Merge lp:~jtaylor/ubuntu/oneiric/m2crypto/cleanup into lp:ubuntu/oneiric/m2crypto

Proposed by Julian Taylor
Status: Merged
Merged at revision: 24
Proposed branch: lp:~jtaylor/ubuntu/oneiric/m2crypto/cleanup
Merge into: lp:ubuntu/oneiric/m2crypto
Diff against target: 783 lines (+642/-8)
15 files modified
M2Crypto/m2urllib2.py (+0/-1)
debian/README.source (+2/-0)
debian/changelog (+31/-0)
debian/control (+1/-1)
debian/patches/disable_sslv2_test.patch (+17/-0)
debian/patches/fix_build_with_new_openssl.patch (+487/-0)
debian/patches/fix_kill_signal.patch (+17/-0)
debian/patches/fix_sslv2_test.patch (+19/-0)
debian/patches/fix_sslv2_test2.patch (+54/-0)
debian/patches/series (+5/-0)
debian/rules (+1/-1)
debian/source/format (+1/-0)
debian/watch (+1/-0)
tests/test_smime.py (+4/-3)
tests/test_ssl.py (+2/-2)
To merge this branch: bzr merge lp:~jtaylor/ubuntu/oneiric/m2crypto/cleanup
Reviewer Review Type Date Requested Status
Ubuntu branches Pending
Review via email: mp+71102@code.launchpad.net

Description of the change

remove undistributable file (see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=634015)
merge with debian, fixes new openssl ftbs
switch do dh_python2
quiltify existing patches
add patch to fix testsuite for new openssl

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'M2Crypto/m2urllib2.py'
2--- M2Crypto/m2urllib2.py 2009-11-06 01:28:39 +0000
3+++ M2Crypto/m2urllib2.py 2011-08-10 19:50:59 +0000
4@@ -14,7 +14,6 @@
5 import socket
6 from urllib2 import *
7 import urlparse
8-import inspect
9
10 import SSL
11 import httpslib
12
13=== added file 'debian/README.source'
14--- debian/README.source 1970-01-01 00:00:00 +0000
15+++ debian/README.source 2011-08-10 19:50:59 +0000
16@@ -0,0 +1,2 @@
17+removed non-free files in 0.20.1+dfsg1:
18+demo/x509/proxylib.py
19
20=== modified file 'debian/changelog'
21--- debian/changelog 2010-12-03 00:04:32 +0000
22+++ debian/changelog 2011-08-10 19:50:59 +0000
23@@ -1,3 +1,34 @@
24+m2crypto (0.20.1+dfsg1-1.1ubuntu1) oneiric; urgency=low
25+
26+ * repackage upstream
27+ - remove non-free demo/x509/proxylib.py
28+ * switch to dh_python2 (LP: #788514)
29+ * switch to 3.0 (quilt)
30+ - converted all upstream changes to patches
31+ - fix_sslv2_test.patch: testsuite patch for sslv2 deactivation
32+ - fix_build_with_new_openssl.patch: build fix from debian 0.20.1-1.1
33+ * Merge from debian testing, remaining changes:
34+ - disable_sslv2_test.patch: disable sslv23_weak_crypto test as it is expected to
35+ fail with SSLv2 having been disabled in openssl 0.9.8o-1ubuntu3.
36+ (LP: #600549)
37+ - fix_sslv2_test2.patch: fix testsuite with newer openssl. (LP: #600549)
38+ - Backported from http://svn.osafoundation.org/viewvc/m2crypto/trunk/tests/test_smime.py?r1=698&r2=721
39+ - debian/control: Add openssl for FTBFS.
40+ - debian/rules; enable testsuite, add more files to "clean" rule.
41+ - fix_kill_signal.patch: use signal 9 to kill old s_server processes
42+ to work around build HUP signal-ignore-mask (LP: #451998).
43+
44+ -- Julian Taylor <jtaylor.debian@googlemail.com> Wed, 10 Aug 2011 17:01:24 +0200
45+
46+m2crypto (0.20.1-1.1) unstable; urgency=low
47+
48+ * Non-maintainer upload.
49+ * Backport revision 721 from upstream SVN repository to fix build errors
50+ with libssl-dev >= 1.0.0. (Closes: #622001)
51+ * Do not provide sslv2_method if SSLv2 is not available.
52+
53+ -- Sebastian Ramacher <s.ramacher@gmx.at> Fri, 24 Jun 2011 17:27:46 +0200
54+
55 m2crypto (0.20.1-1ubuntu5) natty; urgency=low
56
57 * Rebuild to add support for python 2.7.
