1 Index: tests/test_ssl.py
2 ===================================================================
3 --- tests/test_ssl.py (revision 698)
4 +++ tests/test_ssl.py (working copy)
7 ctx = SSL.Context('sslv23', weak_crypto=1)
8 s = SSL.Connection(ctx)
9 - s.connect(self.srv_addr)
10 - self.failUnlessEqual(s.get_version(), 'SSLv2')
11 + if m2.OPENSSL_VERSION_NUMBER < 0x10000000: # SSLv2 ciphers disabled by default in newer OpenSSL
12 + s.connect(self.srv_addr)
13 + self.failUnlessEqual(s.get_version(), 'SSLv2')
15 + self.assertRaises(SSL.SSLError, s.connect, self.srv_addr)
19 Index: tests/test_x509.py
20 ===================================================================
21 --- tests/test_x509.py (revision 698)
22 +++ tests/test_x509.py (working copy)
24 cn.set_data("Hello There!")
25 assert cn.get_data().as_text() == "Hello There!", cn.get_data().as_text()
27 - assert n.as_hash() == 1697185131
28 + self.assertEquals(n.as_hash(), 1697185131)
30 self.assertRaises(IndexError, lambda: n[100])
32 Index: tests/test_smime.py
33 ===================================================================
34 --- tests/test_smime.py (revision 698)
35 +++ tests/test_smime.py (working copy)
40 -from M2Crypto import SMIME, BIO, Rand, X509, EVP
41 +from M2Crypto import SMIME, BIO, Rand, X509, EVP, Err
43 class SMIMETestCase(unittest.TestCase):
44 cleartext = 'some text to manipulate'
47 self.filenameSmime = 'tests/sig.p7s'
48 f = BIO.openfile(self.filenameSmime, 'wb')
49 - assert s.write(f, p7, BIO.MemoryBuffer('some text')) == 1
50 + assert s.write(f, p7, BIO.MemoryBuffer('some text')) == 1, Err.get_error()
53 def test_write_pkcs7_der(self):
55 ===================================================================
56 --- SWIG/_evp.i (revision 695)
57 +++ SWIG/_evp.i (working copy)
60 PKCS5_PBKDF2_HMAC_SHA1(passbuf, passlen, saltbuf, saltlen, iter,
62 - ret = PyString_FromStringAndSize(key, keylen);
63 + ret = PyString_FromStringAndSize((char*)key, keylen);
64 OPENSSL_cleanse(key, keylen);
68 klen = EVP_BytesToKey(cipher, md, (unsigned char *)sbuf,
69 (unsigned char *)dbuf, dlen, iter,
70 key, NULL); /* Since we are not returning IV no need to derive it */
71 - ret = PyString_FromStringAndSize(key, klen);
72 + ret = PyString_FromStringAndSize((char*)key, klen);
77 PyErr_SetString(_evp_err, ERR_reason_error_string(ERR_get_error()));
80 - ret = PyString_FromStringAndSize(sigbuf, siglen);
81 + ret = PyString_FromStringAndSize((char*)sigbuf, siglen);
82 OPENSSL_cleanse(sigbuf, siglen);
86 PyErr_SetString(PyExc_ValueError, "EVP_PKEY as DER failed");
89 - der = PyString_FromStringAndSize(pp, len);
90 + der = PyString_FromStringAndSize((char*)pp, len);
95 ===================================================================
96 --- SWIG/_ssl.i (revision 695)
97 +++ SWIG/_ssl.i (working copy)
99 %apply Pointer NONNULL { SSL_CTX * };
100 %apply Pointer NONNULL { SSL * };
101 %apply Pointer NONNULL { SSL_CIPHER * };
102 -%apply Pointer NONNULL { STACK * };
103 +%apply Pointer NONNULL { STACK_OF(SSL_CIPHER) * };
104 +%apply Pointer NONNULL { STACK_OF(X509) * };
105 %apply Pointer NONNULL { BIO * };
106 %apply Pointer NONNULL { DH * };
107 %apply Pointer NONNULL { RSA * };
108 %apply Pointer NONNULL { EVP_PKEY *};
109 %apply Pointer NONNULL { PyObject *pyfunc };
111 +%rename(ssl_get_ciphers) SSL_get_ciphers;
112 +extern STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);
114 %rename(ssl_get_version) SSL_get_version;
115 extern const char *SSL_get_version(CONST SSL *);
