diff options
author | Jean-Paul Calderone <exarkun@divmod.com> | 2011-06-12 17:20:31 -0400 |
---|---|---|
committer | Jean-Paul Calderone <exarkun@divmod.com> | 2011-06-12 17:20:31 -0400 |
commit | 0da7acc9079aeba61a764cb84b243e4742dae92d (patch) | |
tree | 95228a0bcac56023c8a82de8a8deff1af5fdaee5 /OpenSSL/crypto | |
parent | 9828f666f9eed90290093e962181d6065bb2017c (diff) | |
parent | c27733339ba8f678479db744e75a994639cba61e (diff) | |
download | pyopenssl-0da7acc9079aeba61a764cb84b243e4742dae92d.tar.gz |
Catch up to trunk
Diffstat (limited to 'OpenSSL/crypto')
-rw-r--r-- | OpenSSL/crypto/crl.c | 17 | ||||
-rw-r--r-- | OpenSSL/crypto/crypto.c | 17 | ||||
-rw-r--r-- | OpenSSL/crypto/crypto.h | 19 | ||||
-rw-r--r-- | OpenSSL/crypto/netscape_spki.c | 9 | ||||
-rw-r--r-- | OpenSSL/crypto/netscape_spki.h | 3 | ||||
-rw-r--r-- | OpenSSL/crypto/pkcs12.c | 37 | ||||
-rw-r--r-- | OpenSSL/crypto/pkcs12.h | 4 | ||||
-rw-r--r-- | OpenSSL/crypto/pkcs7.c | 6 | ||||
-rw-r--r-- | OpenSSL/crypto/pkcs7.h | 4 | ||||
-rw-r--r-- | OpenSSL/crypto/pkey.c | 11 | ||||
-rw-r--r-- | OpenSSL/crypto/pkey.h | 6 | ||||
-rw-r--r-- | OpenSSL/crypto/revoked.c | 3 | ||||
-rw-r--r-- | OpenSSL/crypto/x509.c | 89 | ||||
-rw-r--r-- | OpenSSL/crypto/x509.h | 4 | ||||
-rw-r--r-- | OpenSSL/crypto/x509ext.c | 31 | ||||
-rw-r--r-- | OpenSSL/crypto/x509ext.h | 4 | ||||
-rw-r--r-- | OpenSSL/crypto/x509name.c | 33 | ||||
-rw-r--r-- | OpenSSL/crypto/x509name.h | 4 | ||||
-rw-r--r-- | OpenSSL/crypto/x509req.c | 11 | ||||
-rw-r--r-- | OpenSSL/crypto/x509req.h | 4 | ||||
-rw-r--r-- | OpenSSL/crypto/x509store.c | 6 | ||||
-rw-r--r-- | OpenSSL/crypto/x509store.h | 4 |
22 files changed, 267 insertions, 59 deletions
diff --git a/OpenSSL/crypto/crl.c b/OpenSSL/crypto/crl.c index bc76f22..eec5bcb 100644 --- a/OpenSSL/crypto/crl.c +++ b/OpenSSL/crypto/crl.c @@ -276,12 +276,15 @@ PyTypeObject crypto_CRL_Type = { }; int init_crypto_crl(PyObject *module) { - if (PyType_Ready(&crypto_CRL_Type) < 0) { - return 0; - } + if (PyType_Ready(&crypto_CRL_Type) < 0) { + return 0; + } - if (PyModule_AddObject(module, "CRL", (PyObject *)&crypto_CRL_Type) != 0) { - return 0; - } - return 1; + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_CRL_Type); + if (PyModule_AddObject(module, "CRL", (PyObject *)&crypto_CRL_Type) != 0) { + return 0; + } + return 1; } diff --git a/OpenSSL/crypto/crypto.c b/OpenSSL/crypto/crypto.c index 28b279a..3573a12 100644 --- a/OpenSSL/crypto/crypto.c +++ b/OpenSSL/crypto/crypto.c @@ -1,9 +1,10 @@ /* * crypto.c * - * Copyright (C) AB Strakt 2001, All rights reserved - * Copyright (C) Keyphrene 2004, All rights reserved - * Copyright (C) Jean-Paul Calderone 2008-2009, All rights reserved + * Copyright (C) AB Strakt + * Copyright (C) Keyphrene + * Copyright (C) Jean-Paul Calderone + * See LICENSE for details. * * Main file of crypto sub module. * See the file RATIONALE for a short explanation of why this module was written. @@ -837,13 +838,21 @@ PyOpenSSL_MODINIT(crypto) { crypto_API[crypto_PKCS7_New_NUM] = (void *)crypto_PKCS7_New; crypto_API[crypto_NetscapeSPKI_New_NUM] = (void *)crypto_NetscapeSPKI_New; c_api_object = PyCObject_FromVoidPtr((void *)crypto_API, NULL); - if (c_api_object != NULL) + if (c_api_object != NULL) { + /* PyModule_AddObject steals a reference. + */ + Py_INCREF(c_api_object); PyModule_AddObject(module, "_C_API", c_api_object); + } #endif crypto_Error = PyErr_NewException("OpenSSL.crypto.Error", NULL, NULL); if (crypto_Error == NULL) goto error; + + /* PyModule_AddObject steals a reference. + */ + Py_INCREF(crypto_Error); if (PyModule_AddObject(module, "Error", crypto_Error) != 0) goto error; diff --git a/OpenSSL/crypto/crypto.h b/OpenSSL/crypto/crypto.h index 947f349..4006e71 100644 --- a/OpenSSL/crypto/crypto.h +++ b/OpenSSL/crypto/crypto.h @@ -1,19 +1,32 @@ /* * crypto.h * - * Copyright (C) AB Strakt 2001, All rights reserved + * Copyright (C) AB Strakt + * See LICENSE for details. * * Exports from crypto.c. * See the file RATIONALE for a short explanation of why this module was written. * * Reviewed 2001-07-23 * - * @(#) $Id: crypto.h,v 1.14 2004/08/09 13:41:25 martin Exp $ */ #ifndef PyOpenSSL_CRYPTO_H_ #define PyOpenSSL_CRYPTO_H_ #include <Python.h> +/* Work around a bug in OpenSSL 1.0.0 which is caused by winsock.h being + included (from dtls1.h) too late by the OpenSSL header files, overriding + the fixes (in ossl_typ.h) for symbol clashes caused by this OS header + file. + + In order to have those fixes still take effect, we include winsock.h + here, prior to including any OpenSSL header files. + + */ +#ifdef _WIN32 +# include "winsock.h" +#endif + #include "x509.h" #include "x509name.h" #include "netscape_spki.h" @@ -110,7 +123,7 @@ extern void **crypto_API; PyObject *crypto_dict, *crypto_api_object; \ crypto_dict = PyModule_GetDict(crypto_module); \ crypto_api_object = PyDict_GetItemString(crypto_dict, "_C_API"); \ - if (PyCObject_Check(crypto_api_object)) { \ + if (crypto_api_object && PyCObject_Check(crypto_api_object)) { \ crypto_API = (void **)PyCObject_AsVoidPtr(crypto_api_object); \ } \ } \ diff --git a/OpenSSL/crypto/netscape_spki.c b/OpenSSL/crypto/netscape_spki.c index ff40962..9369d50 100644 --- a/OpenSSL/crypto/netscape_spki.c +++ b/OpenSSL/crypto/netscape_spki.c @@ -1,7 +1,8 @@ /* * netscape_spki.c * - * Copyright (C) Tollef Fog Heen 2003 + * Copyright (C) Tollef Fog Heen + * See LICENSE for details. * * Netscape SPKI handling, thin wrapper */ @@ -297,10 +298,16 @@ init_crypto_netscape_spki(PyObject *module) { return 0; } + /* PyModule_AddObject steals a reference + */ + Py_INCREF((PyObject *)&crypto_NetscapeSPKI_Type); if (PyModule_AddObject(module, "NetscapeSPKI", (PyObject *)&crypto_NetscapeSPKI_Type) != 0) { return 0; } + /* PyModule_AddObject steals a reference + */ + Py_INCREF((PyObject *)&crypto_NetscapeSPKI_Type); if (PyModule_AddObject(module, "NetscapeSPKIType", (PyObject *)&crypto_NetscapeSPKI_Type) != 0) { return 0; } diff --git a/OpenSSL/crypto/netscape_spki.h b/OpenSSL/crypto/netscape_spki.h index 19389d8..2f07307 100644 --- a/OpenSSL/crypto/netscape_spki.h +++ b/OpenSSL/crypto/netscape_spki.h @@ -1,7 +1,8 @@ /* * netscape_spki.h * - * Copyright (C) Tollef Fog Heen 2003, All rights reserved + * Copyright (C) Tollef Fog Heen + * See LICENSE for details. * * Handle