diff options
-rw-r--r-- | M2Crypto/BIO.py | 14 | ||||
-rw-r--r-- | M2Crypto/SSL/Connection.py | 17 | ||||
-rw-r--r-- | M2Crypto/SSL/Context.py | 32 | ||||
-rw-r--r-- | doc/DOCU | 6 | ||||
-rw-r--r-- | pack.py | 2 | ||||
-rw-r--r-- | setup.py | 13 |
6 files changed, 58 insertions, 26 deletions
diff --git a/M2Crypto/BIO.py b/M2Crypto/BIO.py index 3f0d0e7..bb3314c 100644 --- a/M2Crypto/BIO.py +++ b/M2Crypto/BIO.py @@ -2,9 +2,10 @@ Copyright (c) 1999-2001 Ng Pheng Siong. All rights reserved.""" -RCS_id='$Id: BIO.py,v 1.8 2002/12/23 03:47:21 ngps Exp $' +RCS_id='$Id: BIO.py,v 1.9 2003/06/22 16:47:36 ngps Exp $' import m2 +from m2 import bio_do_handshake as bio_do_ssl_handshake class BIOError(Exception): pass @@ -46,7 +47,7 @@ class BIO: raise ValueError, 'read count is negative' return m2.bio_read(self.bio, size) - def readline(self, size=256): + def readline(self, size=4096): if not self.readable(): raise IOError, 'cannot read' buf = m2.bio_gets(self.bio, size) @@ -57,7 +58,7 @@ class BIO: raise IOError, 'cannot read' lines=[] while 1: - buf=m2.bio_gets(self.bio, 1024) + buf=m2.bio_gets(self.bio, 4096) if buf is None: break lines.append(buf) @@ -135,7 +136,7 @@ class File(BIO): """ def __init__(self, pyfile, close_pyfile=1): - BIO.__init__(self) + BIO.__init__(self, _pyfree=1) self.pyfile = pyfile self.close_pyfile = close_pyfile self.bio = m2.bio_new_fp(pyfile, 0) @@ -159,7 +160,7 @@ class IOBuffer(BIO): """ def __init__(self, under_bio, mode='rwb', _pyfree=1): - BIO.__init__(self) + BIO.__init__(self, _pyfree=_pyfree) self.io = m2.bio_new(m2.bio_f_buffer()) self.bio = m2.bio_push(self.io, under_bio._ptr()) # This reference keeps the underlying BIO alive while we're not closed. @@ -168,7 +169,6 @@ class IOBuffer(BIO): self.write_closed = 0 else: self.write_closed = 1 - self._pyfree = _pyfree def __del__(self): if self._pyfree: @@ -188,7 +188,7 @@ class CipherStream(BIO): SALT_LEN = m2.PKCS5_SALT_LEN def __init__(self, obio): - BIO.__init__(self) + BIO.__init__(self, _pyfree=1) self.obio = obio self.bio = m2.bio_new(m2.bio_f_cipher()) self.closed = 0 diff --git a/M2Crypto/SSL/Connection.py b/M2Crypto/SSL/Connection.py index 8c826e1..8f3e60b 100644 --- a/M2Crypto/SSL/Connection.py +++ b/M2Crypto/SSL/Connection.py @@ -2,7 +2,7 @@ Copyright (c) 1999-2002 Ng Pheng Siong. All rights reserved.""" -RCS_id='$Id: Connection.py,v 1.9 2003/01/07 16:47:43 ngps Exp $' +RCS_id='$Id: Connection.py,v 1.10 2003/06/22 16:49:01 ngps Exp $' # Python import socket, sys @@ -223,6 +223,7 @@ class Connection: def makefile(self, mode='rb', bufsize='ignored'): # XXX Need to dup(). bio = BIO.BIO(self.sslbio, _close_cb=self.close) + BIO.bio_do_ssl_handshake(bio._ptr()) return BIO.IOBuffer(bio, mode) def getsockname(self): @@ -247,17 +248,17 @@ class Connection: return m2.ssl_get_default_session_timeout(self.ssl) def get_socket_read_timeout(self): - return timeout.struct_to_timeout(self.socket.getsockopt(socket.SOL_SOCKET, socket.RCVTIMEO, 8)) + return timeout.struct_to_timeout(self.socket.getsockopt(socket.SOL_SOCKET, socket.SO_RCVTIMEO, 8)) def get_socket_write_timeout(self): - return timeout.struct_to_timeout(self.socket.getsockopt(socket.SOL_SOCKET, socket.SNDTIMEO, 8)) + return timeout.struct_to_timeout(self.socket.getsockopt(socket.SOL_SOCKET, socket.SO_SNDTIMEO, 8)) def set_socket_read_timeout(self, timeo): - assert isinstance(timeout, timeo) - self.socket.setsockopt(socket.SOL_SOCKET, socket.RCVTIMEO, timeo.pack()) + assert isinstance(timeo, timeout.timeout) + self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_RCVTIMEO, timeo.pack()) - def set_socket_write_timeout(self, timeout): - assert isinstance(timeout, timeo) - self.socket.setsockopt(socket.SOL_SOCKET, socket.SNDTIMEO, timeo.pack()) + def set_socket_write_timeout(self, timeo): + assert isinstance(timeo, timeout.timeout) + self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_SNDTIMEO, timeo.pack()) diff --git a/M2Crypto/SSL/Context.py b/M2Crypto/SSL/Context.py index 7a94ed9..e5b4bc2 100644 --- a/M2Crypto/SSL/Context.py +++ b/M2Crypto/SSL/Context.py @@ -2,7 +2,7 @@ Copyright (c) 1999-2001 Ng Pheng Siong. All rights reserved.""" -RCS_id='$Id: Context.py,v 1.4 2002/12/23 