116 %rename(ssl_get_error) SSL_get_error;
117 @@ -668,29 +672,25 @@
118 return SSL_CIPHER_get_bits(c, NULL);
121 -STACK *ssl_get_ciphers(SSL *ssl) {
122 - return (STACK *)SSL_get_ciphers(ssl);
123 +int sk_ssl_cipher_num(STACK_OF(SSL_CIPHER) *stack) {
124 + return sk_SSL_CIPHER_num(stack);
127 -int sk_ssl_cipher_num(STACK *stack) {
128 - return sk_num(stack);
129 +SSL_CIPHER *sk_ssl_cipher_value(STACK_OF(SSL_CIPHER) *stack, int idx) {
130 + return sk_SSL_CIPHER_value(stack, idx);
133 -SSL_CIPHER *sk_ssl_cipher_value(STACK *stack, int idx) {
134 - return (SSL_CIPHER *)sk_value(stack, idx);
135 +STACK_OF(X509) *ssl_get_peer_cert_chain(SSL *ssl) {
136 + return SSL_get_peer_cert_chain(ssl);
139 -STACK *ssl_get_peer_cert_chain(SSL *ssl) {
140 - return (STACK *)SSL_get_peer_cert_chain(ssl);
141 +int sk_x509_num(STACK_OF(X509) *stack) {
142 + return sk_X509_num(stack);
145 -int sk_x509_num(STACK *stack) {
146 - return sk_num(stack);
147 +X509 *sk_x509_value(STACK_OF(X509) *stack, int idx) {
148 + return sk_X509_value(stack, idx);
151 -X509 *sk_x509_value(STACK *stack, int idx) {
152 - return (X509 *)sk_value(stack, idx);
156 %threadallow i2d_ssl_session;
158 ===================================================================
159 --- SWIG/_x509.i (revision 695)
160 +++ SWIG/_x509.i (working copy)
162 extern int X509_NAME_print_ex(BIO *, X509_NAME *, int, unsigned long);
163 %rename(x509_name_print_ex_fp) X509_NAME_print_ex_fp;
164 extern int X509_NAME_print_ex_fp(FILE *, X509_NAME *, int, unsigned long);
166 +#if OPENSSL_VERSION_NUMBER >= 0x10000000L
167 +%rename(x509_name_hash) X509_NAME_hash_old;
168 +extern unsigned long X509_NAME_hash_old(X509_NAME *);
170 %rename(x509_name_hash) X509_NAME_hash;
171 extern unsigned long X509_NAME_hash(X509_NAME *);
174 %rename(x509_name_get_index_by_nid) X509_NAME_get_index_by_NID;
175 extern int X509_NAME_get_index_by_NID(X509_NAME *, int, int);
178 if (PyString_Check($input)) {
181 - $1 = PyString_AsString($input);
182 + $1 = (unsigned char *)PyString_AsString($input);
183 len = PyString_Size($input);
185 PyErr_SetString(PyExc_ValueError, "object too large");
189 %rename(x509_name_entry_set_data) X509_NAME_ENTRY_set_data;
190 -extern int X509_NAME_ENTRY_set_data( X509_NAME_ENTRY *, int, CONST unsigned char *, int);
191 +extern int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *, int, CONST unsigned char *, int);
192 %typemap(in) (CONST unsigned char *, int);
194 %rename(x509_req_new) X509_REQ_new;
196 %rename(x509_store_ctx_free) X509_STORE_CTX_free;
197 extern void X509_STORE_CTX_free(X509_STORE_CTX *);
198 %rename(x509_store_ctx_get1_chain) X509_STORE_CTX_get1_chain;
199 -extern STACK *X509_STORE_CTX_get1_chain(X509_STORE_CTX *);
200 +extern STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *);
202 %rename(x509_extension_get_critical) X509_EXTENSION_get_critical;
203 extern int X509_EXTENSION_get_critical(X509_EXTENSION *);
205 PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error()));
208 - ret = PyString_FromStringAndSize(buf, len);
209 + ret = PyString_FromStringAndSize((char*)buf, len);
213 @@ -435,12 +442,12 @@
216 int x509_name_set_by_nid(X509_NAME *name, int nid, PyObject *obj) {
217 - return X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC, PyString_AsString(obj), -1, -1, 0);
218 + return X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC, (unsigned char *)PyString_AsString(obj), -1, -1, 0);
221 /* x509_name_add_entry_by_txt */
