypto/httpslib.py
--- M2Crypto/M2Crypto/httpslib.py 2012-03-15 03:27:22.181524406 +0100
+++ M2Crypto-0.21.1/M2Crypto/httpslib.py 2012-03-15 03:27:40.467485033 +0100
@@ -182,14 +182,14 @@
else:
HTTPSConnection.putheader(self, header, value)
- def endheaders(self):
+ def endheaders(self, *args, **kwargs):
# We've recieved all of hte headers. Use the supplied username
# and password for authorization, possibly overriding the authstring
# supplied in the headers.
if not self._proxy_auth:
self._proxy_auth = self._encode_auth()
- HTTPSConnection.endheaders(self)
+ HTTPSConnection.endheaders(self, *args, **kwargs)
def connect(self):
HTTPConnection.connect(self)
diff -urN M2Crypto/M2Crypto/m2urllib2.py M2Crypto-0.21.1/M2Crypto/m2urllib2.py
--- M2Crypto/M2Crypto/m2urllib2.py 2011-01-15 20:10:05.000000000 +0100
+++ M2Crypto-0.21.1/M2Crypto/m2urllib2.py 2012-03-15 03:27:40.467485033 +0100
@@ -64,8 +64,10 @@
target_host = urlparse.urlparse(full_url)[1]
if (target_host != host):
+ request_uri = urlparse.urldefrag(full_url)[0]
h = httpslib.ProxyHTTPSConnection(host = host, ssl_context = self.ctx)
else:
+ request_uri = req.get_selector()
h = httpslib.HTTPSConnection(host = host, ssl_context = self.ctx)
# End our change
h.set_debuglevel(self._debuglevel)
@@ -80,7 +82,7 @@
# request.
headers["Connection"] = "close"
try:
- h.request(req.get_method(), req.get_selector(), req.data, headers)
+ h.request(req.get_method(), request_uri, req.data, headers)
r = h.getresponse()
except socket.error, err: # XXX what error?
raise URLError(err)

174
SOURCES/m2crypto-0.21.1-memoryview.patch
Unescape View File

@ -0,0 +1,174 @@ @@ -0,0 +1,174 @@
diff -u M2Crypto/SWIG/_lib.h M2Crypto-0.21.1/SWIG/_lib.h
--- M2Crypto/SWIG/_lib.h 2011-01-19 19:56:37.622364336 +0100
+++ M2Crypto-0.21.1/SWIG/_lib.h 2011-05-10 20:14:38.593211256 +0200
@@ -7,6 +7,16 @@
#define PY_SSIZE_T_MIN INT_MIN
#endif
+#if PY_VERSION_HEX < 0x02060000
+struct Py_buffer /* Only a subset */
+{
+ void *buf;
+ Py_ssize_t len;
+};
+
+#define PyBUF_CONTIG_RO 0
+#endif /* PY_VERSION_HEX < 0x02060000 */
+
typedef struct _blob {
unsigned char *data;
int len;
@@ -20,6 +30,10 @@
int *buffer_len);
static int m2_PyString_AsStringAndSizeInt(PyObject *obj, char **s, int *len);
+/* Always use these two together, to correctly handle non-memoryview objects. */
+static int m2_PyObject_GetBufferInt(PyObject *obj, Py_buffer *view, int flags);
+static void m2_PyBuffer_Release(PyObject *obj, Py_buffer *view);
+
void gen_callback(int p, int n, void *arg);
int passphrase_callback(char *buf, int num, int v, void *userdata);
diff -u M2Crypto/SWIG/_lib.i M2Crypto-0.21.1/SWIG/_lib.i
--- M2Crypto/SWIG/_lib.i 2011-01-19 19:49:21.537145465 +0100
+++ M2Crypto-0.21.1/SWIG/_lib.i 2011-05-10 20:19:10.924328007 +0200
@@ -47,9 +47,36 @@
/* Python helpers. */
%}
+%ignore PyObject_CheckBuffer;
+%ignore PyObject_GetBuffer;
+%ignore PyBuffer_Release;
%ignore m2_PyObject_AsReadBufferInt;
+%ignore m2_PyObject_GetBufferInt;
+%ignore m2_PyBuffer_Release;
%ignore m2_PyString_AsStringAndSizeInt;
%{
+
+#if PY_VERSION_HEX < 0x02060000
+static int PyObject_CheckBuffer(PyObject *obj)
+{
+ (void)obj;
+ return 0;
+}
+
+static int PyObject_GetBuffer(PyObject *obj, Py_buffer *view, int flags)
+{
+ (void)obj;
+ (void)view;
+ (void)flags;
+ return -1;
+}
+
+static void PyBuffer_Release(Py_buffer *view)
+{
+ (void)view;
+}
+#endif /* PY_VERSION_HEX < 0x02060000 */
+
static int
m2_PyObject_AsReadBufferInt(PyObject *obj, const void **buffer,
int *buffer_len)
@@ -68,6 +95,37 @@
return 0;
}
+static int m2_PyObject_GetBufferInt(PyObject *obj, Py_buffer *view, int flags)
+{
+ int ret;
+
+ if (PyObject_CheckBuffer(obj))
+ ret = PyObject_GetBuffer(obj, view, flags);
+ else {
+ const void *buf;
+
+ ret = PyObject_AsReadBuffer(obj, &buf, &view->len);
+ if (ret == 0)
+ view->buf = (void *)buf;
+ }
+ if (ret)
+ return ret;
+ if (view->len > INT_MAX) {
+ PyErr_SetString(PyExc_ValueError, "object too large");
+ m2_PyBuffer_Release(obj, view);
+ return -1;
+ }
+
+ return 0;
+}
+
+static void m2_PyBuffer_Release(PyObject *obj, Py_buffer *view)
+{
+ if (PyObject_CheckBuffer(obj))
+ PyBuffer_Release(view);
+ /* else do nothing, view->buf comes from PyObject_AsReadBuffer */
+}
+
static int
m2_PyString_AsStringAndSizeInt(PyObject *obj, char **s, int *len)
{
diff -u M2Crypto/SWIG/_ssl.i M2Crypto-0.21.1/SWIG/_ssl.i
--- M2Crypto/SWIG/_ssl.i 2011-01-19 19:56:51.957338576 +0100
+++ M2Crypto-0.21.1/SWIG/_ssl.i 2011-05-10 19:58:26.779904541 +0200
@@ -700,12 +700,12 @@
}
int ssl_write(SSL *ssl, PyObject *blob, double timeout) {
- const void *buf;
- int len, r, ssl_err, ret;
+ Py_buffer buf;
+ int r, ssl_err, ret;
struct timeval tv;
- if (m2_PyObject_AsReadBufferInt(blob, &buf, &len) == -1) {
+ if (m2_PyObject_GetBufferInt(blob, &buf, PyBUF_CONTIG_RO) == -1) {
return -1;
}
@@ -713,7 +713,7 @@
gettimeofday(&tv, NULL);
again:
Py_BEGIN_ALLOW_THREADS
- r = SSL_write(ssl, buf, len);
+ r = SSL_write(ssl, buf.buf, buf.len);
ssl_err = SSL_get_error(ssl, r);
Py_END_ALLOW_THREADS
@@ -741,22 +741,22 @@
ret = -1;
}
-
+ m2_PyBuffer_Release(blob, &buf);
return ret;
}
int ssl_write_nbio(SSL *ssl, PyObject *blob) {
- const void *buf;
- int len, r, err, ret;
+ Py_buffer buf;
+ int r, err, ret;
- if (m2_PyObject_AsReadBufferInt(blob, &buf, &len) == -1) {
+ if (m2_PyObject_GetBufferInt(blob, &buf, PyBUF_CONTIG_RO) == -1) {
return -1;
}
Py_BEGIN_ALLOW_THREADS
- r = SSL_write(ssl, buf, len);
+ r = SSL_write(ssl, buf.buf, buf.len);
Py_END_ALLOW_THREADS
@@ -785,7 +785,7 @@
ret = -1;
}
-
+ m2_PyBuffer_Release(blob, &buf);
return ret;
}

