Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:11.4
python-m2crypto
0001-Support-OpenSSL-1.0.-Thanks-to-Miloslav-Tr...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-Support-OpenSSL-1.0.-Thanks-to-Miloslav-Trmac-for-fig.diff of Package python-m2crypto
From 08025e98827cc7c34404c6806aee6cd1b22958ef Mon Sep 17 00:00:00 2001 From: Ludwig Nussel <ludwig.nussel@suse.de> Date: Tue, 20 Apr 2010 10:38:10 +0200 Subject: [PATCH 1/3] Support OpenSSL 1.0. Thanks to Miloslav Trmac for figuring out how to fix test_smime.py. git-svn-id: http://svn.osafoundation.org/m2crypto/trunk@721 2715db39-9adf-0310-9c64-84f055769b4b --- SWIG/_aes.i | 2 +- SWIG/_evp.i | 8 ++-- SWIG/_m2crypto.i | 13 ++++++ SWIG/_pkcs7.i | 18 ++++---- SWIG/_rand.i | 2 +- SWIG/_ssl.i | 30 +++++++------- SWIG/_util.i | 2 +- SWIG/_x509.i | 102 ++++++++++++++++++++++++++++----------------- tests/alltests.py | 1 + tests/test_smime.py | 11 ++--- tests/test_ssl.py | 48 ++------------------- tests/test_ssl_offline.py | 60 ++++++++++++++++++++++++++ 12 files changed, 178 insertions(+), 119 deletions(-) create mode 100644 tests/test_ssl_offline.py diff --git a/SWIG/_aes.i b/SWIG/_aes.i index 62ecb8c..013531b 100644 --- a/SWIG/_aes.i +++ b/SWIG/_aes.i @@ -76,7 +76,7 @@ PyObject *AES_crypt(const AES_KEY *key, PyObject *in, int outlen, int op) { AES_encrypt((const unsigned char *)in, out, key); else AES_decrypt((const unsigned char *)in, out, key); - return PyString_FromStringAndSize(out, outlen); + return PyString_FromStringAndSize((char*)out, outlen); } int AES_type_check(AES_KEY *key) { diff --git a/SWIG/_evp.i b/SWIG/_evp.i index 2d4645f..d58160c 100644 --- a/SWIG/_evp.i +++ b/SWIG/_evp.i @@ -180,7 +180,7 @@ PyObject *pkcs5_pbkdf2_hmac_sha1(PyObject *pass, PKCS5_PBKDF2_HMAC_SHA1(passbuf, passlen, saltbuf, saltlen, iter, keylen, key); - ret = PyString_FromStringAndSize(key, keylen); + ret = PyString_FromStringAndSize((char*)key, keylen); OPENSSL_cleanse(key, keylen); return ret; } @@ -339,7 +339,7 @@ PyObject *bytes_to_key(const EVP_CIPHER *cipher, EVP_MD *md, klen = EVP_BytesToKey(cipher, md, (unsigned char *)sbuf, (unsigned char *)dbuf, dlen, iter, key, NULL); /* Since we are not returning IV no need to derive it */ - ret = PyString_FromStringAndSize(key, klen); + ret = PyString_FromStringAndSize((char*)key, klen); return ret; } @@ -435,7 +435,7 @@ PyObject *sign_final(EVP_MD_CTX *ctx, EVP_PKEY *pkey) { PyErr_SetString(_evp_err, ERR_reason_error_string(ERR_get_error())); return NULL; } - ret = PyString_FromStringAndSize(sigbuf, siglen); + ret = PyString_FromStringAndSize((char*)sigbuf, siglen); OPENSSL_cleanse(sigbuf, siglen); OPENSSL_free(sigbuf); return ret; @@ -513,7 +513,7 @@ PyObject *pkey_as_der(EVP_PKEY *pkey) { PyErr_SetString(PyExc_ValueError, "EVP_PKEY as DER failed"); return NULL; } - der = PyString_FromStringAndSize(pp, len); + der = PyString_FromStringAndSize((char*)pp, len); OPENSSL_free(pp); return der; } diff --git a/SWIG/_m2crypto.i b/SWIG/_m2crypto.i index f13418f..08d175e 100644 --- a/SWIG/_m2crypto.i +++ b/SWIG/_m2crypto.i @@ -38,6 +38,19 @@ static PyObject *ssl_set_tmp_rsa_cb_func; #define CONST098 #endif +/* Bring in STACK_OF macro definition */ +%include <openssl/safestack.h> + +/* Bring in LHASH_OF macro definition */ +/* XXX Can't include lhash.h where LHASH_OF is defined, because it includes + XXX stdio.h etc. which we fail to include. So we have to (re)define + XXX LHASH_OF here instead. +%include <openssl/lhash.h> +*/ +#if OPENSSL_VERSION_NUMBER >= 0x10000000L +#define LHASH_OF(type) struct lhash_st_##type +#endif + %include constraints.i %include _threads.i %include _lib.i diff --git a/SWIG/_pkcs7.i b/SWIG/_pkcs7.i index 32b9ab6..4256acf 100644 --- a/SWIG/_pkcs7.i +++ b/SWIG/_pkcs7.i @@ -12,7 +12,7 @@ %apply Pointer NONNULL { EVP_CIPHER * }; %apply Pointer NONNULL { EVP_PKEY * }; %apply Pointer NONNULL { PKCS7 * }; -%apply Pointer NONNULL { STACK * }; +%apply Pointer NONNULL { STACK_OF(X509) * }; %apply Pointer NONNULL { X509 * }; %rename(pkcs7_new) PKCS7_new; @@ -54,8 +54,8 @@ void smime_init(PyObject *smime_err) { %threadallow pkcs7_encrypt; %inline %{ -PKCS7 *pkcs7_encrypt(STACK *stack, BIO *bio, EVP_CIPHER *cipher, int flags) { - return PKCS7_encrypt((STACK_OF(X509) *)stack, bio, cipher, flags); +PKCS7 *pkcs7_encrypt(STACK_OF(X509) *stack, BIO *bio, EVP_CIPHER *cipher, int flags) { + return PKCS7_encrypt(stack, bio, cipher, flags); } PyObject *pkcs7_decrypt(PKCS7 *pkcs7, EVP_PKEY *pkey, X509 *cert, int flags) { @@ -96,14 +96,14 @@ PKCS7 *pkcs7_sign0(X509 *x509, EVP_PKEY *pkey, BIO *bio, int flags) { %threadallow pkcs7_sign1; %inline %{ -PKCS7 *pkcs7_sign1(X509 *x509, EVP_PKEY *pkey, STACK *stack, BIO *bio, int flags) { - return PKCS7_sign(x509, pkey, (STACK_OF(X509) *)stack, bio, flags); +PKCS7 *pkcs7_sign1(X509 *x509, EVP_PKEY *pkey, STACK_OF(X509) *stack, BIO *bio, int flags) { + return PKCS7_sign(x509, pkey, stack, bio, flags); } %} %threadallow pkcs7_verify1; %inline %{ -PyObject *pkcs7_verify1(PKCS7 *pkcs7, STACK *stack, X509_STORE *store, BIO *data, int flags) { +PyObject *pkcs7_verify1(PKCS7 *pkcs7, STACK_OF(X509) *stack, X509_STORE *store, BIO *data, int flags) { int outlen; char *outbuf; BIO *bio; @@ -113,7 +113,7 @@ PyObject *pkcs7_verify1(PKCS7 *pkcs7, STACK *stack, X509_STORE *store, BIO *data PyErr_SetString(PyExc_MemoryError, "pkcs7_verify1"); return NULL; } - if (!PKCS7_verify(pkcs7, (STACK_OF(X509) *)stack, store, data, bio, flags)) { + if (!PKCS7_verify(pkcs7, stack, store, data, bio, flags)) { PyErr_SetString(_pkcs7_err, ERR_reason_error_string(ERR_get_error())); BIO_free(bio); return NULL; @@ -131,7 +131,7 @@ PyObject *pkcs7_verify1(PKCS7 *pkcs7, STACK *stack, X509_STORE *store, BIO *data return ret; } -PyObject *pkcs7_verify0(PKCS7 *pkcs7, STACK *stack, X509_STORE *store, int flags) { +PyObject *pkcs7_verify0(PKCS7 *pkcs7, STACK_OF(X509) *stack, X509_STORE *store, int flags) { return pkcs7_verify1(pkcs7, stack, store, NULL, flags); } %} @@ -229,7 +229,7 @@ int smime_crlf_copy(BIO *in, BIO *out) { } /* return STACK_OF(X509)* */ -STACK *pkcs7_get0_signers(PKCS7 *p7, STACK *certs, int flags) { +STACK_OF(X509) *pkcs7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) { return PKCS7_get0_signers(p7, certs, flags); } diff --git a/SWIG/_rand.i b/SWIG/_rand.i index c386fc9..3896d1e 100644 --- a/SWIG/_rand.i +++ b/SWIG/_rand.i @@ -87,7 +87,7 @@ PyObject *rand_pseudo_bytes(int n) { Py_INCREF(Py_None); return Py_None; } else { - PyTuple_SET_ITEM(tuple, 0, PyString_FromStringAndSize(blob, n)); + PyTuple_SET_ITEM(tuple, 0, PyString_FromStringAndSize((char*)blob, n)); PyMem_Free(blob); PyTuple_SET_ITEM(tuple, 1, PyInt_FromLong((long)ret)); return tuple; diff --git a/SWIG/_ssl.i b/SWIG/_ssl.i index 0930e12..ec74d0d 100644 --- a/SWIG/_ssl.i +++ b/SWIG/_ssl.i @@ -17,13 +17,17 @@ %apply Pointer NONNULL { SSL_CTX * }; %apply Pointer NONNULL { SSL * }; %apply Pointer NONNULL { SSL_CIPHER * }; -%apply Pointer NONNULL { STACK * }; +%apply Pointer NONNULL { STACK_OF(SSL_CIPHER) * }; +%apply Pointer NONNULL { STACK_OF(X509) * }; %apply Pointer NONNULL { BIO * }; %apply Pointer NONNULL { DH * }; %apply Pointer NONNULL { RSA * }; %apply Pointer NONNULL { EVP_PKEY *}; %apply Pointer NONNULL { PyObject *pyfunc }; +%rename(ssl_get_ciphers) SSL_get_ciphers; +extern STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl); + %rename(ssl_get_version) SSL_get_version; extern const char *SSL_get_version(CONST SSL *); %rename(ssl_get_error) SSL_get_error; @@ -668,28 +672,24 @@ int ssl_cipher_get_bits(SSL_CIPHER *c) { return SSL_CIPHER_get_bits(c, NULL); } -STACK *ssl_get_ciphers(SSL *ssl) { - return (STACK *)SSL_get_ciphers(ssl); -} - -int sk_ssl_cipher_num(STACK *stack) { - return sk_num(stack); +int sk_ssl_cipher_num(STACK_OF(SSL_CIPHER) *stack) { + return sk_SSL_CIPHER_num(stack); } -SSL_CIPHER *sk_ssl_cipher_value(STACK *stack, int idx) { - return (SSL_CIPHER *)sk_value(stack, idx); +SSL_CIPHER *sk_ssl_cipher_value(STACK_OF(SSL_CIPHER) *stack, int idx) { + return sk_SSL_CIPHER_value(stack, idx); } -STACK *ssl_get_peer_cert_chain(SSL *ssl) { - return (STACK *)SSL_get_peer_cert_chain(ssl); +STACK_OF(X509) *ssl_get_peer_cert_chain(SSL *ssl) { + return SSL_get_peer_cert_chain(ssl); } -int sk_x509_num(STACK *stack) { - return sk_num(stack); +int sk_x509_num(STACK_OF(X509) *stack) { + return sk_X509_num(stack); } -X509 *sk_x509_value(STACK *stack, int idx) { - return (X509 *)sk_value(stack, idx); +X509 *sk_x509_value(STACK_OF(X509) *stack, int idx) { + return sk_X509_value(stack, idx); } %} diff --git a/SWIG/_util.i b/SWIG/_util.i index 08ee271..83e7ecb 100644 --- a/SWIG/_util.i +++ b/SWIG/_util.i @@ -48,7 +48,7 @@ PyObject *util_string_to_hex(PyObject *blob) { PyErr_SetString(_util_err, ERR_reason_error_string(ERR_get_error())); return NULL; } - obj = PyString_FromStringAndSize(ret, len); + obj = PyString_FromStringAndSize((char*)ret, len); OPENSSL_free(ret); return obj; } diff --git a/SWIG/_x509.i b/SWIG/_x509.i index 99affed..f08d2e9 100644 --- a/SWIG/_x509.i +++ b/SWIG/_x509.i @@ -148,8 +148,15 @@ extern int