222 int x509_name_add_entry_by_txt(X509_NAME *name, char *field, int type, char *bytes, int len, int loc, int set) {
223 - return X509_NAME_add_entry_by_txt(name, field, type, bytes, len, loc, set);
224 + return X509_NAME_add_entry_by_txt(name, field, type, (unsigned char *)bytes, len, loc, set);
227 PyObject *x509_name_get_der(X509_NAME *name)
228 @@ -450,23 +457,23 @@
231 /* sk_X509_new_null() is a macro returning "STACK_OF(X509) *". */
232 -STACK *sk_x509_new_null(void) {
233 - return (STACK *)sk_X509_new_null();
234 +STACK_OF(X509) *sk_x509_new_null(void) {
235 + return sk_X509_new_null();
238 /* sk_X509_free() is a macro. */
239 -void sk_x509_free(STACK *stack) {
240 - sk_X509_free((STACK_OF(X509) *)stack);
241 +void sk_x509_free(STACK_OF(X509) *stack) {
242 + sk_X509_free(stack);
245 /* sk_X509_push() is a macro. */
246 -int sk_x509_push(STACK *stack, X509 *x509) {
247 - return sk_X509_push((STACK_OF(X509) *)stack, x509);
248 +int sk_x509_push(STACK_OF(X509) *stack, X509 *x509) {
249 + return sk_X509_push(stack, x509);
252 /* sk_X509_pop() is a macro. */
253 -X509 *sk_x509_pop(STACK *stack) {
254 - return sk_X509_pop((STACK_OF(X509) *)stack);
255 +X509 *sk_x509_pop(STACK_OF(X509) *stack) {
256 + return sk_X509_pop(stack);
259 int x509_store_load_locations(X509_STORE *store, const char *file) {
260 @@ -493,21 +500,29 @@
261 return X509_REQ_set_version(x, version);
264 -int x509_req_add_extensions(X509_REQ *req, STACK *exts) {
265 - return X509_REQ_add_extensions(req, (STACK_OF(X509_EXTENSION) *)exts);
266 +int x509_req_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts) {
267 + return X509_REQ_add_extensions(req, exts);
270 -X509_NAME_ENTRY *x509_name_entry_create_by_txt( X509_NAME_ENTRY **ne, char *field, int type, char *bytes, int len) {
271 - return X509_NAME_ENTRY_create_by_txt( ne, field, type, bytes, len);
272 +X509_NAME_ENTRY *x509_name_entry_create_by_txt(X509_NAME_ENTRY **ne, char *field, int type, char *bytes, int len) {
273 + return X509_NAME_ENTRY_create_by_txt( ne, field, type, (unsigned char *)bytes, len);
278 - return lh_new(NULL,NULL);
279 +#if OPENSSL_VERSION_NUMBER >= 0x10000000L
280 +LHASH_OF(CONF_VALUE)
285 + return lh_new(NULL, NULL); /* Should probably be lh_CONF_VALUE_new but won't compile. */
289 -x509v3_set_conf_lhash(LHASH * lhash){
290 +#if OPENSSL_VERSION_NUMBER >= 0x10000000L
291 +x509v3_set_conf_lhash(LHASH_OF(CONF_VALUE) * lhash) {
293 +x509v3_set_conf_lhash(LHASH * lhash) {
296 if (!(ctx=(X509V3_CTX *)PyMem_Malloc(sizeof(X509V3_CTX)))) {
297 PyErr_SetString(PyExc_MemoryError, "x509v3_set_conf_lhash");
298 @@ -517,11 +532,20 @@
302 -X509_EXTENSION *x509v3_ext_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value) {
304 +#if OPENSSL_VERSION_NUMBER >= 0x10000000L
305 +x509v3_ext_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, char *name, char *value) {
307 +x509v3_ext_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value) {
309 X509_EXTENSION * ext = NULL;
310 ext = X509V3_EXT_conf(conf, ctx, name, value);
312 +#if OPENSSL_VERSION_NUMBER >= 0x10000000L
313 + lh_CONF_VALUE_free(conf);
320 @@ -543,33 +567,33 @@
323 /* sk_X509_EXTENSION_new_null is a macro. */
324 -STACK *sk_x509_extension_new_null(void) {
325 - return (STACK *)sk_X509_EXTENSION_new_null();
326 +STACK_OF(X509_EXTENSION) *sk_x509_extension_new_null(void) {
327 + return sk_X509_EXTENSION_new_null();
330 /* sk_X509_EXTENSION_free() is a macro. */
331 -void sk_x509_extension_free(STACK *stack) {
332 - sk_X509_EXTENSION_free((STACK_OF(X509_EXTENSION) *)stack);