166
SOURCES/m2crypto-0.21.1-smime-doc.patch
Unescape View File

@ -0,0 +1,166 @@ @@ -0,0 +1,166 @@
Index: demo/smime.howto/sign.py
===================================================================
--- demo/smime.howto/sign.py (revision 739)
+++ demo/smime.howto/sign.py (working copy)
@@ -18,7 +18,7 @@
# Instantiate an SMIME object; set it up; sign the buffer.
s = SMIME.SMIME()
s.load_key('signer_key.pem', 'signer.pem')
-p7 = s.sign(buf)
+p7 = s.sign(buf, SMIME.PKCS7_DETACHED)
# Recreate buf.
buf = makebuf('a sign of our times')
Index: demo/smime.howto/verify.py
===================================================================
--- demo/smime.howto/verify.py (revision 739)
+++ demo/smime.howto/verify.py (working copy)
@@ -23,7 +23,7 @@
# Load the data, verify it.
p7, data = SMIME.smime_load_pkcs7('sign.p7')
-v = s.verify(p7)
+v = s.verify(p7, data)
print v
print data
print data.read()
Index: demo/smime.howto/sendsmime.py
===================================================================
--- demo/smime.howto/sendsmime.py (revision 739)
+++ demo/smime.howto/sendsmime.py (working copy)
@@ -16,7 +16,10 @@
s = SMIME.SMIME()
if sign:
s.load_key(from_key, from_cert)
- p7 = s.sign(msg_bio, flags=SMIME.PKCS7_TEXT)
+ if encrypt:
+ p7 = s.sign(msg_bio, flags=SMIME.PKCS7_TEXT)
+ else:
+ p7 = s.sign(msg_bio, flags=SMIME.PKCS7_TEXT|SMIME.PKCS7_DETACHED)
msg_bio = BIO.MemoryBuffer(msg) # Recreate coz sign() has consumed it.
if encrypt:
Index: demo/smime/test.py
===================================================================
--- demo/smime/test.py (revision 739)
+++ demo/smime/test.py (working copy)
@@ -28,7 +28,7 @@
buf = makebuf()
s = SMIME.SMIME()
s.load_key('client.pem')
- p7 = s.sign(buf)
+ p7 = s.sign(buf, SMIME.PKCS7_DETACHED)
out = BIO.openfile('clear.p7', 'w')
out.write('To: ngps@post1.com\n')
out.write('From: ngps@post1.com\n')
@@ -58,7 +58,7 @@
st.load_info('ca.pem')
s.set_x509_store(st)
p7, data = SMIME.smime_load_pkcs7('clear.p7')
- v = s.verify(p7)
+ v = s.verify(p7, data)
if v:
print 'ok'
else:
@@ -105,9 +105,10 @@
s.load_key('client.pem')
# Sign.
- p7 = s.sign(buf)
+ p7 = s.sign(buf, SMIME.PKCS7_DETACHED)
# Output the stuff.
+ buf = makebuf() # Recreate buf, because sign() has consumed it.
bio = BIO.MemoryBuffer()
s.write(bio, p7, buf)
@@ -124,7 +125,7 @@
# Verify.
p7, buf = SMIME.smime_load_pkcs7_bio(bio)
- v = s.verify(p7, flags=SMIME.PKCS7_DETACHED)
+ v = s.verify(p7, buf, flags=SMIME.PKCS7_DETACHED)
if v:
print 'ok'
Index: demo/smime/sendsmime.py
===================================================================
--- demo/smime/sendsmime.py (revision 739)
+++ demo/smime/sendsmime.py (working copy)
@@ -16,7 +16,10 @@
s = SMIME.SMIME()
if sign:
s.load_key(from_key, from_cert)
- p7 = s.sign(msg_bio, flags=SMIME.PKCS7_TEXT)
+ if encrypt:
+ p7 = s.sign(msg_bio, flags=SMIME.PKCS7_TEXT)
+ else:
+ p7 = s.sign(msg_bio, flags=SMIME.PKCS7_TEXT|SMIME.PKCS7_DETACHED)
msg_bio = BIO.MemoryBuffer(msg) # Recreate coz sign() has consumed it.
if encrypt:
Index: contrib/smimeplus.py
===================================================================
--- contrib/smimeplus.py (revision 739)
+++ contrib/smimeplus.py (working copy)
@@ -64,7 +64,7 @@
_sender.load_key_bio(self.__pack(self.key), self.__pack(self.cert),
callback=self.__passcallback)
- _signed = _sender.sign(self.__pack(msg))
+ _signed = _sender.sign(self.__pack(msg), M2Crypto.SMIME.PKCS7_DETACHED)
_out = self.__pack(None)
_sender.write(_out, _signed, self.__pack(msg))
@@ -93,7 +93,7 @@
# Load signed message, verify it, and return result
_p7, _data = M2Crypto.SMIME.smime_load_pkcs7_bio(self.__pack(smsg))
try:
- return _sender.verify(_p7, flags=M2Crypto.SMIME.PKCS7_SIGNED)
+ return _sender.verify(_p7, _data, flags=M2Crypto.SMIME.PKCS7_SIGNED)
except M2Crypto.SMIME.SMIME_Error, _msg:
return None
Index: doc/howto.smime.html
===================================================================
--- doc/howto.smime.html (revision 739)
+++ doc/howto.smime.html (working copy)
@@ -646,7 +646,7 @@
# Instantiate an SMIME object; set it up; sign the buffer.
s = SMIME.SMIME()
s.load_key('signer_key.pem', 'signer.pem')
- p7 = s.sign(buf)
+ p7 = s.sign(buf, SMIME.PKCS7_DETACHED)
</PRE
><P
><TT
@@ -780,7 +780,7 @@
# Load the data, verify it.
p7, data = SMIME.smime_load_pkcs7('sign.p7')
- v = s.verify(p7)
+ v = s.verify(p7, data)
print v
print data
print data.read()
@@ -991,7 +991,7 @@
tmp = BIO.MemoryBuffer()
# Write the signed message into the temporary buffer.
- s.write(tmp, p7, buf)
+ s.write(tmp, p7)
# Encrypt the temporary buffer.
p7 = s.encrypt(tmp)
@@ -1158,7 +1158,10 @@
s = SMIME.SMIME()
if sign:
s.load_key(from_key, from_cert)
- p7 = s.sign(msg_bio, flags=SMIME.PKCS7_TEXT)
+ if encrypt:
+ p7 = s.sign(msg_bio, flags=SMIME.PKCS7_TEXT)
+ else:
+ p7 = s.sign(msg_bio, flags=SMIME.PKCS7_TEXT|SMIME.PKCS7_DETACHED)
msg_bio = BIO.MemoryBuffer(msg) # Recreate coz sign() has consumed it.
if encrypt:

43
SOURCES/m2crypto-0.21.1-sni.patch
Unescape View File

@ -0,0 +1,43 @@ @@ -0,0 +1,43 @@
Based on https://bugzilla.osafoundation.org/attachment.cgi?id=5760
by Sander Steffann <sander@steffann.nl>.

diff -ur M2Crypto/M2Crypto/SSL/Connection.py M2Crypto-0.21.1/M2Crypto/SSL/Connection.py
--- M2Crypto/M2Crypto/SSL/Connection.py 2013-12-17 02:01:49.843287273 +0100
+++ M2Crypto-0.21.1/M2Crypto/SSL/Connection.py 2013-12-17 02:28:28.357633159 +0100
@@ -368,3 +368,7 @@
def set_post_connection_check_callback(self, postConnectionCheck):
self.postConnectionCheck = postConnectionCheck
+
+ def set_tlsext_host_name(self, name):
+ "Set the requested hostname for the SNI (Server Name Indication) extension"
+ m2.ssl_set_tlsext_host_name(self.ssl, name)
diff -ur M2Crypto/SWIG/_ssl.i M2Crypto-0.21.1/SWIG/_ssl.i
--- M2Crypto/SWIG/_ssl.i 2013-12-17 02:01:49.863287264 +0100
+++ M2Crypto-0.21.1/SWIG/_ssl.i 2013-12-17 02:39:28.138364398 +0100
@@ -15,6 +15,7 @@
#include <openssl/bio.h>
#include <openssl/dh.h>
#include <openssl/ssl.h>
+#include <openssl/tls1.h>
#include <openssl/x509.h>
#include <poll.h>
#include <sys/time.h>
@@ -398,6 +399,17 @@
return SSL_get_mode(ssl);
}
+int ssl_set_tlsext_host_name(SSL *ssl, const char *name) {
+ long l;
+
+ if (!(l = SSL_set_tlsext_host_name(ssl, name))) {
+ PyErr_SetString(_ssl_err, ERR_reason_error_string(ERR_get_error()));
+ return -1;
+ }
+ /* Return an "int" to match the 'typemap(out) int' in _lib.i */
+ return 1;
+}
+
void ssl_set_client_CA_list_from_file(SSL *ssl, const char *ca_file) {
SSL_set_client_CA_list(ssl, SSL_load_client_CA_file(ca_file));
}

31
SOURCES/m2crypto-0.21.1-ssl23.patch
Unescape View File

@ -0,0 +1,31 @@ @@ -0,0 +1,31 @@
Index: tests/test_ssl.py
===================================================================
--- tests/test_ssl.py (revision 739)
+++ tests/test_ssl.py (working copy)
@@ -376,7 +376,7 @@
def test_sslv23_no_v2(self):
if fips_mode: # TLS is required in FIPS mode
return
- self.args.append('-no_tls1')
+ self.args.append('-ssl3')
pid = self.start_server(self.args)
try:
ctx = SSL.Context('sslv23')
@@ -390,7 +390,7 @@
def test_sslv23_no_v2_no_service(self):
if fips_mode: # TLS is required in FIPS mode
return
- self.args = self.args + ['-no_tls1', '-no_ssl3']
+ self.args = self.args + ['-ssl2']
pid = self.start_server(self.args)
try:
ctx = SSL.Context('sslv23')
@@ -403,7 +403,7 @@
def test_sslv23_weak_crypto(self):
if fips_mode: # TLS is required in FIPS mode
return
- self.args = self.args + ['-no_tls1', '-no_ssl3']
+ self.args = self.args + ['-ssl2']
pid = self.start_server(self.args)
try:
ctx = SSL.Context('sslv23', weak_crypto=1)

162
SOURCES/m2crypto-0.21.1-supported-ec.patch
Unescape View File

@ -0,0 +1,162 @@ @@ -0,0 +1,162 @@
Modify the test suite to only use the EC curves supported by Fedora's
OpenSSL (and when having a choice, use the p256 curve).