58
59=== modified file 'debian/control'
60--- debian/control 2010-04-23 12:55:10 +0000
61+++ debian/control 2011-08-10 19:50:59 +0000
62@@ -3,7 +3,7 @@
63 Priority: optional
64 Maintainer: Ubuntu MOTU Developers <ubuntu-motu@lists.ubuntu.com>
65 XSBC-Original-Maintainer: Dima Barsky <dima@debian.org>
66-Build-Depends: debhelper (>= 5.0.37.2), python-all-dev (>= 2.3.5-11), python-support (>= 0.4), libssl-dev (>= 0.9.7), swig (>= 1.3.24), python-setuptools (>=0.6c5-3), openssl
67+Build-Depends: debhelper (>= 5.0.37.2), python-all-dev (>= 2.6.6-3~), libssl-dev (>= 0.9.7), swig (>= 1.3.24), python-setuptools (>=0.6c5-3), openssl
68 Standards-Version: 3.8.3
69
70 Package: python-m2crypto
71
72=== added directory 'debian/patches'
73=== added file 'debian/patches/disable_sslv2_test.patch'
74--- debian/patches/disable_sslv2_test.patch 1970-01-01 00:00:00 +0000
75+++ debian/patches/disable_sslv2_test.patch 2011-08-10 19:50:59 +0000
76@@ -0,0 +1,17 @@
77+Description: disable sslv2 test
78+ disable sslv23_weak_crypto test as it is expected to
79+ fail with SSLv2 having been disabled in openssl 0.9.8o-1ubuntu3.
80+Bug.Ubuntu: https://bugs.launchpad.net/ubuntu/+source/m2crypto/+bug/600549
81+Author: Marc Deslauriers <marc.deslauriers@ubuntu.com>
82+Origin: 0.20.1-1ubuntu4
83+--- m2crypto-0.20.1.orig/tests/test_ssl.py
84++++ m2crypto-0.20.1/tests/test_ssl.py
85+@@ -398,7 +398,7 @@ class MiscSSLClientTestCase(BaseSSLClien
86+ finally:
87+ self.stop_server(pid)
88+
89+- def test_sslv23_weak_crypto(self):
90++ def disabled_test_sslv23_weak_crypto(self):
91+ if fips_mode: # TLS is required in FIPS mode
92+ return
93+ self.args = self.args + ['-no_tls1', '-no_ssl3']
94
95=== added file 'debian/patches/fix_build_with_new_openssl.patch'
96--- debian/patches/fix_build_with_new_openssl.patch 1970-01-01 00:00:00 +0000
97+++ debian/patches/fix_build_with_new_openssl.patch 2011-08-10 19:50:59 +0000
98@@ -0,0 +1,487 @@
99+Description: fix ftbs with openssl 1.0.0
100+ Backport revision 721 from upstream SVN repository to fix build errors
101+ with libssl-dev >= 1.0.0
102+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622001
103+Author: Sebastian Ramacher <s.ramacher@gmx.at>
104+--- m2crypto-0.20.1.orig/M2Crypto/m2urllib2.py
105++++ m2crypto-0.20.1/M2Crypto/m2urllib2.py
106+@@ -14,6 +14,7 @@ Summary of changes:
107+ import socket
108+ from urllib2 import *
109+ import urlparse
110++import inspect
111+
112+ import SSL
113+ import httpslib
114+--- m2crypto-0.20.1.orig/SWIG/_evp.i
115++++ m2crypto-0.20.1/SWIG/_evp.i
116+@@ -180,7 +180,7 @@ PyObject *pkcs5_pbkdf2_hmac_sha1(PyObjec
117+
118+ PKCS5_PBKDF2_HMAC_SHA1(passbuf, passlen, saltbuf, saltlen, iter,
119+ keylen, key);
120+- ret = PyString_FromStringAndSize(key, keylen);
121++ ret = PyString_FromStringAndSize((char*)key, keylen);
122+ OPENSSL_cleanse(key, keylen);
123+ return ret;
124+ }
125+@@ -339,7 +339,7 @@ PyObject *bytes_to_key(const EVP_CIPHER
126+ klen = EVP_BytesToKey(cipher, md, (unsigned char *)sbuf,
127+ (unsigned char *)dbuf, dlen, iter,
128+ key, NULL); /* Since we are not returning IV no need to derive it */
129+- ret = PyString_FromStringAndSize(key, klen);
130++ ret = PyString_FromStringAndSize((char*)key, klen);
131+ return ret;
132+ }
133+
134+@@ -435,7 +435,7 @@ PyObject *sign_final(EVP_MD_CTX *ctx, EV
135+ PyErr_SetString(_evp_err, ERR_reason_error_string(ERR_get_error()));
136+ return NULL;
137+ }
138+- ret = PyString_FromStringAndSize(sigbuf, siglen);
139++ ret = PyString_FromStringAndSize((char*)sigbuf, siglen);
140+ OPENSSL_cleanse(sigbuf, siglen);
141+ OPENSSL_free(sigbuf);
142+ return ret;
143+@@ -513,7 +513,7 @@ PyObject *pkey_as_der(EVP_PKEY *pkey) {
144+ PyErr_SetString(PyExc_ValueError, "EVP_PKEY as DER failed");
145+ return NULL;
146+ }
147+- der = PyString_FromStringAndSize(pp, len);
148++ der = PyString_FromStringAndSize((char*)pp, len);
149+ OPENSSL_free(pp);
150+ return der;
151+ }
152+--- m2crypto-0.20.1.orig/SWIG/_m2crypto.i
153++++ m2crypto-0.20.1/SWIG/_m2crypto.i
154+@@ -38,6 +38,19 @@ static PyObject *ssl_set_tmp_rsa_cb_func
155+ #define CONST098
156+ #endif
157+
158++/* Bring in STACK_OF macro definition */
159++%include <openssl/safestack.h>
160++
161++/* Bring in LHASH_OF macro definition */
162++/* XXX Can't include lhash.h where LHASH_OF is defined, because it includes
163++ XXX stdio.h etc. which we fail to include. So we have to (re)define
164++ XXX LHASH_OF here instead.
