Index: tests/test_ssl.py
===================================================================
--- tests/test_ssl.py (revision 698)
+++ tests/test_ssl.py (working copy)
@@ -405,8 +405,11 @@
try:
ctx = SSL.Context('sslv23', weak_crypto=1)
s = SSL.Connection(ctx)
- s.connect(self.srv_addr)
- self.failUnlessEqual(s.get_version(), 'SSLv2')
+ if m2.OPENSSL_VERSION_NUMBER < 0x10000000: # SSLv2 ciphers disabled by default in newer OpenSSL
+ s.connect(self.srv_addr)
+ self.failUnlessEqual(s.get_version(), 'SSLv2')
+ else:
+ self.assertRaises(SSL.SSLError, s.connect, self.srv_addr)
s.close()
finally:
self.stop_server(pid)
Index: tests/test_x509.py
===================================================================
--- tests/test_x509.py (revision 698)
+++ tests/test_x509.py (working copy)
@@ -142,7 +142,7 @@
cn.set_data("Hello There!")
assert cn.get_data().as_text() == "Hello There!", cn.get_data().as_text()
- assert n.as_hash() == 1697185131
+ self.assertEquals(n.as_hash(), 1697185131)
self.assertRaises(IndexError, lambda: n[100])
self.assert_(n[10])
Index: tests/test_smime.py
===================================================================
--- tests/test_smime.py (revision 698)
+++ tests/test_smime.py (working copy)
@@ -6,7 +6,7 @@
"""
import unittest
-from M2Crypto import SMIME, BIO, Rand, X509, EVP
+from M2Crypto import SMIME, BIO, Rand, X509, EVP, Err
class SMIMETestCase(unittest.TestCase):
cleartext = 'some text to manipulate'
@@ -213,7 +213,7 @@
self.filenameSmime = 'tests/sig.p7s'
f = BIO.openfile(self.filenameSmime, 'wb')
- assert s.write(f, p7, BIO.MemoryBuffer('some text')) == 1
+ assert s.write(f, p7, BIO.MemoryBuffer('some text')) == 1, Err.get_error()
f.close()
def test_write_pkcs7_der(self):
Index: SWIG/_evp.i
===================================================================
--- SWIG/_evp.i (revision 695)
+++ SWIG/_evp.i (working copy)
@@ -180,7 +180,7 @@
PKCS5_PBKDF2_HMAC_SHA1(passbuf, passlen, saltbuf, saltlen, iter,
keylen, key);
- ret = PyString_FromStringAndSize(key, keylen);
+ ret = PyString_FromStringAndSize((char*)key, keylen);
OPENSSL_cleanse(key, keylen);
return ret;
}
@@ -339,7 +339,7 @@
klen = EVP_BytesToKey(cipher, md, (unsigned char *)sbuf,
(unsigned char *)dbuf, dlen, iter,
key, NULL); /* Since we are not returning IV no need to derive it */
- ret = PyString_FromStringAndSize(key, klen);
+ ret = PyString_FromStringAndSize((char*)key, klen);
return ret;
}
@@ -435,7 +435,7 @@
PyErr_SetString(_evp_err, ERR_reason_error_string(ERR_get_error()));
return NULL;
}
- ret = PyString_FromStringAndSize(sigbuf, siglen);
+ ret = PyString_FromStringAndSize((char*)sigbuf, siglen);
OPENSSL_cleanse(sigbuf, siglen);
OPENSSL_free(sigbuf);
return ret;
@@ -513,7 +513,7 @@
PyErr_SetString(PyExc_ValueError, "EVP_PKEY as DER failed");
return NULL;
}
- der = PyString_FromStringAndSize(pp, len);
+ der = PyString_FromStringAndSize((char*)pp, len);
OPENSSL_free(pp);
return der;
}
Index: SWIG/_ssl.i
===================================================================
--- SWIG/_ssl.i (revision 695)
+++ SWIG/_ssl.i (working copy)
@@ -17,13 +17,17 @@
%apply Pointer NONNULL { SSL_CTX * };
%apply Pointer NONNULL { SSL * };
%apply Pointer NONNULL { SSL_CIPHER * };
-%apply Pointer NONNULL { STACK * };
+%apply Pointer NONNULL { STACK_OF(SSL_CIPHER) * };
+%apply Pointer NONNULL { STACK_OF(X509) * };
%apply Pointer NONNULL { BIO * };
%apply Pointer NONNULL { DH * };
%apply Pointer NONNULL { RSA * };
%apply Pointer NONNULL { EVP_PKEY *};
%apply Pointer NONNULL { PyObject *pyfunc };
+%rename(ssl_get_ciphers) SSL_get_ciphers;