03:56:03 ngps Exp $' +RCS_id='$Id: Context.py,v 1.5 2003/06/22 16:52:50 ngps Exp $' # M2Crypto import cb @@ -39,11 +39,14 @@ class Context: self.ctx = m2.ssl_ctx_new(proto()) self.allow_unknown_ca = 0 map()[self.ctx] = self + m2.ssl_ctx_set_cache_size(self.ctx, 128L) def __del__(self): - del map()[self.ctx] m2.ssl_ctx_free(self.ctx) + def close(self): + del map()[self.ctx] + def load_cert(self, certfile, keyfile=None, callback=util.passphrase_callback): """Load certificate and private key into the context. @@ -65,6 +68,27 @@ class Context: if not m2.ssl_ctx_check_privkey(self.ctx): raise ValueError, 'public/private key mismatch' + def load_cert_chain(self, certchainfile, keyfile=None, callback=util.passphrase_callback): + """Load certificate chain and private key into the context. + + 'certchainfile' - File object containing the PEM-encoded certificate chain. + + 'keyfile' - File object containing the PEM-encoded private key. + Default value of None indicates that the private key is to be found + in 'certchainfile'. + + 'callback' - Callable object to be invoked if the private key is + passphrase-protected. Default callback provides a simple + terminal-style input for the passphrase. + """ + m2.ssl_ctx_passphrase_callback(self.ctx, callback) + m2.ssl_ctx_use_cert_chain(self.ctx, certchainfile) + if not keyfile: + keyfile = certchainfile + m2.ssl_ctx_use_privkey(self.ctx, keyfile) + if not m2.ssl_ctx_check_privkey(self.ctx): + raise ValueError, 'public/private key mismatch' + def load_client_ca(self, cafile): """Load CA certs into the context. These CA certs are sent to the peer during *SSLv3 certificate request*. @@ -145,4 +169,8 @@ class Context: def set_session_timeout(self, timeout): return m2.ssl_ctx_set_session_timeout(self.ctx, timeout) + def set_session_cache_mode(self, mode): + return m2.ssl_ctx_set_session_cache_mode(self.ctx, mode) + def get_session_cache_mode(self): + return m2.ssl_ctx_get_session_cache_mode(self.ctx) @@ -3,7 +3,7 @@ ======================== :Author: Ng Pheng Siong -:Id: $Id: DOCU,v 1.1 2003/06/22 16:41:18 ngps Exp $ +:Id: $Id: DOCU,v 1.2 2003/06/22 16:43:02 ngps Exp $ 2003-06-22 @@ -20,8 +20,8 @@ ReStructuredText equivalent) to generate HTML is like getting rid of the "compile/link" step in the "edit-compile/link-run" cycle. Productivity goes up! -Of course, nobody in his right mind uses Zope's TTW interface to do -serious editing. I use Emacs/ange-ftp. +Of course, nobody in his right mind does serious editing using Zope's +TTW interface. I use Emacs/ange-ftp. I envisage some kind of ReportLab-based magic to generate PDF output easily from within Zope. @@ -28,7 +28,7 @@ if __name__ == "__main__": zap_swig = ("_m2crypto_wrap*", "_m2crypto.c", "_m2crypto.py", "vc60.pdb") for x in zap_swig: - for z in glob.glob("%s/swig/%s" % (start, x)): + for z in glob.glob("%s/SWIG/%s" % (start, x)): try: os.remove(z) except: @@ -6,13 +6,13 @@ Distutils installer for M2Crypto. Copyright (c) 1999-2003, Ng Pheng Siong. All rights reserved. """ -_RCS_id = '$Id: setup.py,v 1.6 2003/05/11 16:11:17 ngps Exp $' +_RCS_id = '$Id: setup.py,v 1.7 2003/06/22 16:45:33 ngps Exp $' import os, shutil from distutils.core import setup, Extension # Set up paths. -my_inc = os.path.join(os.getcwd(), 'swig') +my_inc = os.path.join(os.getcwd(), 'SWIG') if os.name == 'nt': openssl_dir = 'c:\\pkg\\openssl' @@ -20,22 +20,25 @@ if os.name == 'nt': library_dirs = [openssl_dir + '\\lib'] libraries = ['ssleay32', 'libeay32'] #libraries = ['ssleay32_bc', 'libeay32_bc'] + extra_compile_args = [ "-DTHREADING" ] elif os.name == 'posix': include_dirs = [my_inc, '/usr/include'] library_dirs = ['/usr/lib'] libraries = ['ssl', 'crypto'] + extra_compile_args = [ "-DTHREADING" ] # Describe the module. m2crypto = Extension(name = '__m2crypto', - sources = ['swig/_m2crypto.i'], + sources = ['SWIG/_m2crypto.i'], include_dirs = include_dirs, library_dirs = library_dirs, - libraries = libraries + libraries = libraries, + extra_compile_args = extra_compile_args ) setup(name = 'M2Crypto', - version = '0.10', + version = '0.11', description = 'M2Crypto: A Python interface to OpenSSL', author = 'Ng Pheng Siong', author_email = 'ngps@netmemetic.com', |