X509_NAME_add_entry_by_NID(X509_NAME *, int, int, unsigned char *, in extern int X509_NAME_print_ex(BIO *, X509_NAME *, int, unsigned long); %rename(x509_name_print_ex_fp) X509_NAME_print_ex_fp; extern int X509_NAME_print_ex_fp(FILE *, X509_NAME *, int, unsigned long); + +#if OPENSSL_VERSION_NUMBER >= 0x10000000L +%rename(x509_name_hash) X509_NAME_hash_old; +extern unsigned long X509_NAME_hash_old(X509_NAME *); +#else %rename(x509_name_hash) X509_NAME_hash; extern unsigned long X509_NAME_hash(X509_NAME *); +#endif + %rename(x509_name_get_index_by_nid) X509_NAME_get_index_by_NID; extern int X509_NAME_get_index_by_NID(X509_NAME *, int, int); @@ -171,7 +178,7 @@ extern ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *); if (PyString_Check($input)) { Py_ssize_t len; - $1 = PyString_AsString($input); + $1 = (unsigned char *)PyString_AsString($input); len = PyString_Size($input); if (len > INT_MAX) { PyErr_SetString(PyExc_ValueError, "object too large"); @@ -184,7 +191,7 @@ extern ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *); } } %rename(x509_name_entry_set_data) X509_NAME_ENTRY_set_data; -extern int X509_NAME_ENTRY_set_data( X509_NAME_ENTRY *, int, CONST unsigned char *, int); +extern int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *, int, CONST unsigned char *, int); %typemap(in) (CONST unsigned char *, int); %rename(x509_req_new) X509_REQ_new; @@ -230,7 +237,7 @@ extern int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *); %rename(x509_store_ctx_free) X509_STORE_CTX_free; extern void X509_STORE_CTX_free(X509_STORE_CTX *); %rename(x509_store_ctx_get1_chain) X509_STORE_CTX_get1_chain; -extern STACK *X509_STORE_CTX_get1_chain(X509_STORE_CTX *); +extern STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *); %rename(x509_extension_get_critical) X509_EXTENSION_get_critical; extern int X509_EXTENSION_get_critical(X509_EXTENSION *); @@ -348,7 +355,7 @@ PyObject *i2d_x509(X509 *x) PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error())); } else { - ret = PyString_FromStringAndSize(buf, len); + ret = PyString_FromStringAndSize((char*)buf, len); OPENSSL_free(buf); } return ret; @@ -435,12 +442,12 @@ PyObject *x509_name_by_nid(X509_NAME *name, int nid) { } int x509_name_set_by_nid(X509_NAME *name, int nid, PyObject *obj) { - return X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC, PyString_AsString(obj), -1, -1, 0); + return X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC, (unsigned char *)PyString_AsString(obj), -1, -1, 0); } /* x509_name_add_entry_by_txt */ int x509_name_add_entry_by_txt(X509_NAME *name, char *field, int type, char *bytes, int len, int loc, int set) { - return X509_NAME_add_entry_by_txt(name, field, type, bytes, len, loc, set); + return X509_NAME_add_entry_by_txt(name, field, type, (unsigned char *)bytes, len, loc, set); } PyObject *x509_name_get_der(X509_NAME *name) @@ -450,23 +457,23 @@ PyObject *x509_name_get_der(X509_NAME *name) } /* sk_X509_new_null() is a macro returning "STACK_OF(X509) *". */ -STACK *sk_x509_new_null(void) { - return (STACK *)sk_X509_new_null(); +STACK_OF(X509) *sk_x509_new_null(void) { + return sk_X509_new_null(); } /* sk_X509_free() is a macro. */ -void sk_x509_free(STACK *stack) { - sk_X509_free((STACK_OF(X509) *)stack); +void sk_x509_free(STACK_OF(X509) *stack) { + sk_X509_free(stack); } /* sk_X509_push() is a macro. */ -int sk_x509_push(STACK *stack, X509 *x509) { - return sk_X509_push((STACK_OF(X509) *)stack, x509); +int sk_x509_push(STACK_OF(X509) *stack, X509 *x509) { + return sk_X509_push(stack, x509); } /* sk_X509_pop() is a macro. */ -X509 *sk_x509_pop(STACK *stack) { - return sk_X509_pop((STACK_OF(X509) *)stack); +X509 *sk_x509_pop(STACK_OF(X509) *stack) { + return sk_X509_pop(stack); } int x509_store_load_locations(X509_STORE *store, const char *file) { @@ -493,21 +500,29 @@ int x509_req_set_version(X509_REQ *x, long version) { return X509_REQ_set_version(x, version); } -int x509_req_add_extensions(X509_REQ *req, STACK *exts) { - return X509_REQ_add_extensions(req, (STACK_OF(X509_EXTENSION) *)exts); +int x509_req_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts) { + return X509_REQ_add_extensions(req, exts); } -X509_NAME_ENTRY *x509_name_entry_create_by_txt( X509_NAME_ENTRY **ne, char *field, int type, char *bytes, int len) { - return X509_NAME_ENTRY_create_by_txt( ne, field, type, bytes, len); +X509_NAME_ENTRY *x509_name_entry_create_by_txt(X509_NAME_ENTRY **ne, char *field, int type, char *bytes, int len) { + return X509_NAME_ENTRY_create_by_txt( ne, field, type, (unsigned char *)bytes, len); } -LHASH * -x509v3_lhash(){ - return lh_new(NULL,NULL); +#if OPENSSL_VERSION_NUMBER >= 0x10000000L +LHASH_OF(CONF_VALUE) +#else +LHASH +#endif +*x509v3_lhash() { + return lh_new(NULL, NULL); /* Should probably be lh_CONF_VALUE_new but won't compile. */ } X509V3_CTX * -x509v3_set_conf_lhash(LHASH * lhash){ +#if OPENSSL_VERSION_NUMBER >= 0x10000000L +x509v3_set_conf_lhash(LHASH_OF(CONF_VALUE) * lhash) { +#else +x509v3_set_conf_lhash(LHASH * lhash) { +#endif X509V3_CTX * ctx; if (!(ctx=(X509V3_CTX *)PyMem_Malloc(sizeof(X509V3_CTX)))) { PyErr_SetString(PyExc_MemoryError, "x509v3_set_conf_lhash"); @@ -517,11 +532,20 @@ x509v3_set_conf_lhash(LHASH * lhash){ return ctx; } -X509_EXTENSION *x509v3_ext_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value) { +X509_EXTENSION * +#if OPENSSL_VERSION_NUMBER >= 0x10000000L +x509v3_ext_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, char *name, char *value) { +#else +x509v3_ext_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value) { +#endif X509_EXTENSION * ext = NULL; ext = X509V3_EXT_conf(conf, ctx, name, value); PyMem_Free(ctx); +#if OPENSSL_VERSION_NUMBER >= 0x10000000L + lh_CONF_VALUE_free(conf); +#else lh_free(conf); +#endif return ext; } @@ -543,33 +567,33 @@ PyObject *x509_extension_get_name(X509_EXTENSION *ext) { } /* sk_X509_EXTENSION_new_null is a macro. */ -STACK *sk_x509_extension_new_null(void) { - return (STACK *)sk_X509_EXTENSION_new_null(); +STACK_OF(X509_EXTENSION) *sk_x509_extension_new_null(void) { + return