diff -ur M2Crypto/tests/ec.priv.pem M2Crypto-0.21.1/tests/ec.priv.pem
--- M2Crypto/tests/ec.priv.pem 2011-01-15 20:10:05.000000000 +0100
+++ M2Crypto-0.21.1/tests/ec.priv.pem 2013-12-17 04:02:00.602961297 +0100
@@ -1,5 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
-MG0CAQEEHXXhxMbflWHSfCjfxsqHTsIR+BVbREI6JFYGaUs0oAcGBSuBBAAaoUAD
-PgAEAdJXSN/xnRiDqc4wSiYbWB7LGabs71Y9zzIE1ZbzAcvb7uxtoyUxrmRQC8xD
-EO2qZX16mtpmgoNz3EeT
+MHcCAQEEIAdDwKEoKa3qnuvofjRFJgNul5Ldzy1EmoArNuY3jmKUoAoGCCqGSM49
+AwEHoUQDQgAEA2q6LZM77EldCKF9mBszDIVJVxepXJt6QpjEDtsmetYsNB2e4D1z
+QOjQGGwz+8NeOSkDqhE+1rNAaCjx93CeRg==
-----END EC PRIVATE KEY-----
diff -ur M2Crypto/tests/ec.pub.pem M2Crypto-0.21.1/tests/ec.pub.pem
--- M2Crypto/tests/ec.pub.pem 2011-01-15 20:10:05.000000000 +0100
+++ M2Crypto-0.21.1/tests/ec.pub.pem 2013-12-17 04:01:53.627964282 +0100
@@ -1,4 +1,4 @@
-----BEGIN PUBLIC KEY-----
-MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAdJXSN/xnRiDqc4wSiYbWB7LGabs71Y9
-zzIE1ZbzAcvb7uxtoyUxrmRQC8xDEO2qZX16mtpmgoNz3EeT
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEA2q6LZM77EldCKF9mBszDIVJVxep
+XJt6QpjEDtsmetYsNB2e4D1zQOjQGGwz+8NeOSkDqhE+1rNAaCjx93CeRg==
-----END PUBLIC KEY-----
diff -ur M2Crypto/tests/test_ec_curves.py M2Crypto-0.21.1/tests/test_ec_curves.py
--- M2Crypto/tests/test_ec_curves.py 2011-01-15 20:10:05.000000000 +0100
+++ M2Crypto-0.21.1/tests/test_ec_curves.py 2013-12-17 03:54:58.321142332 +0100
@@ -25,75 +25,8 @@
curves = [
- ('secp112r1', 112),
- ('secp112r2', 112),
- ('secp128r1', 128),
- ('secp128r2', 128),
- ('secp160k1', 160),
- ('secp160r1', 160),
- ('secp160r2', 160),
- ('secp192k1', 192),
- ('secp224k1', 224),
- ('secp224r1', 224),
- ('secp256k1', 256),
- ('secp384r1', 384),
- ('secp521r1', 521),
-
- ('sect113r1', 113),
- ('sect113r2', 113),
- ('sect131r1', 131),
- ('sect131r2', 131),
- ('sect163k1', 163),
- ('sect163r1', 163),
- ('sect163r2', 163),
- ('sect193r1', 193),
- ('sect193r2', 193),
- ('sect233k1', 233),
- ('sect233r1', 233),
- ('sect239k1', 239),
- ('sect283k1', 283),
- ('sect283r1', 283),
- ('sect409k1', 409),
- ('sect409r1', 409),
- ('sect571k1', 571),
- ('sect571r1', 571),
-
- ('X9_62_prime192v1', 192),
- ('X9_62_prime192v2', 192),
- ('X9_62_prime192v3', 192),
- ('X9_62_prime239v1', 239),
- ('X9_62_prime239v2', 239),
- ('X9_62_prime239v3', 239),
('X9_62_prime256v1', 256),
-
- ('X9_62_c2pnb163v1', 163),
- ('X9_62_c2pnb163v2', 163),
- ('X9_62_c2pnb163v3', 163),
- ('X9_62_c2pnb176v1', 176),
- ('X9_62_c2tnb191v1', 191),
- ('X9_62_c2tnb191v2', 191),
- ('X9_62_c2tnb191v3', 191),
- ('X9_62_c2pnb208w1', 208),
- ('X9_62_c2tnb239v1', 239),
- ('X9_62_c2tnb239v2', 239),
- ('X9_62_c2tnb239v3', 239),
- ('X9_62_c2pnb272w1', 272),
- ('X9_62_c2pnb304w1', 304),
- ('X9_62_c2tnb359v1', 359),
- ('X9_62_c2pnb368w1', 368),
- ('X9_62_c2tnb431r1', 431),
-
- ('wap_wsg_idm_ecid_wtls1', 113),
- ('wap_wsg_idm_ecid_wtls3', 163),
- ('wap_wsg_idm_ecid_wtls4', 113),
- ('wap_wsg_idm_ecid_wtls5', 163),
- ('wap_wsg_idm_ecid_wtls6', 112),
- ('wap_wsg_idm_ecid_wtls7', 160),
- ('wap_wsg_idm_ecid_wtls8', 112),
- ('wap_wsg_idm_ecid_wtls9', 160),
- ('wap_wsg_idm_ecid_wtls10', 233),
- ('wap_wsg_idm_ecid_wtls11', 233),
- ('wap_wsg_idm_ecid_wtls12', 224),
+ ('secp384r1', 384),
]
# The following two curves, according to OpenSSL, have a
diff -ur M2Crypto/tests/test_ecdh.py M2Crypto-0.21.1/tests/test_ecdh.py
--- M2Crypto/tests/test_ecdh.py 2011-01-15 20:10:05.000000000 +0100
+++ M2Crypto-0.21.1/tests/test_ecdh.py 2013-12-17 04:02:25.980950434 +0100
@@ -20,16 +20,16 @@
def test_compute_key(self):
a = EC.load_key(self.privkey)
- b = EC.gen_params(EC.NID_sect233k1)
+ b = EC.gen_params(EC.NID_X9_62_prime256v1)
b.gen_key()
ak = a.compute_dh_key(b.pub())
bk = b.compute_dh_key(a.pub())
assert ak == bk
def test_pubkey_from_der(self):
- a = EC.gen_params(EC.NID_sect233k1)
+ a = EC.gen_params(EC.NID_X9_62_prime256v1)
a.gen_key()
- b = EC.gen_params(EC.NID_sect233k1)
+ b = EC.gen_params(EC.NID_X9_62_prime256v1)
b.gen_key()
a_pub_der = a.pub().get_der()
a_pub = EC.pub_key_from_der(a_pub_der)
diff -ur M2Crypto/tests/test_ecdsa.py M2Crypto-0.21.1/tests/test_ecdsa.py
--- M2Crypto/tests/test_ecdsa.py 2011-01-15 20:10:05.000000000 +0100
+++ M2Crypto-0.21.1/tests/test_ecdsa.py 2013-12-17 04:02:46.709941569 +0100
@@ -29,16 +29,16 @@
def test_loadkey(self):
ec = EC.load_key(self.privkey)
- assert len(ec) == 233
+ assert len(ec) == 256
def test_loadpubkey(self):
# XXX more work needed
ec = EC.load_pub_key(self.pubkey)
- assert len(ec) == 233
+ assert len(ec) == 256
self.assertRaises(EC.ECError, EC.load_pub_key, self.errkey)
def _test_sign_dsa(self):
- ec = EC.gen_params(EC.NID_sect233k1)
+ ec = EC.gen_params(EC.NID_X9_62_prime256v1)
# ec.gen_key()
self.assertRaises(EC.ECError, ec.sign_dsa, self.data)
ec = EC.load_key(self.privkey)
@@ -60,8 +60,8 @@
assert not ec2.verify_dsa(self.data, s, r)
def test_genparam(self):
- ec = EC.gen_params(EC.NID_sect233k1)
- assert len(ec) == 233
+ ec = EC.gen_params(EC.NID_X9_62_prime256v1)
+ assert len(ec) == 256
def suite():

30
SOURCES/m2crypto-0.21.1-test_cookie_str_changed.patch
Unescape View File

@ -0,0 +1,30 @@ @@ -0,0 +1,30 @@
diff -ur M2Crypto/tests/test_authcookie.py M2Crypto-0.21.1/tests/test_authcookie.py
--- M2Crypto/tests/test_authcookie.py 2011-01-15 20:10:05.000000000 +0100
+++ M2Crypto-0.21.1/tests/test_authcookie.py 2015-07-07 14:42:20.713482088 +0200
@@ -114,7 +114,7 @@
def test_cookie_str_changed_exp(self):
c = self.jar.makeCookie(self.exp, self.data)
cout = c.output()
- str = cout[:26] + '2' + cout[27:]
+ str = cout[:26] + chr(ord(cout[26])^1) + cout[27:]
s = Cookie.SmartCookie()
s.load(str)
self.failIf(self.jar.isGoodCookieString(s.output()))
@@ -122,7 +122,7 @@
def test_cookie_str_changed_data(self):
c = self.jar.makeCookie(self.exp, self.data)
cout = c.output()
- str = cout[:36] + 'X' + cout[37:]
+ str = cout[:36] + chr(ord(cout[36])^1) + cout[37:]
s = Cookie.SmartCookie()
s.load(str)
self.failIf(self.jar.isGoodCookieString(s.output()))
@@ -130,7 +130,7 @@
def test_cookie_str_changed_mac(self):
c = self.jar.makeCookie(self.exp, self.data)
cout = c.output()
- str = cout[:76] + 'X' + cout[77:]
+ str = cout[:76] + chr(ord(cout[76])^1) + cout[77:]
s = Cookie.SmartCookie()
s.load(str)
self.failIf(self.jar.isGoodCookieString(s.output()))

44
SOURCES/m2crypto-0.21.1-tests-no-SIGHUP.patch
Unescape View File

@ -0,0 +1,44 @@ @@ -0,0 +1,44 @@
Koji, the Fedora build system, is apparently setting up the build
processes to ignore SIGHUP by default, leading the helper processes
used by test_ssl to never terminate. We could override the SIGHUP
handling, but sending SIGTERM is more correct anyway.

diff -ur M2Crypto/tests/test_ssl.py M2Crypto-0.21.1/tests/test_ssl.py
--- M2Crypto/tests/test_ssl.py 2013-12-18 02:08:42.411669114 +0100
+++ M2Crypto-0.21.1/tests/test_ssl.py 2013-12-18 02:10:57.877589271 +0100
@@ -20,7 +20,7 @@
- ThreadingSSLServer
"""
-import os, socket, string, sys, tempfile, thread, time, unittest
+import os, signal, socket, string, sys, tempfile, thread, time, unittest
from M2Crypto import Rand, SSL, m2, Err
from fips import fips_mode
@@ -95,7 +95,7 @@
return pid
def stop_server(self, pid):
- os.kill(pid, 1)
+ os.kill(pid, signal.SIGTERM)
os.waitpid(pid, 0)
def http_get(self, s):
@@ -1039,7 +1039,7 @@
finally:
self.stop_server(pid)
finally:
- os.kill(pipe_pid, 1)
+ os.kill(pipe_pid, signal.SIGTERM)
os.waitpid(pipe_pid, 0)
os.unlink('tests/' + FIFO_NAME)
@@ -1154,7 +1154,7 @@
chunk = string.split(ps)
pid, cmd = chunk[0], chunk[4]
if cmd == s:
- os.kill(int(pid), 1)
+ os.kill(int(pid), signal.SIGTERM)
f.close()
os.unlink(fn)

14
SOURCES/m2crypto-0.21.1-tests-no-export-ciphers.patch
Unescape View File

@ -0,0 +1,14 @@ @@ -0,0 +1,14 @@
Recent Fedora releases have disabled export ciphers by default, so
don't test that they work.