+extern STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);
+
%rename(ssl_get_version) SSL_get_version;
extern const char *SSL_get_version(CONST SSL *);
%rename(ssl_get_error) SSL_get_error;
@@ -668,29 +672,25 @@
return SSL_CIPHER_get_bits(c, NULL);
}
-STACK *ssl_get_ciphers(SSL *ssl) {
- return (STACK *)SSL_get_ciphers(ssl);
+int sk_ssl_cipher_num(STACK_OF(SSL_CIPHER) *stack) {
+ return sk_SSL_CIPHER_num(stack);
}
-int sk_ssl_cipher_num(STACK *stack) {
- return sk_num(stack);
+SSL_CIPHER *sk_ssl_cipher_value(STACK_OF(SSL_CIPHER) *stack, int idx) {
+ return sk_SSL_CIPHER_value(stack, idx);
}
-SSL_CIPHER *sk_ssl_cipher_value(STACK *stack, int idx) {
- return (SSL_CIPHER *)sk_value(stack, idx);
+STACK_OF(X509) *ssl_get_peer_cert_chain(SSL *ssl) {
+ return SSL_get_peer_cert_chain(ssl);
}
-STACK *ssl_get_peer_cert_chain(SSL *ssl) {
- return (STACK *)SSL_get_peer_cert_chain(ssl);
+int sk_x509_num(STACK_OF(X509) *stack) {
+ return sk_X509_num(stack);
}
-int sk_x509_num(STACK *stack) {
- return sk_num(stack);
+X509 *sk_x509_value(STACK_OF(X509) *stack, int idx) {
+ return sk_X509_value(stack, idx);
}
-
-X509 *sk_x509_value(STACK *stack, int idx) {
- return (X509 *)sk_value(stack, idx);
-}
%}
%threadallow i2d_ssl_session;
Index: SWIG/_x509.i
===================================================================
--- SWIG/_x509.i (revision 695)
+++ SWIG/_x509.i (working copy)
@@ -148,8 +148,15 @@
extern int X509_NAME_print_ex(BIO *, X509_NAME *, int, unsigned long);
%rename(x509_name_print_ex_fp) X509_NAME_print_ex_fp;
extern int X509_NAME_print_ex_fp(FILE *, X509_NAME *, int, unsigned long);
+
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+%rename(x509_name_hash) X509_NAME_hash_old;
+extern unsigned long X509_NAME_hash_old(X509_NAME *);
+#else
%rename(x509_name_hash) X509_NAME_hash;
extern unsigned long X509_NAME_hash(X509_NAME *);
+#endif
+
%rename(x509_name_get_index_by_nid) X509_NAME_get_index_by_NID;
extern int X509_NAME_get_index_by_NID(X509_NAME *, int, int);
@@ -171,7 +178,7 @@
if (PyString_Check($input)) {
Py_ssize_t len;
- $1 = PyString_AsString($input);
+ $1 = (unsigned char *)PyString_AsString($input);
len = PyString_Size($input);
if (len > INT_MAX) {
PyErr_SetString(PyExc_ValueError, "object too large");
@@ -184,7 +191,7 @@
}
}
%rename(x509_name_entry_set_data) X509_NAME_ENTRY_set_data;
-extern int X509_NAME_ENTRY_set_data( X509_NAME_ENTRY *, int, CONST unsigned char *, int);
+extern int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *, int, CONST unsigned char *, int);
%typemap(in) (CONST unsigned char *, int);
%rename(x509_req_new) X509_REQ_new;
@@ -230,7 +237,7 @@
%rename(x509_store_ctx_free) X509_STORE_CTX_free;
extern void X509_STORE_CTX_free(X509_STORE_CTX *);
%rename(x509_store_ctx_get1_chain) X509_STORE_CTX_get1_chain;
-extern STACK *X509_STORE_CTX_get1_chain(X509_STORE_CTX *);
+extern STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *);
%rename(x509_extension_get_critical) X509_EXTENSION_get_critical;
extern int X509_EXTENSION_get_critical(X509_EXTENSION *);
@@ -348,7 +355,7 @@
PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error()));
}
else {
- ret = PyString_FromStringAndSize(buf, len);
+ ret = PyString_FromStringAndSize((char*)buf, len);
OPENSSL_free(buf);
}
return ret;
@@ -435,12 +442,12 @@
}
int x509_name_set_by_nid(X509_NAME *name, int nid, PyObject *obj) {
- return X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC, PyString_AsString(obj), -1, -1, 0);
+ return X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC, (unsigned char *)PyString_AsString(obj), -1, -1, 0);
}
/* x509_name_add_entry_by_txt */