sk_X509_EXTENSION_new_null(); } /* sk_X509_EXTENSION_free() is a macro. */ -void sk_x509_extension_free(STACK *stack) { - sk_X509_EXTENSION_free((STACK_OF(X509_EXTENSION) *)stack); +void sk_x509_extension_free(STACK_OF(X509_EXTENSION) *stack) { + sk_X509_EXTENSION_free(stack); } /* sk_X509_EXTENSION_push() is a macro. */ -int sk_x509_extension_push(STACK *stack, X509_EXTENSION *x509_ext) { - return sk_X509_EXTENSION_push((STACK_OF(X509_EXTENSION) *)stack, x509_ext); +int sk_x509_extension_push(STACK_OF(X509_EXTENSION) *stack, X509_EXTENSION *x509_ext) { + return sk_X509_EXTENSION_push(stack, x509_ext); } /* sk_X509_EXTENSION_pop() is a macro. */ -X509_EXTENSION *sk_x509_extension_pop(STACK *stack) { - return sk_X509_EXTENSION_pop((STACK_OF(X509_EXTENSION) *)stack); +X509_EXTENSION *sk_x509_extension_pop(STACK_OF(X509_EXTENSION) *stack) { + return sk_X509_EXTENSION_pop(stack); } /* sk_X509_EXTENSION_num() is a macro. */ -int sk_x509_extension_num(STACK *stack) { - return sk_X509_EXTENSION_num((STACK_OF(X509_EXTENSION) *)stack); +int sk_x509_extension_num(STACK_OF(X509_EXTENSION) *stack) { + return sk_X509_EXTENSION_num(stack); } /* sk_X509_EXTENSION_value() is a macro. */ -X509_EXTENSION *sk_x509_extension_value(STACK *stack, int i) { - return sk_X509_EXTENSION_value((STACK_OF(X509_EXTENSION) *)stack, i); +X509_EXTENSION *sk_x509_extension_value(STACK_OF(X509_EXTENSION) *stack, int i) { + return sk_X509_EXTENSION_value(stack, i); } /* X509_STORE_CTX_get_app_data is a macro. */ @@ -590,7 +614,7 @@ Used in the wrapping of ASN1_seq_unpack and ASN1_seq_pack functions. #define I2DTYPE int (*)() #endif -STACK * +STACK_OF(X509) * make_stack_from_der_sequence(PyObject * pyEncodedString){ STACK_OF(X509) *certs; Py_ssize_t encoded_string_len; @@ -606,7 +630,7 @@ make_stack_from_der_sequence(PyObject * pyEncodedString){ return NULL; } - certs = ASN1_seq_unpack((unsigned char *)encoded_string, encoded_string_len, (D2ITYPE)d2i_X509, (void(*)())X509_free ); + certs = ASN1_seq_unpack_X509((unsigned char *)encoded_string, encoded_string_len, d2i_X509, X509_free ); if (!certs) { PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error())); return NULL; @@ -616,13 +640,13 @@ make_stack_from_der_sequence(PyObject * pyEncodedString){ } PyObject * -get_der_encoding_stack(STACK * stack){ +get_der_encoding_stack(STACK_OF(X509) *stack){ PyObject * encodedString; unsigned char * encoding; int len; - encoding = ASN1_seq_pack((STACK_OF(X509)*) stack, (I2DTYPE)i2d_X509, NULL, &len); + encoding = ASN1_seq_pack_X509(stack, i2d_X509, NULL, &len); if (!encoding) { PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error())); return NULL; diff --git a/tests/alltests.py b/tests/alltests.py index d8742d8..b35e58f 100644 --- a/tests/alltests.py +++ b/tests/alltests.py @@ -37,6 +37,7 @@ def suite(): 'tests.test_rc4', 'tests.test_rsa', 'tests.test_smime', + 'tests.test_ssl_offline', 'tests.test_threading', 'tests.test_x509'] if os.name == 'posix': diff --git a/tests/test_smime.py