333 +void sk_x509_extension_free(STACK_OF(X509_EXTENSION) *stack) {
334 + sk_X509_EXTENSION_free(stack);
337 /* sk_X509_EXTENSION_push() is a macro. */
338 -int sk_x509_extension_push(STACK *stack, X509_EXTENSION *x509_ext) {
339 - return sk_X509_EXTENSION_push((STACK_OF(X509_EXTENSION) *)stack, x509_ext);
340 +int sk_x509_extension_push(STACK_OF(X509_EXTENSION) *stack, X509_EXTENSION *x509_ext) {
341 + return sk_X509_EXTENSION_push(stack, x509_ext);
344 /* sk_X509_EXTENSION_pop() is a macro. */
345 -X509_EXTENSION *sk_x509_extension_pop(STACK *stack) {
346 - return sk_X509_EXTENSION_pop((STACK_OF(X509_EXTENSION) *)stack);
347 +X509_EXTENSION *sk_x509_extension_pop(STACK_OF(X509_EXTENSION) *stack) {
348 + return sk_X509_EXTENSION_pop(stack);
351 /* sk_X509_EXTENSION_num() is a macro. */
352 -int sk_x509_extension_num(STACK *stack) {
353 - return sk_X509_EXTENSION_num((STACK_OF(X509_EXTENSION) *)stack);
354 +int sk_x509_extension_num(STACK_OF(X509_EXTENSION) *stack) {
355 + return sk_X509_EXTENSION_num(stack);
358 /* sk_X509_EXTENSION_value() is a macro. */
359 -X509_EXTENSION *sk_x509_extension_value(STACK *stack, int i) {
360 - return sk_X509_EXTENSION_value((STACK_OF(X509_EXTENSION) *)stack, i);
361 +X509_EXTENSION *sk_x509_extension_value(STACK_OF(X509_EXTENSION) *stack, int i) {
362 + return sk_X509_EXTENSION_value(stack, i);
365 /* X509_STORE_CTX_get_app_data is a macro. */
367 #define I2DTYPE int (*)()
372 make_stack_from_der_sequence(PyObject * pyEncodedString){
373 STACK_OF(X509) *certs;
374 Py_ssize_t encoded_string_len;
379 - certs = ASN1_seq_unpack((unsigned char *)encoded_string, encoded_string_len, (D2ITYPE)d2i_X509, (void(*)())X509_free );
380 + certs = ASN1_seq_unpack_X509((unsigned char *)encoded_string, encoded_string_len, d2i_X509, X509_free );
382 PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error()));
384 @@ -616,13 +640,13 @@
388 -get_der_encoding_stack(STACK * stack){
389 +get_der_encoding_stack(STACK_OF(X509) *stack){
390 PyObject * encodedString;
392 unsigned char * encoding;
395 - encoding = ASN1_seq_pack((STACK_OF(X509)*) stack, (I2DTYPE)i2d_X509, NULL, &len);
396 + encoding = ASN1_seq_pack_X509(stack, i2d_X509, NULL, &len);
398 PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error()));
401 ===================================================================
402 --- SWIG/_aes.i (revision 695)
403 +++ SWIG/_aes.i (working copy)
405 AES_encrypt((const unsigned char *)in, out, key);
407 AES_decrypt((const unsigned char *)in, out, key);
408 - return PyString_FromStringAndSize(out, outlen);
409 + return PyString_FromStringAndSize((char*)out, outlen);
412 int AES_type_check(AES_KEY *key) {
414 ===================================================================
415 --- SWIG/_util.i (revision 695)
416 +++ SWIG/_util.i (working copy)
418 PyErr_SetString(_util_err, ERR_reason_error_string(ERR_get_error()));
421 - obj = PyString_FromStringAndSize(ret, len);
422 + obj = PyString_FromStringAndSize((char*)ret, len);
426 Index: SWIG/_m2crypto.i
427 ===================================================================
428 --- SWIG/_m2crypto.i (revision 695)
429 +++ SWIG/_m2crypto.i (working copy)
434 +/* Bring in STACK_OF macro definition */
435 +%include <openssl/safestack.h>
437 +/* Bring in LHASH_OF macro definition */
438 +/* XXX Can't include lhash.h where LHASH_OF is defined, because it includes
439 + XXX stdio.h etc. which we fail to include. So we have to (re)define
440 + XXX LHASH_OF here instead.