diff -ur M2Crypto/tests/test_ssl.py M2Crypto-0.21.1/tests/test_ssl.py
--- M2Crypto/tests/test_ssl.py 2014-01-06 22:35:45.777935677 +0100
+++ M2Crypto-0.21.1/tests/test_ssl.py 2014-01-06 22:43:34.025594902 +0100
@@ -463,6 +463,7 @@
finally:
self.stop_server(pid)
+ @unittest.skip("Export ciphers are prohibited in recent Fedora releases")
def test_use_weak_cipher(self):
if fips_mode: # Weak ciphers are prohibited
return

216
SOURCES/m2crypto-0.21.1-tests-random-ports.patch
Unescape View File

@ -0,0 +1,216 @@ @@ -0,0 +1,216 @@
Pouze v M2Crypto-0.21.1: randpool.dat
diff -ur M2Crypto/tests/test_bio_ssl.py M2Crypto-0.21.1/tests/test_bio_ssl.py
--- M2Crypto/tests/test_bio_ssl.py 2011-01-15 20:10:05.000000000 +0100
+++ M2Crypto-0.21.1/tests/test_bio_ssl.py 2014-01-06 23:31:47.709383892 +0100
@@ -11,7 +11,7 @@
from M2Crypto import Rand
from M2Crypto import threading as m2threading
-from test_ssl import srv_host, srv_port
+from test_ssl import srv_host, allocate_srv_port
class HandshakeClient(threading.Thread):
@@ -113,6 +113,7 @@
conn.set_bio(readbio, writebio)
conn.set_accept_state()
handshake_complete = False
+ srv_port = allocate_srv_port()
sock = socket.socket()
sock.bind((srv_host, srv_port))
sock.listen(5)
diff -ur M2Crypto/tests/test_ssl.py M2Crypto-0.21.1/tests/test_ssl.py
--- M2Crypto/tests/test_ssl.py 2014-01-06 22:49:57.961307007 +0100
+++ M2Crypto-0.21.1/tests/test_ssl.py 2014-01-06 23:30:13.856457390 +0100
@@ -26,7 +26,16 @@
from fips import fips_mode
srv_host = 'localhost'
-srv_port = 64000
+
+def allocate_srv_port():
+ s = socket.socket()
+ try:
+ s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
+ s.bind((srv_host, 0))
+ (host, port) = s.getsockname()
+ finally:
+ s.close()
+ return port
def verify_cb_new_function(ok, store):
try:
@@ -113,17 +122,13 @@
def setUp(self):
self.srv_host = srv_host
- self.srv_port = srv_port
- self.srv_addr = (srv_host, srv_port)
- self.srv_url = 'https://%s:%s/' % (srv_host, srv_port)
+ self.srv_port = allocate_srv_port()
+ self.srv_addr = (srv_host, self.srv_port)
+ self.srv_url = 'https://%s:%s/' % (srv_host, self.srv_port)
self.args = ['s_server', '-quiet', '-www',
#'-cert', 'server.pem', Implicitly using this
'-accept', str(self.srv_port)]
- def tearDown(self):
- global srv_port
- srv_port = srv_port - 1
-
class PassSSLClientTestCase(BaseSSLClientTestCase):
@@ -136,7 +141,7 @@
pid = self.start_server(self.args)
try:
from M2Crypto import httpslib
- c = httpslib.HTTPSConnection(srv_host, srv_port)
+ c = httpslib.HTTPSConnection(srv_host, self.srv_port)
c.request('GET', '/')
data = c.getresponse().read()
c.close()
@@ -153,7 +158,7 @@
ctx.load_cert('tests/x509.pem')
ctx.set_verify(SSL.verify_peer | SSL.verify_fail_if_no_peer_cert, 1)
ctx.set_session_cache_mode(m2.SSL_SESS_CACHE_CLIENT)
- c = httpslib.HTTPSConnection(srv_host, srv_port, ssl_context=ctx)
+ c = httpslib.HTTPSConnection(srv_host, self.srv_port, ssl_context=ctx)
c.request('GET', '/')
ses = c.get_session()
t = ses.as_text()
@@ -166,7 +171,7 @@
ctx2.load_cert('tests/x509.pem')
ctx2.set_verify(SSL.verify_peer | SSL.verify_fail_if_no_peer_cert, 1)
ctx2.set_session_cache_mode(m2.SSL_SESS_CACHE_CLIENT)
- c2 = httpslib.HTTPSConnection(srv_host, srv_port, ssl_context=ctx2)
+ c2 = httpslib.HTTPSConnection(srv_host, self.srv_port, ssl_context=ctx2)
c2.set_session(ses)
c2.request('GET', '/')
ses2 = c2.get_session()
@@ -186,7 +191,7 @@
ctx = SSL.Context()
ctx.set_verify(SSL.verify_peer | SSL.verify_fail_if_no_peer_cert, 9)
ctx.load_verify_locations('tests/ca.pem')
- c = httpslib.HTTPSConnection(srv_host, srv_port, ssl_context=ctx)
+ c = httpslib.HTTPSConnection(srv_host, self.srv_port, ssl_context=ctx)
c.request('GET', '/')
data = c.getresponse().read()
c.close()
@@ -201,7 +206,7 @@
ctx = SSL.Context()
ctx.set_verify(SSL.verify_peer | SSL.verify_fail_if_no_peer_cert, 9)
ctx.load_verify_locations('tests/server.pem')
- c = httpslib.HTTPSConnection(srv_host, srv_port, ssl_context=ctx)
+ c = httpslib.HTTPSConnection(srv_host, self.srv_port, ssl_context=ctx)
self.assertRaises(SSL.SSLError, c.request, 'GET', '/')
c.close()
finally:
@@ -211,7 +216,7 @@
pid = self.start_server(self.args)
try:
from M2Crypto import httpslib
- c = httpslib.HTTPS(srv_host, srv_port)
+ c = httpslib.HTTPS(srv_host, self.srv_port)
c.putrequest('GET', '/')
c.putheader('Accept', 'text/html')
c.putheader('Accept', 'text/plain')
@@ -232,7 +237,7 @@
ctx = SSL.Context()
ctx.set_verify(SSL.verify_peer | SSL.verify_fail_if_no_peer_cert, 9)
ctx.load_verify_locations('tests/ca.pem')
- c = httpslib.HTTPS(srv_host, srv_port, ssl_context=ctx)
+ c = httpslib.HTTPS(srv_host, self.srv_port, ssl_context=ctx)
c.putrequest('GET', '/')
c.putheader('Accept', 'text/html')
c.putheader('Accept', 'text/plain')
@@ -253,7 +258,7 @@
ctx = SSL.Context()
ctx.set_verify(SSL.verify_peer | SSL.verify_fail_if_no_peer_cert, 9)
ctx.load_verify_locations('tests/server.pem')
- c = httpslib.HTTPS(srv_host, srv_port, ssl_context=ctx)
+ c = httpslib.HTTPS(srv_host, self.srv_port, ssl_context=ctx)
c.putrequest('GET', '/')
c.putheader('Accept', 'text/html')
c.putheader('Accept', 'text/plain')
@@ -871,7 +876,7 @@
from M2Crypto import m2urllib
url = m2urllib.FancyURLopener()
url.addheader('Connection', 'close')
- u = url.open('https://%s:%s/' % (srv_host, srv_port))
+ u = url.open('https://%s:%s/' % (srv_host, self.srv_port))
data = u.read()
u.close()
finally:
@@ -896,7 +901,7 @@
from M2Crypto import m2urllib2
opener = m2urllib2.build_opener()
opener.addheaders = [('Connection', 'close')]
- u = opener.open('https://%s:%s/' % (srv_host, srv_port))
+ u = opener.open('https://%s:%s/' % (srv_host, self.srv_port))
data = u.read()
u.close()
finally:
@@ -913,7 +918,7 @@
from M2Crypto import m2urllib2
opener = m2urllib2.build_opener(ctx)
opener.addheaders = [('Connection', 'close')]
- u = opener.open('https://%s:%s/' % (srv_host, srv_port))
+ u = opener.open('https://%s:%s/' % (srv_host, self.srv_port))
data = u.read()
u.close()
finally:
@@ -930,7 +935,7 @@
from M2Crypto import m2urllib2
opener = m2urllib2.build_opener(ctx)
opener.addheaders = [('Connection', 'close')]
- self.assertRaises(SSL.SSLError, opener.open, 'https://%s:%s/' % (srv_host, srv_port))
+ self.assertRaises(SSL.SSLError, opener.open, 'https://%s:%s/' % (srv_host, self.srv_port))
finally:
self.stop_server(pid)
@@ -942,7 +947,7 @@
from M2Crypto import m2urllib2
opener = m2urllib2.build_opener(ctx, m2urllib2.HTTPBasicAuthHandler())
m2urllib2.install_opener(opener)
- req = m2urllib2.Request('https://%s:%s/' % (srv_host, srv_port))
+ req = m2urllib2.Request('https://%s:%s/' % (srv_host, self.srv_port))
u = m2urllib2.urlopen(req)
data = u.read()
u.close()
@@ -963,7 +968,7 @@
import gc
from M2Crypto import m2urllib2
o = m2urllib2.build_opener()
- r = o.open('https://%s:%s/' % (srv_host, srv_port))
+ r = o.open('https://%s:%s/' % (srv_host, self.srv_port))
s = [r.fp._sock.fp]
r.close()
self.assertEqual(len(gc.get_referrers(s[0])), 1)
@@ -990,7 +995,7 @@
pid = self.start_server(self.args)
try:
from M2Crypto import httpslib
- c = httpslib.HTTPS(srv_host, srv_port)
+ c = httpslib.HTTPS(srv_host, self.srv_port)
c.putrequest('GET', '/')
c.putheader('Accept', 'text/html')
c.putheader('Accept', 'text/plain')
@@ -1029,7 +1034,7 @@
pid = self.start_server(self.args)
try:
from M2Crypto import httpslib
- c = httpslib.HTTPS(srv_host, srv_port)
+ c = httpslib.HTTPS(srv_host, self.srv_port)
c.putrequest('GET', '/' + FIFO_NAME)
c.putheader('Accept', 'text/html')
c.putheader('Accept', 'text/plain')
@@ -1086,7 +1091,7 @@
contextFactory = ContextFactory()
factory = EchoClientFactory()
- wrapper.connectSSL(srv_host, srv_port, factory, contextFactory)
+ wrapper.connectSSL(srv_host, self.srv_port, factory, contextFactory)
reactor.run() # This will block until reactor.stop() is called
finally:
self.stop_server(pid)