165++%include <openssl/lhash.h>
166++*/
167++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
168++#define LHASH_OF(type) struct lhash_st_##type
169++#endif
170++
171+ %include constraints.i
172+ %include _threads.i
173+ %include _lib.i
174+--- m2crypto-0.20.1.orig/SWIG/_rand.i
175++++ m2crypto-0.20.1/SWIG/_rand.i
176+@@ -87,7 +87,7 @@ PyObject *rand_pseudo_bytes(int n) {
177+ Py_INCREF(Py_None);
178+ return Py_None;
179+ } else {
180+- PyTuple_SET_ITEM(tuple, 0, PyString_FromStringAndSize(blob, n));
181++ PyTuple_SET_ITEM(tuple, 0, PyString_FromStringAndSize((char*)blob, n));
182+ PyMem_Free(blob);
183+ PyTuple_SET_ITEM(tuple, 1, PyInt_FromLong((long)ret));
184+ return tuple;
185+--- m2crypto-0.20.1.orig/SWIG/_pkcs7.i
186++++ m2crypto-0.20.1/SWIG/_pkcs7.i
187+@@ -12,7 +12,7 @@
188+ %apply Pointer NONNULL { EVP_CIPHER * };
189+ %apply Pointer NONNULL { EVP_PKEY * };
190+ %apply Pointer NONNULL { PKCS7 * };
191+-%apply Pointer NONNULL { STACK * };
192++%apply Pointer NONNULL { STACK_OF(X509) * };
193+ %apply Pointer NONNULL { X509 * };
194+
195+ %rename(pkcs7_new) PKCS7_new;
196+@@ -54,8 +54,8 @@ void smime_init(PyObject *smime_err) {
197+
198+ %threadallow pkcs7_encrypt;
199+ %inline %{
200+-PKCS7 *pkcs7_encrypt(STACK *stack, BIO *bio, EVP_CIPHER *cipher, int flags) {
201+- return PKCS7_encrypt((STACK_OF(X509) *)stack, bio, cipher, flags);
202++PKCS7 *pkcs7_encrypt(STACK_OF(X509) *stack, BIO *bio, EVP_CIPHER *cipher, int flags) {
203++ return PKCS7_encrypt(stack, bio, cipher, flags);
204+ }
205+
206+ PyObject *pkcs7_decrypt(PKCS7 *pkcs7, EVP_PKEY *pkey, X509 *cert, int flags) {
207+@@ -96,14 +96,14 @@ PKCS7 *pkcs7_sign0(X509 *x509, EVP_PKEY
208+
209+ %threadallow pkcs7_sign1;
210+ %inline %{
211+-PKCS7 *pkcs7_sign1(X509 *x509, EVP_PKEY *pkey, STACK *stack, BIO *bio, int flags) {
212+- return PKCS7_sign(x509, pkey, (STACK_OF(X509) *)stack, bio, flags);
213++PKCS7 *pkcs7_sign1(X509 *x509, EVP_PKEY *pkey, STACK_OF(X509) *stack, BIO *bio, int flags) {
214++ return PKCS7_sign(x509, pkey, stack, bio, flags);
215+ }
216+ %}
217+
218+ %threadallow pkcs7_verify1;
219+ %inline %{
220+-PyObject *pkcs7_verify1(PKCS7 *pkcs7, STACK *stack, X509_STORE *store, BIO *data, int flags) {
221++PyObject *pkcs7_verify1(PKCS7 *pkcs7, STACK_OF(X509) *stack, X509_STORE *store, BIO *data, int flags) {
222+ int outlen;
223+ char *outbuf;
224+ BIO *bio;
225+@@ -113,7 +113,7 @@ PyObject *pkcs7_verify1(PKCS7 *pkcs7, ST
226+ PyErr_SetString(PyExc_MemoryError, "pkcs7_verify1");
227+ return NULL;
228+ }
229+- if (!PKCS7_verify(pkcs7, (STACK_OF(X509) *)stack, store, data, bio, flags)) {
230++ if (!PKCS7_verify(pkcs7, stack, store, data, bio, flags)) {
231+ PyErr_SetString(_pkcs7_err, ERR_reason_error_string(ERR_get_error()));
232+ BIO_free(bio);
233+ return NULL;
234+@@ -131,7 +131,7 @@ PyObject *pkcs7_verify1(PKCS7 *pkcs7, ST
235+ return ret;
236+ }
237+