441 +%include <openssl/lhash.h>
443 +#if OPENSSL_VERSION_NUMBER >= 0x10000000L
444 +#define LHASH_OF(type) struct lhash_st_##type
447 %include constraints.i
451 ===================================================================
452 --- SWIG/_rand.i (revision 695)
453 +++ SWIG/_rand.i (working copy)
458 - PyTuple_SET_ITEM(tuple, 0, PyString_FromStringAndSize(blob, n));
459 + PyTuple_SET_ITEM(tuple, 0, PyString_FromStringAndSize((char*)blob, n));
461 PyTuple_SET_ITEM(tuple, 1, PyInt_FromLong((long)ret));
464 ===================================================================
465 --- SWIG/_pkcs7.i (revision 695)
466 +++ SWIG/_pkcs7.i (working copy)
468 %apply Pointer NONNULL { EVP_CIPHER * };
469 %apply Pointer NONNULL { EVP_PKEY * };
470 %apply Pointer NONNULL { PKCS7 * };
471 -%apply Pointer NONNULL { STACK * };
472 +%apply Pointer NONNULL { STACK_OF(X509) * };
473 %apply Pointer NONNULL { X509 * };
475 %rename(pkcs7_new) PKCS7_new;
478 %threadallow pkcs7_encrypt;
480 -PKCS7 *pkcs7_encrypt(STACK *stack, BIO *bio, EVP_CIPHER *cipher, int flags) {
481 - return PKCS7_encrypt((STACK_OF(X509) *)stack, bio, cipher, flags);
482 +PKCS7 *pkcs7_encrypt(STACK_OF(X509) *stack, BIO *bio, EVP_CIPHER *cipher, int flags) {
483 + return PKCS7_encrypt(stack, bio, cipher, flags);
486 PyObject *pkcs7_decrypt(PKCS7 *pkcs7, EVP_PKEY *pkey, X509 *cert, int flags) {
489 %threadallow pkcs7_sign1;
491 -PKCS7 *pkcs7_sign1(X509 *x509, EVP_PKEY *pkey, STACK *stack, BIO *bio, int flags) {
492 - return PKCS7_sign(x509, pkey, (STACK_OF(X509) *)stack, bio, flags);
493 +PKCS7 *pkcs7_sign1(X509 *x509, EVP_PKEY *pkey, STACK_OF(X509) *stack, BIO *bio, int flags) {
494 + return PKCS7_sign(x509, pkey, stack, bio, flags);
498 %threadallow pkcs7_verify1;
500 -PyObject *pkcs7_verify1(PKCS7 *pkcs7, STACK *stack, X509_STORE *store, BIO *data, int flags) {
501 +PyObject *pkcs7_verify1(PKCS7 *pkcs7, STACK_OF(X509) *stack, X509_STORE *store, BIO *data, int flags) {
506 PyErr_SetString(PyExc_MemoryError, "pkcs7_verify1");
509 - if (!PKCS7_verify(pkcs7, (STACK_OF(X509) *)stack, store, data, bio, flags)) {
510 + if (!PKCS7_verify(pkcs7, stack, store, data, bio, flags)) {
511 PyErr_SetString(_pkcs7_err, ERR_reason_error_string(ERR_get_error()));
518 -PyObject *pkcs7_verify0(PKCS7 *pkcs7, STACK *stack, X509_STORE *store, int flags) {
519 +PyObject *pkcs7_verify0(PKCS7 *pkcs7, STACK_OF(X509) *stack, X509_STORE *store, int flags) {
520 return pkcs7_verify1(pkcs7, stack, store, NULL, flags);
526 /* return STACK_OF(X509)* */
527 -STACK *pkcs7_get0_signers(PKCS7 *p7, STACK *certs, int flags) {
528 +STACK_OF(X509) *pkcs7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) {
529 return PKCS7_get0_signers(p7, certs, flags);