599
SOURCES/m2crypto-0.21.1-timeouts.patch
Unescape View File

@ -0,0 +1,599 @@ @@ -0,0 +1,599 @@
diff -urN M2Crypto/M2Crypto/SSL/Connection.py M2Crypto-0.21.1/M2Crypto/SSL/Connection.py
--- M2Crypto/M2Crypto/SSL/Connection.py 2013-11-26 20:01:02.591964970 +0100
+++ M2Crypto-0.21.1/M2Crypto/SSL/Connection.py 2013-11-26 20:01:19.204950349 +0100
@@ -47,9 +47,11 @@
self.socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
self._fileno = self.socket.fileno()
-
- self.blocking = self.socket.gettimeout()
-
+
+ self._timeout = self.socket.gettimeout()
+ if self._timeout is None:
+ self._timeout = -1.0
+
self.ssl_close_flag = m2.bio_noclose
@@ -147,7 +149,7 @@
m2.ssl_set_accept_state(self.ssl)
def accept_ssl(self):
- return m2.ssl_accept(self.ssl)
+ return m2.ssl_accept(self.ssl, self._timeout)
def accept(self):
"""Accept an SSL connection. The return value is a pair (ssl, addr) where
@@ -169,7 +171,7 @@
m2.ssl_set_connect_state(self.ssl)
def connect_ssl(self):
- return m2.ssl_connect(self.ssl)
+ return m2.ssl_connect(self.ssl, self._timeout)
def connect(self, addr):
self.socket.connect(addr)
@@ -196,7 +198,7 @@
return m2.ssl_pending(self.ssl)
def _write_bio(self, data):
- return m2.ssl_write(self.ssl, data)
+ return m2.ssl_write(self.ssl, data, self._timeout)
def _write_nbio(self, data):
return m2.ssl_write_nbio(self.ssl, data)
@@ -204,7 +206,7 @@
def _read_bio(self, size=1024):
if size <= 0:
raise ValueError, 'size <= 0'
- return m2.ssl_read(self.ssl, size)
+ return m2.ssl_read(self.ssl, size, self._timeout)
def _read_nbio(self, size=1024):
if size <= 0:
@@ -212,13 +214,13 @@
return m2.ssl_read_nbio(self.ssl, size)
def write(self, data):
- if self.blocking:
+ if self._timeout != 0.0:
return self._write_bio(data)
return self._write_nbio(data)
sendall = send = write
def read(self, size=1024):
- if self.blocking:
+ if self._timeout != 0.0:
return self._read_bio(size)
return self._read_nbio(size)
recv = read
@@ -226,7 +228,17 @@
def setblocking(self, mode):
"""Set this connection's underlying socket to _mode_."""
self.socket.setblocking(mode)
- self.blocking = mode
+ if mode:
+ self._timeout = -1.0
+ else:
+ self._timeout = 0.0
+
+ def settimeout(self, timeout):
+ """Set this connection's underlying socket's timeout to _timeout_."""
+ self.socket.settimeout(timeout)
+ self._timeout = timeout
+ if self._timeout is None:
+ self._timeout = -1.0
def fileno(self):
return self.socket.fileno()
@@ -308,15 +320,8 @@
"""Set the cipher suites for this connection."""
return m2.ssl_set_cipher_list(self.ssl, cipher_list)
- def makefile(self, mode='rb', bufsize='ignored'):
- r = 'r' in mode or '+' in mode
- w = 'w' in mode or 'a' in mode or '+' in mode
- b = 'b' in mode
- m2mode = ['', 'r'][r] + ['', 'w'][w] + ['', 'b'][b]
- # XXX Need to dup().
- bio = BIO.BIO(self.sslbio, _close_cb=self.close)
- m2.bio_do_handshake(bio._ptr())
- return BIO.IOBuffer(bio, m2mode, _pyfree=0)
+ def makefile(self, mode='rb', bufsize=-1):
+ return socket._fileobject(self, mode, bufsize)
def getsockname(self):
return self.socket.getsockname()
diff -urN M2Crypto/M2Crypto/SSL/__init__.py M2Crypto-0.21.1/M2Crypto/SSL/__init__.py
--- M2Crypto/M2Crypto/SSL/__init__.py 2013-11-26 20:01:02.590964971 +0100
+++ M2Crypto-0.21.1/M2Crypto/SSL/__init__.py 2013-11-26 20:01:19.204950349 +0100
@@ -2,11 +2,14 @@
Copyright (c) 1999-2004 Ng Pheng Siong. All rights reserved."""
+import socket
+
# M2Crypto
from M2Crypto import m2
class SSLError(Exception): pass
-m2.ssl_init(SSLError)
+class SSLTimeoutError(SSLError, socket.timeout): pass
+m2.ssl_init(SSLError, SSLTimeoutError)
# M2Crypto.SSL
from Cipher import Cipher, Cipher_Stack
diff -urN M2Crypto/SWIG/_ssl.i M2Crypto-0.21.1/SWIG/_ssl.i
--- M2Crypto/SWIG/_ssl.i 2013-11-26 20:01:02.612964952 +0100
+++ M2Crypto-0.21.1/SWIG/_ssl.i 2013-11-26 20:01:19.205950348 +0100
@@ -11,10 +11,13 @@
%{
#include <pythread.h>
+#include <limits.h>
#include <openssl/bio.h>
#include <openssl/dh.h>
#include <openssl/ssl.h>
#include <openssl/x509.h>
+#include <poll.h>
+#include <sys/time.h>
%}
%apply Pointer NONNULL { SSL_CTX * };
@@ -155,6 +158,11 @@
%rename(ssl_session_get_timeout) SSL_SESSION_get_timeout;
extern long SSL_SESSION_get_timeout(CONST SSL_SESSION *);
+extern PyObject *ssl_accept(SSL *ssl, double timeout = -1);
+extern PyObject *ssl_connect(SSL *ssl, double timeout = -1);
+extern PyObject *ssl_read(SSL *ssl, int num, double timeout = -1);
+extern int ssl_write(SSL *ssl, PyObject *blob, double timeout = -1);
+
%constant int ssl_error_none = SSL_ERROR_NONE;
%constant int ssl_error_ssl = SSL_ERROR_SSL;
%constant int ssl_error_want_read = SSL_ERROR_WANT_READ;
@@ -210,14 +218,19 @@
%constant int SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = SSL_MODE_ENABLE_PARTIAL_WRITE;
%constant int SSL_MODE_AUTO_RETRY = SSL_MODE_AUTO_RETRY;
+%ignore ssl_handle_error;
+%ignore ssl_sleep_with_timeout;
%inline %{
static PyObject *_ssl_err;
+static PyObject *_ssl_timeout_err;
-void ssl_init(PyObject *ssl_err) {
+void ssl_init(PyObject *ssl_err, PyObject *ssl_timeout_err) {
SSL_library_init();
SSL_load_error_strings();
Py_INCREF(ssl_err);
+ Py_INCREF(ssl_timeout_err);
_ssl_err = ssl_err;
+ _ssl_timeout_err = ssl_timeout_err;
}
void ssl_ctx_passphrase_callback(SSL_CTX *ctx, PyObject *pyfunc) {
@@ -403,36 +416,130 @@
return ret;
}
-PyObject *ssl_accept(SSL *ssl) {
+static void ssl_handle_error(int ssl_err, int ret) {
+ int err;
+
+ switch (ssl_err) {
+ case SSL_ERROR_SSL:
+ PyErr_SetString(_ssl_err,
+ ERR_reason_error_string(ERR_get_error()));
+ break;
+ case SSL_ERROR_SYSCALL:
+ err = ERR_get_error();
+ if (err)
+ PyErr_SetString(_ssl_err, ERR_reason_error_string(err));
+ else if (ret == 0)
+ PyErr_SetString(_ssl_err, "unexpected eof");
+ else if (ret == -1)
+ PyErr_SetFromErrno(_ssl_err);
+ else
+ assert(0);
+ break;
+ default:
+ PyErr_SetString(_ssl_err, "unexpected SSL error");
+ }
+}
+
+static int ssl_sleep_with_timeout(SSL *ssl, const struct timeval *start,
+ double timeout, int ssl_err) {
+ struct pollfd fd;
+ struct timeval tv;
+ int ms, tmp;
+
+ assert(timeout > 0);
+ again:
+ gettimeofday(&tv, NULL);
+ /* tv >= start */
+ if ((timeout + start->tv_sec - tv.tv_sec) > INT_MAX / 1000)
+ ms = -1;
+ else {
+ int fract;
+
+ ms = ((start->tv_sec + (int)timeout) - tv.tv_sec) * 1000;
+ fract = (start->tv_usec + (timeout - (int)timeout) * 1000000
+ - tv.tv_usec + 999) / 1000;
+ if (ms > 0 && fract > INT_MAX - ms)
+ ms = -1;
+ else {
+ ms += fract;
+ if (ms <= 0)
+ goto timeout;
+ }
+ }
+ switch (ssl_err) {
+ case SSL_ERROR_WANT_READ:
+ fd.fd = SSL_get_rfd(ssl);
+ fd.events = POLLIN;
+ break;
+
+ case SSL_ERROR_WANT_WRITE:
+ fd.fd = SSL_get_wfd(ssl);
+ fd.events = POLLOUT;
+ break;
+
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ return 0; /* FIXME: is this correct? */
+
+ default:
+ assert(0);
+ }
+ if (fd.fd == -1) {
+ PyErr_SetString(_ssl_err, "timeout on a non-FD SSL");
+ return -1;
+ }
+ Py_BEGIN_ALLOW_THREADS
+ tmp = poll(&fd, 1, ms);
+ Py_END_ALLOW_THREADS
+ switch (tmp) {
+ case 1:
+ return 0;
+ case 0:
+ goto timeout;
+ case -1:
+ if (errno == EINTR)
+ goto again;
+ PyErr_SetFromErrno(_ssl_err);
+ return -1;
+ }
+ return 0;
+
+ timeout:
+ PyErr_SetString(_ssl_timeout_err, "timed out");
+ return -1;
+}
+
+PyObject *ssl_accept(SSL *ssl, double timeout) {
PyObject *obj = NULL;
- int r, err;
+ int r, ssl_err;
+ struct timeval tv;
+ if (timeout > 0)
+ gettimeofday(&tv, NULL);
+ again:
Py_BEGIN_ALLOW_THREADS
r = SSL_accept(ssl);