int x509_name_add_entry_by_txt(X509_NAME *name, char *field, int type, char *bytes, int len, int loc, int set) {
- return X509_NAME_add_entry_by_txt(name, field, type, bytes, len, loc, set);
+ return X509_NAME_add_entry_by_txt(name, field, type, (unsigned char *)bytes, len, loc, set);
}
PyObject *x509_name_get_der(X509_NAME *name)
@@ -450,23 +457,23 @@
}
/* sk_X509_new_null() is a macro returning "STACK_OF(X509) *". */
-STACK *sk_x509_new_null(void) {
- return (STACK *)sk_X509_new_null();
+STACK_OF(X509) *sk_x509_new_null(void) {
+ return sk_X509_new_null();
}
/* sk_X509_free() is a macro. */
-void sk_x509_free(STACK *stack) {
- sk_X509_free((STACK_OF(X509) *)stack);
+void sk_x509_free(STACK_OF(X509) *stack) {
+ sk_X509_free(stack);
}
/* sk_X509_push() is a macro. */
-int sk_x509_push(STACK *stack, X509 *x509) {
- return sk_X509_push((STACK_OF(X509) *)stack, x509);
+int sk_x509_push(STACK_OF(X509) *stack, X509 *x509) {
+ return sk_X509_push(stack, x509);
}
/* sk_X509_pop() is a macro. */
-X509 *sk_x509_pop(STACK *stack) {
- return sk_X509_pop((STACK_OF(X509) *)stack);
+X509 *sk_x509_pop(STACK_OF(X509) *stack) {
+ return sk_X509_pop(stack);
}
int x509_store_load_locations(X509_STORE *store, const char *file) {
@@ -493,21 +500,29 @@
return X509_REQ_set_version(x, version);
}
-int x509_req_add_extensions(X509_REQ *req, STACK *exts) {
- return X509_REQ_add_extensions(req, (STACK_OF(X509_EXTENSION) *)exts);
+int x509_req_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts) {
+ return X509_REQ_add_extensions(req, exts);
}
-X509_NAME_ENTRY *x509_name_entry_create_by_txt( X509_NAME_ENTRY **ne, char *field, int type, char *bytes, int len) {
- return X509_NAME_ENTRY_create_by_txt( ne, field, type, bytes, len);
+X509_NAME_ENTRY *x509_name_entry_create_by_txt(X509_NAME_ENTRY **ne, char *field, int type, char *bytes, int len) {
+ return X509_NAME_ENTRY_create_by_txt( ne, field, type, (unsigned char *)bytes, len);
}
-LHASH *
-x509v3_lhash(){
- return lh_new(NULL,NULL);
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+LHASH_OF(CONF_VALUE)
+#else
+LHASH
+#endif
+*x509v3_lhash() {
+ return lh_new(NULL, NULL); /* Should probably be lh_CONF_VALUE_new but won't compile. */
}
X509V3_CTX *
-x509v3_set_conf_lhash(LHASH * lhash){
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+x509v3_set_conf_lhash(LHASH_OF(CONF_VALUE) * lhash) {
+#else
+x509v3_set_conf_lhash(LHASH * lhash) {
+#endif
X509V3_CTX * ctx;
if (!(ctx=(X509V3_CTX *)PyMem_Malloc(sizeof(X509V3_CTX)))) {
PyErr_SetString(PyExc_MemoryError, "x509v3_set_conf_lhash");
@@ -517,11 +532,20 @@
return ctx;
}
-X509_EXTENSION *x509v3_ext_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value) {
+X509_EXTENSION *
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+x509v3_ext_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, char *name, char *value) {
+#else
+x509v3_ext_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value) {
+#endif
X509_EXTENSION * ext = NULL;
ext = X509V3_EXT_conf(conf, ctx, name, value);
PyMem_Free(ctx);
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+ lh_CONF_VALUE_free(conf);
+#else
lh_free(conf);
+#endif
return ext;
}
@@ -543,33 +567,33 @@
}
/* sk_X509_EXTENSION_new_null is a macro. */
-STACK *sk_x509_extension_new_null(void) {
- return (STACK *)sk_X509_EXTENSION_new_null();
+STACK_OF(X509_EXTENSION) *sk_x509_extension_new_null(void) {
+ return sk_X509_EXTENSION_new_null();
}
/* sk_X509_EXTENSION_free() is a macro. */
-void sk_x509_extension_free(STACK *stack) {
- sk_X509_EXTENSION_free((STACK_OF(X509_EXTENSION) *)stack);