Netscape SPKI (challenge response) certificate requests. * diff --git a/OpenSSL/crypto/pkcs12.c b/OpenSSL/crypto/pkcs12.c index 81d6074..a1a5a79 100644 --- a/OpenSSL/crypto/pkcs12.c +++ b/OpenSSL/crypto/pkcs12.c @@ -1,7 +1,8 @@ /* * pkcs12.c * - * Copyright (C) AB Strakt 2001, All rights reserved + * Copyright (C) AB Strakt + * See LICENSE for details. * * Certificate transport (PKCS12) handling code, * mostly thin wrappers around OpenSSL. @@ -336,15 +337,25 @@ crypto_PKCS12_New(PKCS12 *p12, char *passphrase) { } /* parse the PKCS12 lump */ - if (p12 && !PKCS12_parse(p12, passphrase, &pkey, &cert, &cacerts)) { - /* - * If PKCS12_parse fails, and it allocated cacerts, it seems to free - * cacerts, but not re-NULL the pointer. Zounds! Make sure it is - * re-set to NULL here, else we'll have a double-free below. - */ - cacerts = NULL; - exception_from_error_queue(crypto_Error); - goto error; + if (p12) { + if (!PKCS12_parse(p12, passphrase, &pkey, &cert, &cacerts)) { + /* + * If PKCS12_parse fails, and it allocated cacerts, it seems to + * free cacerts, but not re-NULL the pointer. Zounds! Make sure + * it is re-set to NULL here, else we'll have a double-free below. + */ + cacerts = NULL; + exception_from_error_queue(crypto_Error); + goto error; + } else { + /* + * OpenSSL 1.0.0 sometimes leaves an X509_check_private_key error in + * the queue for no particular reason. This error isn't interesting + * to anyone outside this function. It's not even interesting to + * us. Get rid of it. + */ + flush_error_queue(); + } } if (!(self = PyObject_GC_New(crypto_PKCS12Obj, &crypto_PKCS12_Type))) { @@ -551,10 +562,16 @@ init_crypto_pkcs12(PyObject *module) { return 0; } + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_PKCS12_Type); if (PyModule_AddObject(module, "PKCS12", (PyObject *)&crypto_PKCS12_Type) != 0) { return 0; } + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_PKCS12_Type); if (PyModule_AddObject(module, "PKCS12Type", (PyObject *)&crypto_PKCS12_Type) != 0) { return 0; } diff --git a/OpenSSL/crypto/pkcs12.h b/OpenSSL/crypto/pkcs12.h index 3abfa52..f0de1a8 100644 --- a/OpenSSL/crypto/pkcs12.h +++ b/OpenSSL/crypto/pkcs12.h @@ -1,11 +1,11 @@ /* * pkcs12.h * - * Copyright (C) AB Strakt 2001, All rights reserved + * Copyright (C) AB Strakt + * See LICENSE for details. * * Export PKCS12 functions and data structure. * - * @(#) $$ */ #ifndef PyOpenSSL_crypto_PKCS12_H_ #define PyOpenSSL_crypto_PKCS12_H_ diff --git a/OpenSSL/crypto/pkcs7.c b/OpenSSL/crypto/pkcs7.c index fff95e2..1770f7f 100644 --- a/OpenSSL/crypto/pkcs7.c +++ b/OpenSSL/crypto/pkcs7.c @@ -1,7 +1,8 @@ /* * pkcs7.c * - * Copyright (C) AB Strakt 2002, All rights reserved + * Copyright (C) AB Strakt + * See LICENSE for details. * * PKCS7 handling code, mostly thin wrappers around OpenSSL. * See the file RATIONALE for a short explanation of why this module was written. @@ -203,6 +204,9 @@ init_crypto_pkcs7(PyObject *module) { return 0; } + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_PKCS7_Type); if (PyModule_AddObject(module, "PKCS7Type", (PyObject *)&crypto_PKCS7_Type) != 0) { return 0; } diff --git a/OpenSSL/crypto/pkcs7.h