+ ssl_err = SSL_get_error(ssl, r);
Py_END_ALLOW_THREADS
- switch (SSL_get_error(ssl, r)) {
+ switch (ssl_err) {
case SSL_ERROR_NONE:
case SSL_ERROR_ZERO_RETURN:
obj = PyInt_FromLong((long)1);
break;
case SSL_ERROR_WANT_WRITE:
case SSL_ERROR_WANT_READ:
- obj = PyInt_FromLong((long)0);
- break;
- case SSL_ERROR_SSL:
- PyErr_SetString(_ssl_err, ERR_reason_error_string(ERR_get_error()));
+ if (timeout <= 0) {
+ obj = PyInt_FromLong((long)0);
+ break;
+ }
+ if (ssl_sleep_with_timeout(ssl, &tv, timeout, ssl_err) == 0)
+ goto again;
obj = NULL;
break;
+ case SSL_ERROR_SSL:
case SSL_ERROR_SYSCALL:
- err = ERR_get_error();
- if (err)
- PyErr_SetString(_ssl_err, ERR_reason_error_string(err));
- else if (r == 0)
- PyErr_SetString(_ssl_err, "unexpected eof");
- else if (r == -1)
- PyErr_SetFromErrno(_ssl_err);
+ ssl_handle_error(ssl_err, r);
obj = NULL;
break;
}
@@ -441,36 +548,38 @@
return obj;
}
-PyObject *ssl_connect(SSL *ssl) {
+PyObject *ssl_connect(SSL *ssl, double timeout) {
PyObject *obj = NULL;
- int r, err;
+ int r, ssl_err;
+ struct timeval tv;
+ if (timeout > 0)
+ gettimeofday(&tv, NULL);
+ again:
Py_BEGIN_ALLOW_THREADS
r = SSL_connect(ssl);
+ ssl_err = SSL_get_error(ssl, r);
Py_END_ALLOW_THREADS
- switch (SSL_get_error(ssl, r)) {
+ switch (ssl_err) {
case SSL_ERROR_NONE:
case SSL_ERROR_ZERO_RETURN:
obj = PyInt_FromLong((long)1);
break;
case SSL_ERROR_WANT_WRITE:
case SSL_ERROR_WANT_READ:
- obj = PyInt_FromLong((long)0);
- break;
- case SSL_ERROR_SSL:
- PyErr_SetString(_ssl_err, ERR_reason_error_string(ERR_get_error()));
+ if (timeout <= 0) {
+ obj = PyInt_FromLong((long)0);
+ break;
+ }
+ if (ssl_sleep_with_timeout(ssl, &tv, timeout, ssl_err) == 0)
+ goto again;
obj = NULL;
break;
+ case SSL_ERROR_SSL:
case SSL_ERROR_SYSCALL:
- err = ERR_get_error();
- if (err)
- PyErr_SetString(_ssl_err, ERR_reason_error_string(err));
- else if (r == 0)
- PyErr_SetString(_ssl_err, "unexpected eof");
- else if (r == -1)
- PyErr_SetFromErrno(_ssl_err);
+ ssl_handle_error(ssl_err, r);
obj = NULL;
break;
}
@@ -483,10 +592,11 @@
SSL_set_shutdown(ssl, mode);
}
-PyObject *ssl_read(SSL *ssl, int num) {
+PyObject *ssl_read(SSL *ssl, int num, double timeout) {
PyObject *obj = NULL;
void *buf;
- int r, err;
+ int r;
+ struct timeval tv;
if (!(buf = PyMem_Malloc(num))) {
PyErr_SetString(PyExc_MemoryError, "ssl_read");
@@ -494,37 +604,44 @@
}
+ if (timeout > 0)
+ gettimeofday(&tv, NULL);
+ again:
Py_BEGIN_ALLOW_THREADS
r = SSL_read(ssl, buf, num);
Py_END_ALLOW_THREADS
- switch (SSL_get_error(ssl, r)) {
- case SSL_ERROR_NONE:
- case SSL_ERROR_ZERO_RETURN:
- buf = PyMem_Realloc(buf, r);
- obj = PyString_FromStringAndSize(buf, r);
- break;
- case SSL_ERROR_WANT_WRITE:
- case SSL_ERROR_WANT_READ:
- case SSL_ERROR_WANT_X509_LOOKUP:
- Py_INCREF(Py_None);
- obj = Py_None;
- break;
- case SSL_ERROR_SSL:
- PyErr_SetString(_ssl_err, ERR_reason_error_string(ERR_get_error()));
- obj = NULL;
- break;
- case SSL_ERROR_SYSCALL:
- err = ERR_get_error();
- if (err)
- PyErr_SetString(_ssl_err, ERR_reason_error_string(err));
- else if (r == 0)
- PyErr_SetString(_ssl_err, "unexpected eof");
- else if (r == -1)
- PyErr_SetFromErrno(_ssl_err);
- obj = NULL;
- break;
+ if (r >= 0) {
+ buf = PyMem_Realloc(buf, r);
+ obj = PyString_FromStringAndSize(buf, r);
+ } else {
+ int ssl_err;
+
+ ssl_err = SSL_get_error(ssl, r);
+ switch (ssl_err) {
+ case SSL_ERROR_NONE:
+ case SSL_ERROR_ZERO_RETURN:
+ assert(0);
+
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ if (timeout <= 0) {
+ Py_INCREF(Py_None);
+ obj = Py_None;
+ break;
+ }
+ if (ssl_sleep_with_timeout(ssl, &tv, timeout, ssl_err) == 0)
+ goto again;
+ obj = NULL;
+ break;
+ case SSL_ERROR_SSL:
+ case SSL_ERROR_SYSCALL:
+ ssl_handle_error(ssl_err, r);
+ obj = NULL;
+ break;
+ }
}
PyMem_Free(buf);
@@ -582,22 +699,26 @@
return obj;
}
-int ssl_write(SSL *ssl, PyObject *blob) {
+int ssl_write(SSL *ssl, PyObject *blob, double timeout) {
const void *buf;
- int len, r, err, ret;
+ int len, r, ssl_err, ret;
+ struct timeval tv;
if (m2_PyObject_AsReadBufferInt(blob, &buf, &len) == -1) {
return -1;
}
-
+ if (timeout > 0)
+ gettimeofday(&tv, NULL);
+ again:
Py_BEGIN_ALLOW_THREADS
r = SSL_write(ssl, buf, len);
+ ssl_err = SSL_get_error(ssl, r);
Py_END_ALLOW_THREADS
- switch (SSL_get_error(ssl, r)) {
+ switch (ssl_err) {
case SSL_ERROR_NONE:
case SSL_ERROR_ZERO_RETURN:
ret = r;
@@ -605,20 +726,17 @@
case SSL_ERROR_WANT_WRITE:
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_X509_LOOKUP:
+ if (timeout <= 0) {
+ ret = -1;
+ break;
+ }
+ if (ssl_sleep_with_timeout(ssl, &tv, timeout, ssl_err) == 0)
+ goto again;
ret = -1;
break;
case SSL_ERROR_SSL:
- PyErr_SetString(_ssl_err, ERR_reason_error_string(ERR_get_error()));
- ret = -1;
- break;
case SSL_ERROR_SYSCALL:
- err = ERR_get_error();
- if (err)
- PyErr_SetString(_ssl_err, ERR_reason_error_string(ERR_get_error()));
- else if (r == 0)
- PyErr_SetString(_ssl_err, "unexpected eof");
- else if (r == -1)
- PyErr_SetFromErrno(_ssl_err);
+ ssl_handle_error(ssl_err, r);
default:
ret = -1;
}
diff -urN M2Crypto/tests/test_ssl.py M2Crypto-0.21.1/tests/test_ssl.py
--- M2Crypto/tests/test_ssl.py 2013-11-26 20:01:02.582964980 +0100
+++ M2Crypto-0.21.1/tests/test_ssl.py 2013-11-26 20:01:33.268937969 +0100
@@ -972,6 +972,77 @@
class TwistedSSLClientTestCase(BaseSSLClientTestCase):
+ def test_timeout(self):
+ pid = self.start_server(self.args)
+ try:
+ ctx = SSL.Context()
+ s = SSL.Connection(ctx)
+ # Just a really small number so we can timeout
+ s.settimeout(0.000000000000000000000000000001)
+ self.assertRaises(SSL.SSLTimeoutError, s.connect, self.srv_addr)
+ s.close()
+ finally:
+ self.stop_server(pid)
+
+ def test_makefile_timeout(self):
+ # httpslib uses makefile to read the response
+ pid = self.start_server(self.args)
+ try:
+ from M2Crypto import httpslib
+ c = httpslib.HTTPS(srv_host, srv_port)
+ c.putrequest('GET', '/')
+ c.putheader('Accept', 'text/html')
+ c.putheader('Accept', 'text/plain')
+ c.endheaders()
+ c._conn.sock.settimeout(100)
+ err, msg, headers = c.getreply()
+ assert err == 200, err
+ f = c.getfile()
+ data = f.read()
+ c.close()
+ finally:
+ self.stop_server(pid)
+ self.failIf(string.find(data, 's_server -quiet -www') == -1)
+
+ def test_makefile_timeout_fires(self):
+ # This is convoluted because (openssl s_server -www) starts writing the
+ # response as soon as it receives the first line of the request, so it's
+ # possible for it to send the response before the request is sent and
+ # there would be no timeout. So, let the server spend time reading from
+ # an empty pipe
+ FIFO_NAME = 'test_makefile_timeout_fires_fifo'
+ os.mkfifo('tests/' + FIFO_NAME)
+ pipe_pid = os.fork()
+ try:
+ if pipe_pid == 0:
+ try:
+ f = open('tests/' + FIFO_NAME, 'w')
+ try:
+ time.sleep(sleepTime + 1)
+ f.write('Content\n')
+ finally:
+ f.close()
+ finally:
+ os._exit(0)
+ self.args[self.args.index('-www')] = '-WWW'
+ pid = self.start_server(self.args)
+ try:
+ from M2Crypto import httpslib
+ c = httpslib.HTTPS(srv_host, srv_port)
+ c.putrequest('GET', '/' + FIFO_NAME)
+ c.putheader('Accept', 'text/html')
+ c.putheader('Accept', 'text/plain')
+ c.endheaders()
+ c._conn.sock.settimeout(0.0000000001)
+ self.assertRaises(socket.timeout, c.getreply)
+ c.close()
+ finally:
+ self.stop_server(pid)
+ finally:
+ os.kill(pipe_pid, 1)
+ os.waitpid(pipe_pid, 0)
+ os.unlink('tests/' + FIFO_NAME)
+
def test_twisted_wrapper(self):
# Test only when twisted and ZopeInterfaces are present
try:

489
SPECS/m2crypto.spec
Unescape View File

@ -0,0 +1,489 @@ @@ -0,0 +1,489 @@
%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}

# Keep this value in sync with the definition in openssl.spec.
%global multilib_arches %{ix86} ia64 ppc %{power64} s390 s390x sparcv9 sparc64 x86_64

Summary: Support for using OpenSSL in python scripts
Name: m2crypto
Version: 0.21.1
Release: 17%{?dist}
Source0: http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-%{version}.tar.gz
# https://bugzilla.osafoundation.org/show_bug.cgi?id=2341
Patch0: m2crypto-0.21.1-timeouts.patch
# This is only precautionary, it does fix anything - not sent upstream
Patch1: m2crypto-0.21.1-gcc_macros.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=12972
Patch2: m2crypto-0.20.2-fips.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=12973
Patch3: m2crypto-0.20.2-check.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=13005
Patch4: m2crypto-0.21.1-memoryview.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=13020
Patch5: m2crypto-0.21.1-smime-doc.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=12999
Patch6: m2crypto-0.21.1-AES_crypt.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=13044
Patch7: m2crypto-0.21.1-IPv6.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=13049
Patch8: m2crypto-0.21.1-https-proxy.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=13066
Patch9: m2crypto-0.21.1-certs.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=13072
Patch10: m2crypto-0.21.1-ssl23.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=13098
Patch11: m2crypto-0.21.1-SSL_CTX_new.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=13073
Patch12: m2crypto-0.21.1-sni.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=13100
Patch13: m2crypto-0.21.1-supported-ec.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=13101
Patch14: m2crypto-0.21.1-tests-no-SIGHUP.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=13103
Patch15: m2crypto-0.21.1-tests-no-export-ciphers.patch
# https://bugzilla.osafoundation.org/show_bug.cgi?id=13104
Patch16: m2crypto-0.21.1-tests-random-ports.patch
# https://github.com/martinpaljak/M2Crypto/issues/70
Patch17: m2crypto-0.21.1-test_cookie_str_changed.patch
# https://github.com/martinpaljak/M2Crypto/issues/19
Patch18: m2crypto-0.21.1-SAN-ip.patch
License: MIT
Group: System Environment/Libraries
URL: http://wiki.osafoundation.org/bin/view/Projects/MeTooCrypto
BuildRequires: openssl, openssl-devel, python2-devel, python-setuptools
BuildRequires: perl, pkgconfig, swig, which

%filter_provides_in %{python_sitearch}/M2Crypto/__m2crypto.so
%filter_setup

%description
This package allows you to call OpenSSL functions from python scripts.

%prep
%setup -q -n M2Crypto-%{version}
%patch0 -p1 -b .timeouts
%patch1 -p1 -b .gcc_macros
%patch2 -p1 -b .fips
%patch3 -p1 -b .check
%patch4 -p1 -b .memoryview
%patch5 -p0
%patch6 -p0 -b .AES_crypt
%patch7 -p1 -b .IPv6
%patch8 -p1 -b .https-proxy
%patch9 -p0 -b .certs
openssl x509 -in tests/x509.pem -out tests/x509.der -outform DER
%patch10 -p0 -b .ssl23
%patch11 -p1 -b .SSL_CTX_new
%patch12 -p1 -b .sni
%patch13 -p1 -b .supported-ec
%patch14 -p1 -b .tests-no-SIGHUP
%patch15 -p1 -b .tests-no-export-ciphers
%patch16 -p1 -b .tests-random-ports
%patch17 -p1 -b .test_cookie_str_changed
%patch18 -p1 -b .SAN-ip

# Red Hat opensslconf.h #includes an architecture-specific file, but SWIG
# doesn't follow the #include.

# Determine which arch opensslconf.h is going to try to #include.
basearch=%{_arch}
%ifarch %{ix86}
basearch=i386
%endif
%ifarch sparcv9
basearch=sparc
%endif
%ifarch %{multilib_arches}
for i in SWIG/_ec.i SWIG/_evp.i; do
sed -i -e "s/opensslconf/opensslconf-${basearch}/" "$i"
done
%endif

gcc -E -dM - < /dev/null | grep -v __STDC__ \
| sed 's/^\(#define \([^ ]*\) .*\)$/#undef \2\n\1/' > SWIG/gcc_macros.h

%build
CFLAGS="$RPM_OPT_FLAGS" ; export CFLAGS
if pkg-config openssl ; then
CFLAGS="$CFLAGS `pkg-config --cflags openssl`" ; export CFLAGS
LDFLAGS="$LDFLAGS`pkg-config --libs-only-L openssl`" ; export LDFLAGS
fi

# -cpperraswarn is necessary for including opensslconf-${basearch} directly
SWIG_FEATURES=-cpperraswarn %{__python} setup.py build

%install
CFLAGS="$RPM_OPT_FLAGS" ; export CFLAGS
if pkg-config openssl ; then
CFLAGS="$CFLAGS `pkg-config --cflags openssl`" ; export CFLAGS
LDFLAGS="$LDFLAGS`pkg-config --libs-only-L openssl`" ; export LDFLAGS
fi

%{__python} setup.py install --root=$RPM_BUILD_ROOT

for i in medusa medusa054; do
sed -i -e '1s,#! /usr/local/bin/python,#! %{__python},' \
demo/$i/http_server.py
done

# Windows-only
rm demo/Zope/starts.bat
# Fix up documentation permissions
find demo tests -type f -perm -111 -print0 | xargs -0 chmod a-x

grep -rl '/usr/bin/env python' demo tests \
| xargs sed -i "s,/usr/bin/env python,%{__python},"

rm tests/*.{pem,py}.* # Patch backup files

%check
%{__python} setup.py test

%files
%doc CHANGES LICENCE README demo
%{python_sitearch}/M2Crypto
%{python_sitearch}/M2Crypto-*.egg-info

%changelog
* Tue Jul 7 2015 Miloslav Trmač <mitr@redhat.com> - 0.21.1-17
- Fix spurious failures of test_cookie_str_changed_mac
Resolves: #1073950
- Add support for IP addresses in subjectAltName
Resolves: #1080142

* Wed Aug 20 2014 Miloslav Trmač <mitr@redhat.com> - 0.21.1-16
- Sync %%multilib_arches with openssl.
Resolves: #1125603

* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 0.21.1-15
- Mass rebuild 2014-01-24

* Mon Jan 6 2014 Miloslav Trmač <mitr@redhat.com> - 0.21.1-14
- Don't assume that export ciphers are enabled in the test suite
Resolves: #1048887
- Let the kernel allocate free ports for use by the test suite
Resolves: #1048887

* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 0.21.1-13
- Mass rebuild 2013-12-27

* Thu Dec 19 2013 Miloslav Trmač <mitr@redhat.com> - 0.21.1-12
- Fix occasional spurious failures in test_makefile_timeout_fires
Resolves: #969077
- Fix incorrect exception handling of SSL_CTX_new (manifesting in FIPS mode)
Resolves: #879043
- Add minimal SNI support, based on a patch by Sander Steffann
<sander@steffann.nl>
Resolves: #1038795
- Use only ECC curves available in Fedora in the test suite
Related: #1038813
- Fix terminating test suite helper processes when running in Koji
Related: #1038813
- Run test suite in %%check, don't ship it in the package. Based on a patch by
Matěj Cepl <mcepl@redhat.com>.
Resolves: #1038813

* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.21.1-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

* Wed Nov 21 2012 Miloslav Trmač <mitr@redhat.com> - 0.21.1-10
- Replace expired certificates in the test suite
- Fix running the test suite against recent OpenSSL versions

* Tue Aug 21 2012 Miloslav Trmač <mitr@redhat.com> - 0.21.1-10
- Drop no longer necessary %%clean and %%defattr commands.

* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.21.1-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

* Thu Mar 15 2012 Miloslav Trmač <mitr@redhat.com> - 0.21.1-8
- Fix HTTPS proxy support
Resolves: #803554

* Tue Mar 13 2012 Miloslav Trmač <mitr@redhat.com> - 0.21.1-7
- Support IPv6 in M2Crypto.httpslib
Resolves: #742914

* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.21.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

* Thu May 12 2011 Miloslav Trmač <mitr@redhat.com> - 0.21.1-5
- Fix a memory leak in AES_crypt
Resolves: #659881

* Tue May 10 2011 Miloslav Trmač <mitr@redhat.com> - 0.21.1-4
- Fix handling of buffer() objects as input data to SSL
Resolves: #702766

* Mon Mar 28 2011 Miloslav Trmač <mitr@redhat.com> - 0.21.1-3
- Fix S/MIME documentation and examples
Resolves: #618500

* Wed Feb 23 2011 Garrett Holmstrom <gholms@fedoraproject.org> - 0.21.1-3
- Use the %%__python macro for Python calls and locations
Patch by Garrett Holmstrom <gholms@fedoraproject.org>

* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.21.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

* Tue Jan 18 2011 Miloslav Trmač <mitr@redhat.com> - 0.21.1-1
- Update to m2crypto-0.21.1
- Make the test suite pass with Python 2.7

* Wed Jul 21 2010 David Malcolm <dmalcolm@redhat.com> - 0.20.2-9
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild

* Fri Jul 9 2010 Miloslav Trmač <mitr@redhat.com> - 0.20.2-8
- Allow overriding SSL.Connection.postConnectionCheck from m2urllib2
Resolves: #610906

* Wed May 19 2010 Miloslav Trmač <mitr@redhat.com> - 0.20.2-7
- Make test suite pass in FIPS mode
Resolves: #565662

* Thu Mar 4 2010 Miloslav Trmač <mitr@redhat.com> - 0.20.2-6
- Filter out bogus Provides: __m2crypto.so
- Drop explicit Requires: python

* Mon Feb 15 2010 Miloslav Trmač <mitr@redhat.com> - 0.20.2-5
- Make test suite pass with OpenSSL 1.0.0
- Don't ship patch backup files in %%doc

* Tue Jan 5 2010 Miloslav Trmač <mitr@redhat.com> - 0.20.2-4
- s/%%define/%%global/

* Mon Dec 7 2009 Miloslav Trmač <mitr@redhat.com> - 0.20.2-3
- Don't use '!# /usr/bin/env python'
Resolves: #521887

* Thu Oct 15 2009 Miloslav Trmač <mitr@redhat.com> - 0.20.2-2
- Add a dist tag.