+void sk_x509_extension_free(STACK_OF(X509_EXTENSION) *stack) {
+ sk_X509_EXTENSION_free(stack);
}
/* sk_X509_EXTENSION_push() is a macro. */
-int sk_x509_extension_push(STACK *stack, X509_EXTENSION *x509_ext) {
- return sk_X509_EXTENSION_push((STACK_OF(X509_EXTENSION) *)stack, x509_ext);
+int sk_x509_extension_push(STACK_OF(X509_EXTENSION) *stack, X509_EXTENSION *x509_ext) {
+ return sk_X509_EXTENSION_push(stack, x509_ext);
}
/* sk_X509_EXTENSION_pop() is a macro. */
-X509_EXTENSION *sk_x509_extension_pop(STACK *stack) {
- return sk_X509_EXTENSION_pop((STACK_OF(X509_EXTENSION) *)stack);
+X509_EXTENSION *sk_x509_extension_pop(STACK_OF(X509_EXTENSION) *stack) {
+ return sk_X509_EXTENSION_pop(stack);
}
/* sk_X509_EXTENSION_num() is a macro. */
-int sk_x509_extension_num(STACK *stack) {
- return sk_X509_EXTENSION_num((STACK_OF(X509_EXTENSION) *)stack);
+int sk_x509_extension_num(STACK_OF(X509_EXTENSION) *stack) {
+ return sk_X509_EXTENSION_num(stack);
}
/* sk_X509_EXTENSION_value() is a macro. */
-X509_EXTENSION *sk_x509_extension_value(STACK *stack, int i) {
- return sk_X509_EXTENSION_value((STACK_OF(X509_EXTENSION) *)stack, i);
+X509_EXTENSION *sk_x509_extension_value(STACK_OF(X509_EXTENSION) *stack, int i) {
+ return sk_X509_EXTENSION_value(stack, i);
}
/* X509_STORE_CTX_get_app_data is a macro. */
@@ -590,7 +614,7 @@
#define I2DTYPE int (*)()
#endif
-STACK *
+STACK_OF(X509) *
make_stack_from_der_sequence(PyObject * pyEncodedString){
STACK_OF(X509) *certs;
Py_ssize_t encoded_string_len;
@@ -606,7 +630,7 @@
return NULL;
}
- certs = ASN1_seq_unpack((unsigned char *)encoded_string, encoded_string_len, (D2ITYPE)d2i_X509, (void(*)())X509_free );
+ certs = ASN1_seq_unpack_X509((unsigned char *)encoded_string, encoded_string_len, d2i_X509, X509_free );
if (!certs) {
PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error()));
return NULL;
@@ -616,13 +640,13 @@
}
PyObject *
-get_der_encoding_stack(STACK * stack){
+get_der_encoding_stack(STACK_OF(X509) *stack){
PyObject * encodedString;
unsigned char * encoding;
int len;
- encoding = ASN1_seq_pack((STACK_OF(X509)*) stack, (I2DTYPE)i2d_X509, NULL, &len);
+ encoding = ASN1_seq_pack_X509(stack, i2d_X509, NULL, &len);
if (!encoding) {
PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error()));
return NULL;
Index: SWIG/_aes.i
===================================================================
--- SWIG/_aes.i (revision 695)
+++ SWIG/_aes.i (working copy)
@@ -76,7 +76,7 @@
AES_encrypt((const unsigned char *)in, out, key);
else
AES_decrypt((const unsigned char *)in, out, key);
- return PyString_FromStringAndSize(out, outlen);
+ return PyString_FromStringAndSize((char*)out, outlen);
}
int AES_type_check(AES_KEY *key) {
Index: SWIG/_util.i
===================================================================
--- SWIG/_util.i (revision 695)
+++ SWIG/_util.i (working copy)
@@ -48,7 +48,7 @@
PyErr_SetString(_util_err, ERR_reason_error_string(ERR_get_error()));
return NULL;
}
- obj = PyString_FromStringAndSize(ret, len);
+ obj = PyString_FromStringAndSize((char*)ret, len);
OPENSSL_free(ret);
return obj;
}
Index: SWIG/_m2crypto.i
===================================================================
--- SWIG/_m2crypto.i (revision 695)
+++ SWIG/_m2crypto.i (working copy)
@@ -38,6 +38,19 @@
#define CONST098
#endif
+/* Bring in STACK_OF macro definition */
+%include <openssl/safestack.h>
+
+/* Bring in LHASH_OF macro definition */
+/* XXX Can't include lhash.h where LHASH_OF is defined, because it includes
+ XXX stdio.h etc. which we fail to include. So we have to (re)define
+ XXX LHASH_OF here instead.