b/tests/test_smime.py index a24464f..f18c9db 100644 --- a/tests/test_smime.py +++ b/tests/test_smime.py @@ -37,7 +37,7 @@ class SMIMETestCase(unittest.TestCase): buf = BIO.MemoryBuffer(self.cleartext) s = SMIME.SMIME() s.load_key('tests/signer_key.pem', 'tests/signer.pem') - p7 = s.sign(buf) + p7 = s.sign(buf, SMIME.PKCS7_DETACHED) assert len(buf) == 0 assert p7.type() == SMIME.PKCS7_SIGNED, p7.type() assert isinstance(p7, SMIME.PKCS7), p7 @@ -73,9 +73,8 @@ class SMIMETestCase(unittest.TestCase): p7, data = SMIME.smime_load_pkcs7_bio(self.signed) - assert data.read() == self.cleartext assert isinstance(p7, SMIME.PKCS7), p7 - v = s.verify(p7) + v = s.verify(p7, data) assert v == self.cleartext t = p7.get0_signers(sk) @@ -95,7 +94,6 @@ class SMIMETestCase(unittest.TestCase): s.set_x509_store(st) p7, data = SMIME.smime_load_pkcs7_bio(self.signed) - assert data.read() == self.cleartext assert isinstance(p7, SMIME.PKCS7), p7 self.assertRaises(SMIME.PKCS7_Error, s.verify, p7) # Bad signer @@ -169,7 +167,7 @@ class SMIMETestCase(unittest.TestCase): s.set_cipher(SMIME.Cipher('des_ede3_cbc')) tmp = BIO.MemoryBuffer() - s.write(tmp, p7, buf) + s.write(tmp, p7) p7 = s.encrypt(tmp) @@ -211,6 +209,7 @@ class WriteLoadTestCase(unittest.TestCase): assert p7.write(f) == 1 f.close() + p7 = s.sign(BIO.MemoryBuffer('some text'), SMIME.PKCS7_DETACHED) self.filenameSmime = 'tests/sig.p7s' f = BIO.openfile(self.filenameSmime, 'wb') assert s.write(f, p7, BIO.MemoryBuffer('some text')) == 1 @@ -220,7 +219,7 @@ class WriteLoadTestCase(unittest.TestCase): buf = BIO.MemoryBuffer() assert SMIME.load_pkcs7(self.filename).write_der(buf) == 1 s = buf.read() - assert len(s) == 1204, len(s) + assert len(s) in (1204, 1243), len(s) def test_load_pkcs7(self): assert SMIME.load_pkcs7(self.filename).type() == SMIME.PKCS7_SIGNED diff --git a/tests/test_ssl.py b/tests/test_ssl.py index 26f7036..c821a39 100644 --- a/tests/test_ssl.py +++ b/tests/test_ssl.py @@ -405,8 +405,11 @@ class MiscSSLClientTestCase(BaseSSLClientTestCase): try: ctx = SSL.Context('sslv23', weak_crypto=1) s = SSL.Connection(ctx) - s.connect(self.srv_addr) - self.failUnlessEqual(s.get_version(), 'SSLv2') + if m2.OPENSSL_VERSION_NUMBER < 0x10000000: # SSLv2 ciphers disabled by default in newer OpenSSL + s.connect(self.srv_addr) + self.failUnlessEqual(s.get_version(), 'SSLv2') + else: + self.assertRaises(SSL.SSLError, s.connect, self.srv_addr) s.close() finally: self.stop_server(pid) @@ -1032,45 +1035,6 @@ class FtpsLibTestCase(unittest.TestCase): # XXX need server to test against -class CheckerTestCase(unittest.TestCase): - def test_checker(self): - from M2Crypto.SSL import Checker - from M2Crypto import X509 - - check = Checker.Checker(host=srv_host, - peerCertHash='7B754EFA41A264AAD370D43460BC8229F9354ECE') - x509 = X509.load_cert('tests/server.pem') - assert check(x509, srv_host) - self.assertRaises(Checker.WrongHost, check, x509, 'example.com') - - import doctest - doctest.testmod(Checker) - - -class ContextTestCase(unittest.TestCase): - def