b/OpenSSL/crypto/pkcs7.h index bdbb425..d8453b2 100644 --- a/OpenSSL/crypto/pkcs7.h +++ b/OpenSSL/crypto/pkcs7.h @@ -1,12 +1,12 @@ /* * pkcs7.h * - * Copyright (C) AB Strakt 2002, All rights reserved + * Copyright (C) AB Strakt + * See LICENSE for details. * * Export pkcs7 functions and data structure. * See the file RATIONALE for a short explanation of why this module was written. * - * @(#) $Id: pkcs7.h,v 1.2 2002/09/04 22:24:59 iko Exp $ */ #ifndef PyOpenSSL_crypto_PKCS7_H_ #define PyOpenSSL_crypto_PKCS7_H_ diff --git a/OpenSSL/crypto/pkey.c b/OpenSSL/crypto/pkey.c index 6494d2a..0a13aa3 100644 --- a/OpenSSL/crypto/pkey.c +++ b/OpenSSL/crypto/pkey.c @@ -1,8 +1,9 @@ /* * pkey.c * - * Copyright (C) AB Strakt 2001, All rights reserved - * Copyright (C) Jean-Paul Calderone 2008, All rights reserved + * Copyright (C) AB Strakt + * Copyright (C) Jean-Paul Calderone + * See LICENSE for details. * * Public/rivate key handling code, mostly thin wrappers around OpenSSL. * See the file RATIONALE for a short explanation of why this module was written. @@ -251,10 +252,16 @@ init_crypto_pkey(PyObject *module) return 0; } + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_PKey_Type); if (PyModule_AddObject(module, "PKey", (PyObject *)&crypto_PKey_Type) != 0) { return 0; } + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_PKey_Type); if (PyModule_AddObject(module, "PKeyType", (PyObject *)&crypto_PKey_Type) != 0) { return 0; } diff --git a/OpenSSL/crypto/pkey.h b/OpenSSL/crypto/pkey.h index 3ac7bde..dc5e52e 100644 --- a/OpenSSL/crypto/pkey.h +++ b/OpenSSL/crypto/pkey.h @@ -1,13 +1,13 @@ /* * pkey.h * - * Copyright (C) AB Strakt 2001, All rights reserved - * Copyright (C) Jean-Paul Calderone 2008, All rights reserved + * Copyright (C) AB Strakt + * Copyright (C) Jean-Paul Calderone + * See LICENSE for details. * * Export pkey functions and data structure. * See the file RATIONALE for a short explanation of why this module was written. * - * @(#) $Id: pkey.h,v 1.5 2002/09/04 22:24:59 iko Exp $ */ #ifndef PyOpenSSL_crypto_PKEY_H_ #define PyOpenSSL_crypto_PKEY_H_ diff --git a/OpenSSL/crypto/revoked.c b/OpenSSL/crypto/revoked.c index e9b1297..93f9946 100644 --- a/OpenSSL/crypto/revoked.c +++ b/OpenSSL/crypto/revoked.c @@ -434,6 +434,9 @@ int init_crypto_revoked(PyObject *module) { return 0; } + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_Revoked_Type); if (PyModule_AddObject(module, "Revoked", (PyObject *)&crypto_Revoked_Type) != 0) { return 0; } diff --git a/OpenSSL/crypto/x509.c b/OpenSSL/crypto/x509.c index 9c2448c..0754dec 100644 --- a/OpenSSL/crypto/x509.c +++ b/OpenSSL/crypto/x509.c @@ -1,8 +1,9 @@ /* * x509.c * - * Copyright (C) AB Strakt 2001, All rights reserved - * Copyright (C) Jean-Paul Calderone 2008, All rights reserved + * Copyright (C) AB Strakt + * Copyright (C) Jean-Paul Calderone + * See LICENSE for details. * * Certificate (X.509) handling code, mostly thin wrappers around OpenSSL. * See the file RATIONALE for a short explanation of why this module was written. @@ -12,6 +13,7 @@ #include <Python.h> #define crypto_MODULE #include "crypto.h" +#include "x509ext.h" /* * X.509 