+%include <openssl/lhash.h>
+*/
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+#define LHASH_OF(type) struct lhash_st_##type
+#endif
+
%include constraints.i
%include _threads.i
%include _lib.i
Index: SWIG/_rand.i
===================================================================
--- SWIG/_rand.i (revision 695)
+++ SWIG/_rand.i (working copy)
@@ -87,7 +87,7 @@
Py_INCREF(Py_None);
return Py_None;
} else {
- PyTuple_SET_ITEM(tuple, 0, PyString_FromStringAndSize(blob, n));
+ PyTuple_SET_ITEM(tuple, 0, PyString_FromStringAndSize((char*)blob, n));
PyMem_Free(blob);
PyTuple_SET_ITEM(tuple, 1, PyInt_FromLong((long)ret));
return tuple;
Index: SWIG/_pkcs7.i
===================================================================
--- SWIG/_pkcs7.i (revision 695)
+++ SWIG/_pkcs7.i (working copy)
@@ -12,7 +12,7 @@
%apply Pointer NONNULL { EVP_CIPHER * };
%apply Pointer NONNULL { EVP_PKEY * };
%apply Pointer NONNULL { PKCS7 * };
-%apply Pointer NONNULL { STACK * };
+%apply Pointer NONNULL { STACK_OF(X509) * };
%apply Pointer NONNULL { X509 * };
%rename(pkcs7_new) PKCS7_new;
@@ -54,8 +54,8 @@
%threadallow pkcs7_encrypt;
%inline %{
-PKCS7 *pkcs7_encrypt(STACK *stack, BIO *bio, EVP_CIPHER *cipher, int flags) {
- return PKCS7_encrypt((STACK_OF(X509) *)stack, bio, cipher, flags);
+PKCS7 *pkcs7_encrypt(STACK_OF(X509) *stack, BIO *bio, EVP_CIPHER *cipher, int flags) {
+ return PKCS7_encrypt(stack, bio, cipher, flags);
}
PyObject *pkcs7_decrypt(PKCS7 *pkcs7, EVP_PKEY *pkey, X509 *cert, int flags) {
@@ -96,14 +96,14 @@
%threadallow pkcs7_sign1;
%inline %{
-PKCS7 *pkcs7_sign1(X509 *x509, EVP_PKEY *pkey, STACK *stack, BIO *bio, int flags) {
- return PKCS7_sign(x509, pkey, (STACK_OF(X509) *)stack, bio, flags);
+PKCS7 *pkcs7_sign1(X509 *x509, EVP_PKEY *pkey, STACK_OF(X509) *stack, BIO *bio, int flags) {
+ return PKCS7_sign(x509, pkey, stack, bio, flags);
}
%}
%threadallow pkcs7_verify1;
%inline %{
-PyObject *pkcs7_verify1(PKCS7 *pkcs7, STACK *stack, X509_STORE *store, BIO *data, int flags) {
+PyObject *pkcs7_verify1(PKCS7 *pkcs7, STACK_OF(X509) *stack, X509_STORE *store, BIO *data, int flags) {
int outlen;
char *outbuf;
BIO *bio;
@@ -113,7 +113,7 @@
PyErr_SetString(PyExc_MemoryError, "pkcs7_verify1");
return NULL;
}
- if (!PKCS7_verify(pkcs7, (STACK_OF(X509) *)stack, store, data, bio, flags)) {
+ if (!PKCS7_verify(pkcs7, stack, store, data, bio, flags)) {
PyErr_SetString(_pkcs7_err, ERR_reason_error_string(ERR_get_error()));
BIO_free(bio);
return NULL;
@@ -131,7 +131,7 @@
return ret;
}
-PyObject *pkcs7_verify0(PKCS7 *pkcs7, STACK *stack, X509_STORE *store, int flags) {
+PyObject *pkcs7_verify0(PKCS7 *pkcs7, STACK_OF(X509) *stack, X509_STORE *store, int flags) {
return pkcs7_verify1(pkcs7, stack, store, NULL, flags);
}
%}
@@ -229,7 +229,7 @@
}
/* return STACK_OF(X509)* */
-STACK *pkcs7_get0_signers(PKCS7 *p7, STACK *certs, int flags) {
+STACK_OF(X509) *pkcs7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) {
return PKCS7_get0_signers(p7, certs, flags);
}