* Wed Oct 7 2009 Miloslav Trmač <mitr@redhat.com> - 0.20.2-1
- Update to m2crypto-0.20.2
- Drop BuildRoot: and cleaning it at start of %%install

* Sun Aug 30 2009 Miloslav Trmač <mitr@redhat.com> - 0.20.1-1
- Update to m2crypto-0.20.1
- Add upstream patch to build with OpenSSL 1.0.0

* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 0.20-2
- rebuilt with new openssl

* Tue Aug 11 2009 Miloslav Trmač <mitr@volny.cz> - 0.20-1
- Update to m2crypto-0.20
- Fix incorrect merge in HTTPS CONNNECT proxy support

* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.19.1-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

* Wed Jun 24 2009 Miloslav Trmač <mitr@redhat.com> - 0.19.1-9
- Fix OpenSSL locking callback
Resolves: #507903

* Wed Jun 10 2009 Miloslav Trmač <mitr@redhat.com> - 0.19.1-8
- Don't reject certificates with subjectAltName that does not contain a dNSName
Resolves: #504060

* Wed Jun 3 2009 Miloslav Trmač <mitr@redhat.com> - 0.19.1-7
- Only send the selector in SSL HTTP requests. Patch by James Bowes
<jbowes@redhat.com>.
Resolves: #491674

* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.19.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

* Wed Feb 4 2009 Miloslav Trmač <mitr@redhat.com> - 0.19.1-5
- Close the connection when an m2urllib2 response is closed
Resolves: #460692
- Work around conflicts between macros defined by gcc and swig

* Sat Jan 17 2009 Tomas Mraz <tmraz@redhat.com> - 0.19.1-4
- rebuild with new openssl

* Sat Nov 29 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 0.19.1-3
- Rebuild for Python 2.6

* Mon Nov 10 2008 Miloslav Trmač <mitr@redhat.com> - 0.19.1-2
- Import all gcc-defined macros into SWIG (recommended by Adam Tkac)

* Mon Oct 13 2008 Miloslav Trmač <mitr@redhat.com> - 0.19.1-1
- Update to m2crypto-0.19.1

* Mon Oct 6 2008 Miloslav Trmač <mitr@redhat.com> - 0.19-1
- Update to m2crypto-0.19
- Fix some rpmlint warnings

* Thu Sep 18 2008 Dennis Gilmore <dennis@ausil.us> - 0.18.2-8
- enable sparc arches

* Wed Jun 11 2008 Miloslav Trmač <mitr@redhat.com> - 0.18.2-7
- Update m2urllib2 to match the Python 2.5 code instead

* Sun Jun 8 2008 Miloslav Trmač <mitr@redhat.com> - 0.18.2-6
- Don't remove the User-Agent header from proxied requests
Related: #448858
- Update m2urllib2.py to work with Python 2.5

* Sat Jun 7 2008 Miloslav Trmač <mitr@redhat.com> - 0.18.2-5
- Use User-Agent in HTTP proxy CONNECT requests
Related: #448858

* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 0.18.2-4
- Autorebuild for GCC 4.3

* Fri Jan 11 2008 Miloslav Trmač <mitr@redhat.com> - 0.18.2-3
- Ship Python egg information

* Tue Dec 4 2007 Miloslav Trmač <mitr@redhat.com> - 0.18.2-2
- Rebuild with openssl-0.9.8g

* Fri Oct 26 2007 Miloslav Trmač <mitr@redhat.com> - 0.18.2-1
- Update to m2crypto-0.18.2
- Remove BuildRequires: unzip

* Sun Sep 23 2007 Miloslav Trmač <mitr@redhat.com> - 0.18-2
- Add missing Host: header to CONNECT requests (patch by Karl Grindley)
Resolves: #239034
- Fix License:

* Wed Aug 1 2007 Miloslav Trmač <mitr@redhat.com> - 0.18-1
- Update to m2crypto-0.18

* Wed Jul 11 2007 Miloslav Trmač <mitr@redhat.com> - 0.17-3
- Try to fix build on Alpha
Resolves: #246828

* Fri Apr 27 2007 Miloslav Trmac <mitr@redhat.com> - 0.17-2
- Make m2xmlrpclib work with Python 2.5
Resolves: #237902

* Wed Jan 17 2007 Miloslav Trmac <mitr@redhat.com> - 0.17-1
- Update to m2crypto-0.17
- Update for Python 2.5

* Thu Dec 7 2006 Miloslav Trmac <mitr@redhat.com> - 0.16-8
- Rebuild with updated build tools to avoid DT_TEXTREL on s390x
Resolves: #218578

* Thu Dec 7 2006 Jeremy Katz <katzj@redhat.com> - 0.16-7
- rebuild against python 2.5

* Mon Oct 23 2006 Miloslav Trmac <mitr@redhat.com> - 0.16-6
- Add support for SSL socket timeouts (based on a patch by James Bowes
<jbowes@redhat.com>)
Resolves: #219966

* Fri Oct 20 2006 Miloslav Trmac <mitr@redhat.com> - 0.16-5
- Backport the urllib2 wrapper (code by James Bowes <jbowes@redhat.com>)
Resolves: #210956
- Add proxy support for https using CONNECT (original patch by James Bowes
<jbowes@redhat.com>)
Resolves: #210963

* Tue Sep 26 2006 Miloslav Trmac <mitr@redhat.com> - 0.16-4
- Drop Obsoletes: openssl-python, openssl-python was last shipped in RHL 7.1
- Fix interpreter paths in demos

* Sat Sep 23 2006 Miloslav Trmac <mitr@redhat.com> - 0.16-3
- Make more compliant with Fedora guidelines
- Update URL:

* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 0.16-2.1
- rebuild

* Thu Jul 6 2006 Miloslav Trmac <mitr@redhat.com> - 0.16-2
- Fix build with rawhide swig

* Thu Jul 6 2006 Miloslav Trmac <mitr@redhat.com> - 0.16-1
- Update to m2crypto-0.16

* Wed Apr 19 2006 Miloslav Trmac <mitr@redhat.com> - 0.15-4
- Fix SSL.Connection.accept (#188742)

* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 0.15-3.2
- bump again for double-long bug on ppc(64)

* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 0.15-3.1
- rebuilt for new gcc4.1 snapshot and glibc changes

* Tue Jan 3 2006 Miloslav Trmac <mitr@redhat.com> - 0.15-3
- Add BuildRequires: swig

* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt

* Wed Nov 9 2005 Miloslav Trmac <mitr@redhat.com> - 0.15-2
- Rebuild with newer openssl

* Mon Aug 29 2005 Miloslav Trmac <mitr@redhat.com> - 0.15-1
- Update to m2crypto-0.15
- Drop bundled swig

* Tue Jun 14 2005 Miloslav Trmac <mitr@redhat.com> - 0.13-5
- Better fix for #159898, by Dan Williams

* Thu Jun 9 2005 Miloslav Trmac <mitr@redhat.com> - 0.13-4
- Fix invalid handle_error override in SSL.SSLServer (#159898, patch by Dan
Williams)

* Tue May 31 2005 Miloslav Trmac <mitr@redhat.com> - 0.13-3
- Fix invalid Python version comparisons in M2Crypto.httpslib (#156979)
- Don't ship obsolete xmlrpclib.py.patch
- Clean up the build process a bit

* Wed Mar 16 2005 Nalin Dahyabhai <nalin@redhat.com> 0.13-2
- rebuild

* Tue Nov 23 2004 Karsten Hopp <karsten@redhat.de> 0.13-1
- update, remove now obsolete patches

* Mon Nov 22 2004 Karsten Hopp <karsten@redhat.de> 0.09-7
- changed pythonver from 2.3 to 2.4

* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt

* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt

* Tue Feb 24 2004 Harald Hoyer <harald@redhat.com> - 0.09-5
- changed pythonver from 2.2 to 2.3
- patched setup.py to cope with include path

* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt

* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt

* Wed Jan 22 2003 Tim Powers <timp@redhat.com>
- rebuilt

* Tue Jan 14 2003 Nalin Dahyabhai <nalin@redhat.com> 0.09-1
- Update to version 0.09
- Build using bundled copy of SWIG
- Pick up additional CFLAGS and LDFLAGS from OpenSSL's pkgconfig data, if
there is any
- Handle const changes in new OpenSSL
- Remove unnecessary ldconfig calls in post/postun

* Thu Dec 12 2002 Elliot Lee <sopwith@redhat.com> 0.07_snap3-2
- Update to version 0.07_snap3

* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
- automated rebuild

* Sun May 26 2002 Tim Powers <timp@redhat.com>
- automated rebuild

* Mon May 20 2002 Nalin Dahyabhai <nalin@redhat.com> 0.05_snap4-4
- rebuild with Python 2.2

* Wed Apr 24 2002 Nalin Dahyabhai <nalin@redhat.com> 0.05_snap4-3
- remove a stray -L at link-time which prevented linking with libssl (#59985)

* Thu Aug 23 2001 Nalin Dahyabhai <nalin@redhat.com> 0.05_snap4-2
- drop patch which isn't needed because we know swig is installed

* Mon Apr 9 2001 Nalin Dahyabhai <nalin@redhat.com> 0.05_snap4-1
- break off from openssl-python
Write Preview
Loading…
Cancel
Save