test_ctx_load_verify_locations(self): - ctx = SSL.Context() - self.assertRaises(ValueError, ctx.load_verify_locations, None, None) - - def test_map(self): - from M2Crypto.SSL.Context import map, _ctxmap - assert isinstance(map(), _ctxmap) - ctx = SSL.Context() - assert map() - ctx.close() - assert map() is _ctxmap.singleton - - def test_certstore(self): - ctx = SSL.Context() - ctx.set_verify(SSL.verify_peer | SSL.verify_fail_if_no_peer_cert, 9) - ctx.load_verify_locations('tests/ca.pem') - ctx.load_cert('tests/x509.pem') - - from M2Crypto import X509 - store = ctx.get_cert_store() - assert isinstance(store, X509.X509_Store) - - class SessionTestCase(unittest.TestCase): def test_session_load_bad(self): self.assertRaises(SSL.SSLError, SSL.Session.load_session, @@ -1086,8 +1050,6 @@ class FtpslibTestCase(unittest.TestCase): def suite(): suite = unittest.TestSuite() - suite.addTest(unittest.makeSuite(CheckerTestCase)) - suite.addTest(unittest.makeSuite(ContextTestCase)) suite.addTest(unittest.makeSuite(SessionTestCase)) suite.addTest(unittest.makeSuite(XmlRpcLibTestCase)) suite.addTest(unittest.makeSuite(FtpsLibTestCase)) diff --git a/tests/test_ssl_offline.py b/tests/test_ssl_offline.py new file mode 100644 index 0000000..ba77434 --- /dev/null +++ b/tests/test_ssl_offline.py @@ -0,0 +1,60 @@ +"""Unit tests for M2Crypto.SSL offline parts + +Copyright (C) 2006 Open Source Applications Foundation. All Rights Reserved. + +Copyright (C) 2009-2010 Heikki Toivonen. All Rights Reserved. +""" + +import unittest, doctest +from M2Crypto.SSL import Checker +from M2Crypto import X509 +from M2Crypto import SSL +from test_ssl import srv_host + + +class CheckerTestCase(unittest.TestCase): + def test_checker(self): + + check = Checker.Checker(host=srv_host, + peerCertHash='7B754EFA41A264AAD370D43460BC8229F9354ECE') + x509 = X509.load_cert('tests/server.pem') + assert check(x509, srv_host) + self.assertRaises(Checker.WrongHost, check, x509, 'example.com') + + doctest.testmod(Checker) + + +class ContextTestCase(unittest.TestCase): + def test_ctx_load_verify_locations(self): + ctx = SSL.Context() + self.assertRaises(ValueError, ctx.load_verify_locations, None, None) + + def test_map(self): + from M2Crypto.SSL.Context import map, _ctxmap + assert isinstance(map(), _ctxmap) + ctx = SSL.Context() + assert map() + ctx.close() + assert map() is _ctxmap.singleton + + def test_certstore(self): + ctx = SSL.Context() + ctx.set_verify(SSL.verify_peer | SSL.verify_fail_if_no_peer_cert, 9) + ctx.load_verify_locations('tests/ca.pem') + ctx.load_cert('tests/x509.pem') + + store = ctx.get_cert_store() + assert isinstance(store, X509.X509_Store) + + +def suite(): + suite = unittest.TestSuite() + suite.addTest(unittest.makeSuite(CheckerTestCase)) + suite.addTest(unittest.makeSuite(ContextTestCase)) + return suite + + +if __name__ == '__main__': + Rand.load_file('randpool.dat', -1) + unittest.TextTestRunner().run(suite()) + Rand.save_file('randpool.dat') -- 1.6.4.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