is a standard for digital certificates. See e.g. the OpenSSL homepage @@ -299,7 +301,7 @@ crypto_X509_get_pubkey(crypto_X509Obj *self, PyObject *args) py_pkey = crypto_PKey_New(pkey, 1); if (py_pkey != NULL) { - py_pkey->only_public = 1; + py_pkey->only_public = 1; } return (PyObject *)py_pkey; } @@ -517,6 +519,34 @@ crypto_X509_gmtime_adj_notAfter(crypto_X509Obj *self, PyObject *args) return Py_None; } + +static char crypto_X509_get_signature_algorithm_doc[] = "\n\ +Retrieve the signature algorithm used in the certificate\n\ +\n\ +@return: A byte string giving the name of the signature algorithm used in\n\ + the certificate.\n\ +@raise ValueError: If the signature algorithm is undefined.\n\ +"; + +static PyObject * +crypto_X509_get_signature_algorithm(crypto_X509Obj *self, PyObject *args) { + ASN1_OBJECT *alg; + int nid; + + if (!PyArg_ParseTuple(args, ":get_signature_algorithm")) { + return NULL; + } + + alg = self->x509->cert_info->signature->algorithm; + nid = OBJ_obj2nid(alg); + if (nid == NID_undef) { + PyErr_SetString(PyExc_ValueError, "Undefined signature algorithm"); + return NULL; + } + return PyBytes_FromString(OBJ_nid2ln(nid)); +} + + static char crypto_X509_sign_doc[] = "\n\ Sign the certificate using the supplied key and digest\n\ \n\ @@ -684,6 +714,52 @@ crypto_X509_add_extensions(crypto_X509Obj *self, PyObject *args) return Py_None; } +static char crypto_X509_get_extension_count_doc[] = "\n\ +Get the number of extensions on the certificate.\n\ +\n\ +@return: Number of extensions as a Python integer\n\ +"; + +static PyObject * +crypto_X509_get_extension_count(crypto_X509Obj *self, PyObject *args) { + if (!PyArg_ParseTuple(args, ":get_extension_count")) { + return NULL; + } + + return PyLong_FromLong((long)X509_get_ext_count(self->x509)); +} + +static char crypto_X509_get_extension_doc[] = "\n\ +Get a specific extension of the certificate by index.\n\ +\n\ +@param index: The index of the extension to retrieve.\n\ +@return: The X509Extension object at the specified index.\n\ +"; + +static PyObject * +crypto_X509_get_extension(crypto_X509Obj *self, PyObject *args) { + crypto_X509ExtensionObj *extobj; + int loc; + X509_EXTENSION *ext; + + if (!PyArg_ParseTuple(args, "i:get_extension", &loc)) { + return NULL; + } + + /* will return NULL if loc is outside the range of extensions, + not registered as an error*/ + ext = X509_get_ext(self->x509, loc); + if (!ext) { + PyErr_SetString(PyExc_IndexError, "extension index out of bounds"); + return NULL; /* Should be reported as an IndexError ? */ + } + + extobj = PyObject_New(crypto_X509ExtensionObj, &crypto_X509Extension_Type); + extobj->x509_extension = X509_EXTENSION_dup(ext); + + return (PyObject*)extobj; +} + /* * ADD_METHOD(name) expands to a correct PyMethodDef declaration * { 'name', (PyCFunction)crypto_X509_name, METH_VARARGS } @@ -709,11 +785,14 @@ static PyMethodDef crypto_X509_methods[] = ADD_METHOD(set_notAfter), ADD_METHOD(gmtime_adj_notBefore), ADD_METHOD(gmtime_adj_notAfter), + ADD_METHOD(get_signature_algorithm), ADD_METHOD(sign), ADD_METHOD(has_expired), ADD_METHOD(subject_name_hash), ADD_METHOD(digest), ADD_METHOD(add_extensions), + ADD_METHOD(get_extension), + ADD_METHOD(get_extension_count), { NULL, NULL } }; #undef ADD_METHOD @@ -833,10 +912,14 @@ init_crypto_x509(PyObject *module) return 0; } + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_X509_Type); if (PyModule_AddObject(module, "X509", (PyObject *)&crypto_X509_Type) != 0) { return 0; } + Py_INCREF((PyObject *)&crypto_X509_Type); if (PyModule_AddObject(module, "X509Type", (PyObject *)&crypto_X509_Type) != 0) { return 0; } diff --git a/OpenSSL/crypto/x509.h b/OpenSSL/crypto/x509.h index 43e41eb..f6cd190 100644 --- a/OpenSSL/crypto/x509.h +++ b/OpenSSL/crypto/x509.h @@ -1,14 +1,14 @@ /* * x509.h * - * Copyright (C) AB Strakt 2001, All rights reserved + * Copyright (C) AB Strakt + * See LICENSE for details. * * Export x509 functions and data structure. * See the file RATIONALE for a short explanation of why this module was written. * * Reviewed 2001-07-23 * - * @(#) $Id: x509.h,v 1.9 2002/09/04 22:24:59 iko Exp $ */ #ifndef PyOpenSSL_crypto_X509_H_ #define PyOpenSSL_crypto_X509_H_ diff --git a/OpenSSL/crypto/x509ext.c b/OpenSSL/crypto/x509ext.c index d629732..adbe084 100644 --- a/OpenSSL/crypto/x509ext.c +++ b/OpenSSL/crypto/x509ext.c @@ -1,12 +1,12 @@ /* * x509ext.c * - * Copyright (C) Jean-Paul Calderone 2008, All rights reserved + * Copyright (C) Jean-Paul Calderone + * See LICENSE for details. * * Export X.509 extension functions and data structures. * See the file RATIONALE for a short explanation of why this module was written. * - * @(#) $Id: x509ext.c,v 1.1 2002/07/09 13:34:46 martin Exp $ */ #include <Python.h> @@ -51,6 +51,26 @@ crypto_X509Extension_get_short_name(crypto_X509ExtensionObj *self, PyObject *arg } +static char crypto_X509Extension_get_data_doc[] = "\n\ +Returns the data of the X509Extension\n\ +\n\ +@return: A C{str} giving the X509Extension's ASN.1 encoded data.\n\ +"; + +static PyObject * +crypto_X509Extension_get_data(crypto_X509ExtensionObj *self, PyObject *args) { + ASN1_OCTET_STRING *data; + PyObject *result; + + if (!PyArg_ParseTuple(args, ":get_data")) { + return NULL; + } + + data = X509_EXTENSION_get_data(self->x509_extension); + result = PyBytes_FromStringAndSize((const char*)data->data, data->length); + return result; +} + /* * ADD_METHOD(name) expands to a correct PyMethodDef declaration * { 'name', (PyCFunction)crypto_X509Extension_name, METH_VARARGS } @@ -62,6 +82,7 @@ static PyMethodDef crypto_X509Extension_methods[] = { ADD_METHOD(get_critical), ADD_METHOD(get_short_name), + ADD_METHOD(get_data), { NULL, NULL } }; #undef ADD_METHOD @@ -295,11 +316,17 @@ init_crypto_x509extension(PyObject *module) return 0; } + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_X509Extension_Type); if (PyModule_AddObject(module, "X509Extension", (PyObject *)&crypto_X509Extension_Type) != 0) { return 0; } + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_X509Extension_Type); if (PyModule_AddObject(module, "X509ExtensionType", (PyObject *)&crypto_X509Extension_Type) != 0) { return 0; diff --git a/OpenSSL/crypto/x509ext.h b/OpenSSL/crypto/x509ext.h index 6ce7f68..3ddc716 100644 --- a/OpenSSL/crypto/x509ext.h +++ b/OpenSSL/crypto/x509ext.h @@ -1,12 +1,12 @@ /* * x509ext.h * - * Copyright (C) Awanim 2002, All rights reserved + * Copyright (C) Awanim + * See LICENSE for details. * * Export X.509 extension functions and data structures. * See the file RATIONALE for a short explanation of why this module was written. * - * @(#) $Id: x509ext.h,v 1.2 2002/09/04 22:24:59 iko Exp $ */ #ifndef PyOpenSSL_crypto_X509EXTENSION_H_ #define PyOpenSSL_crypto_X509EXTENSION_H_ diff --git a/OpenSSL/crypto/x509name.c b/OpenSSL/crypto/x509name.c index e10c5a5..a62c957 100644 --- a/OpenSSL/crypto/x509name.c +++ b/OpenSSL/crypto/x509name.c @@ -1,8 +1,9 @@ /* * x509name.c * - * Copyright (C) AB Strakt 2001, All rights reserved - * Copyright (C) Jean-Paul Calderone 2008-2009, All rights reserved + * Copyright (C) AB Strakt + * Copyright (C) Jean-Paul Calderone + * See LICENSE for details. * * X.509 Name handling, mostly thin wrapping. * See the file RATIONALE for a short explanation of why this module was written. @@ -194,14 +195,30 @@ crypto_X509Name_getattro(crypto_X509NameObj *self, PyObject *nameobj) * value - The value to set */ static int -crypto_X509Name_setattr(crypto_X509NameObj *self, char *name, PyObject *value) +crypto_X509Name_setattro(crypto_X509NameObj *self, PyObject *nameobj, PyObject *value) { int nid; int result; char *buffer; + char *name; + + if (!PyBytes_CheckExact(nameobj) && !PyUnicode_CheckExact(nameobj)) { + PyErr_Format(PyExc_TypeError, + "attribute name must be string, not '%.200s'", + Py_TYPE(nameobj)->tp_name); + return -1; + } + +#ifdef PY3 + name = PyBytes_AsString(PyUnicode_AsASCIIString(nameobj)); +#else + name = PyBytes_AsString(nameobj); +#endif if ((nid = OBJ_txt2nid(name)) == NID_undef) { + /* Just like the case in the getattr function */ + flush_error_queue(); PyErr_SetString(PyExc_AttributeError, "No such attribute"); return -1; } @@ -474,7 +491,7 @@ PyTypeObject crypto_X509Name_Type = { (destructor)crypto_X509Name_dealloc, NULL, /* print */ NULL, /* getattr */ - (setattrfunc)crypto_X509Name_setattr, + NULL, /* setattr */ NULL, /* reserved */ (reprfunc)crypto_X509Name_repr, NULL, /* as_number */ @@ -484,7 +501,7 @@ PyTypeObject crypto_X509Name_Type = { NULL, /* call */ NULL, /* str */ (getattrofunc)crypto_X509Name_getattro, /* getattro */ - NULL, /* setattro */ + (setattrofunc)crypto_X509Name_setattro, /* setattro */ NULL, /* as_buffer */ Py_TPFLAGS_DEFAULT | Py_TPFLAGS_HAVE_GC, /* tp_flags */ crypto_X509Name_doc, /* tp_doc */ @@ -520,10 +537,16 @@ init_crypto_x509name(PyObject *module) return 0; } + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_X509Name_Type); if (PyModule_AddObject(module, "X509Name", (PyObject *)&crypto_X509Name_Type) != 0) { return 0; } + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_X509Name_Type); if (PyModule_AddObject(module, "X509NameType", (PyObject *)&crypto_X509Name_Type) != 0) { return 0; } diff --git a/OpenSSL/crypto/x509name.h b/OpenSSL/crypto/x509name.h index 362ce35..bfc7628 100644 --- a/OpenSSL/crypto/x509name.h +++ b/OpenSSL/crypto/x509name.h @@ -1,14 +1,14 @@ /* * x509name.h * - * Copyright (C) AB Strakt 2001, All rights reserved + * Copyright (C) AB Strakt + * See LICENSE for details. * * Export X.509 name functions and data structures. * See the file RATIONALE for a short explanation of why this module was written. * * Reviewed 2001-07-23 * - * @(#) $Id: x509name.h,v 1.8 2002/09/04 22:24:59 iko Exp $ */ #ifndef PyOpenSSL_crypto_X509NAME_H_ #define PyOpenSSL_crypto_X509NAME_H_ diff --git a/OpenSSL/crypto/x509req.c b/OpenSSL/crypto/x509req.c index 23c0218..a2d1f11 100644 --- a/OpenSSL/crypto/x509req.c +++ b/OpenSSL/crypto/x509req.c @@ -1,8 +1,9 @@ /* * x509req.c * - * Copyright (C) AB Strakt 2001, All rights reserved - * Copyright (C) Jean-Paul Calderone 2008, All rights reserved + * Copyright (C) AB Strakt + * Copyright (C) Jean-Paul Calderone + * See LICENSE for details. * * X.509 Request handling, mostly thin wrapping. * See the file RATIONALE for a short explanation of why this module was written. @@ -412,10 +413,16 @@ init_crypto_x509req(PyObject *module) return 0; } + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_X509Req_Type); if (PyModule_AddObject(module, "X509Req", (PyObject *)&crypto_X509Req_Type) != 0) { return 0; } + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_X509Req_Type); if (PyModule_AddObject(module, "X509ReqType", (PyObject *)&crypto_X509Req_Type) != 0) { return 0; } diff --git a/OpenSSL/crypto/x509req.h b/OpenSSL/crypto/x509req.h index db8043c..5fe0524 100644 --- a/OpenSSL/crypto/x509req.h +++ b/OpenSSL/crypto/x509req.h @@ -1,12 +1,12 @@ /* * x509req.h * - * Copyright (C) AB Strakt 2001, All rights reserved + * Copyright (C) AB Strakt + * See LICENSE for details. * * Export X509 request functions and data structures. * See the file RATIONALE for a short explanation of why this module was written. * - * @(#) $Id: x509req.h,v 1.6 2002/09/04 22:24:59 iko Exp $ */ #ifndef PyOpenSSL_SSL_X509REQ_H_ #define PyOpenSSL_SSL_X509REQ_H_ diff --git a/OpenSSL/crypto/x509store.c b/OpenSSL/crypto/x509store.c index 30ae508..bf22756 100644 --- a/OpenSSL/crypto/x509store.c +++ b/OpenSSL/crypto/x509store.c @@ -1,7 +1,8 @@ /* * x509store.c * - * Copyright (C) AB Strakt 2001, All rights reserved + * Copyright (C) AB Strakt + * See LICENSE for details. * * X.509 Store handling, mostly thin wrapping. * See the file RATIONALE for a short explanation of why this module was written. @@ -137,6 +138,9 @@ init_crypto_x509store(PyObject *module) return 0; } + /* PyModule_AddObject steals a reference. + */ + Py_INCREF((PyObject *)&crypto_X509Store_Type); if (PyModule_AddObject(module, "X509StoreType", (PyObject *)&crypto_X509Store_Type) != 0) { return 0; } diff --git a/OpenSSL/crypto/x509store.h b/OpenSSL/crypto/x509store.h index 9ed5073..de3531d 100644 --- a/OpenSSL/crypto/x509store.h +++ b/OpenSSL/crypto/x509store.h @@ -1,12 +1,12 @@ /* * x509store.h * - * Copyright (C) AB Strakt 2001, All rights reserved + * Copyright (C) AB Strakt + * See LICENSE for details. * * Export X509 store functions and data structures. * See the file RATIONALE for a short explanation of why this module was written. * - * @(#) $Id: x509store.h,v 1.4 2002/09/04 22:24:59 iko Exp $ */ #ifndef PyOpenSSL_SSL_X509STORE_H_ #define PyOpenSSL_SSL_X509STORE_H_ |