238+-PyObject *pkcs7_verify0(PKCS7 *pkcs7, STACK *stack, X509_STORE *store, int flags) {
239++PyObject *pkcs7_verify0(PKCS7 *pkcs7, STACK_OF(X509) *stack, X509_STORE *store, int flags) {
240+ return pkcs7_verify1(pkcs7, stack, store, NULL, flags);
241+ }
242+ %}
243+@@ -229,7 +229,7 @@ int smime_crlf_copy(BIO *in, BIO *out) {
244+ }
245+
246+ /* return STACK_OF(X509)* */
247+-STACK *pkcs7_get0_signers(PKCS7 *p7, STACK *certs, int flags) {
248++STACK_OF(X509) *pkcs7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) {
249+ return PKCS7_get0_signers(p7, certs, flags);
250+ }
251+
252+--- m2crypto-0.20.1.orig/SWIG/_util.i
253++++ m2crypto-0.20.1/SWIG/_util.i
254+@@ -48,7 +48,7 @@ PyObject *util_string_to_hex(PyObject *b
255+ PyErr_SetString(_util_err, ERR_reason_error_string(ERR_get_error()));
256+ return NULL;
257+ }
258+- obj = PyString_FromStringAndSize(ret, len);
259++ obj = PyString_FromStringAndSize((char*)ret, len);
260+ OPENSSL_free(ret);
261+ return obj;
262+ }
263+--- m2crypto-0.20.1.orig/SWIG/_x509.i
264++++ m2crypto-0.20.1/SWIG/_x509.i
265+@@ -148,8 +148,15 @@ extern int X509_NAME_add_entry_by_NID(X5
266+ extern int X509_NAME_print_ex(BIO *, X509_NAME *, int, unsigned long);
267+ %rename(x509_name_print_ex_fp) X509_NAME_print_ex_fp;
268+ extern int X509_NAME_print_ex_fp(FILE *, X509_NAME *, int, unsigned long);
269++
270++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
271++%rename(x509_name_hash) X509_NAME_hash_old;
272++extern unsigned long X509_NAME_hash_old(X509_NAME *);
273++#else
274+ %rename(x509_name_hash) X509_NAME_hash;
275+ extern unsigned long X509_NAME_hash(X509_NAME *);
276++#endif
277++
278+ %rename(x509_name_get_index_by_nid) X509_NAME_get_index_by_NID;
279+ extern int X509_NAME_get_index_by_NID(X509_NAME *, int, int);
280+
281+@@ -171,7 +178,7 @@ extern ASN1_STRING *X509_NAME_ENTRY_get_
282+ if (PyString_Check($input)) {
283+ Py_ssize_t len;
284+
285+- $1 = PyString_AsString($input);
286++ $1 = (unsigned char *)PyString_AsString($input);
287+ len = PyString_Size($input);
288+ if (len > INT_MAX) {
289+ PyErr_SetString(PyExc_ValueError, "object too large");
290+@@ -184,7 +191,7 @@ extern ASN1_STRING *X509_NAME_ENTRY_get_
291+ }
292+ }
293+ %rename(x509_name_entry_set_data) X509_NAME_ENTRY_set_data;
294+-extern int X509_NAME_ENTRY_set_data( X509_NAME_ENTRY *, int, CONST unsigned char *, int);
295++extern int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *, int, CONST unsigned char *, int);
296+ %typemap(in) (CONST unsigned char *, int);
297+
298+ %rename(x509_req_new) X509_REQ_new;
299+@@ -230,7 +237,7 @@ extern int X509_STORE_CTX_get_error_dept
300+ %rename(x509_store_ctx_free) X509_STORE_CTX_free;
301+ extern void X509_STORE_CTX_free(X509_STORE_CTX *);
302+ %rename(x509_store_ctx_get1_chain) X509_STORE_CTX_get1_chain;
303+-extern STACK *X509_STORE_CTX_get1_chain(X509_STORE_CTX *);
304++extern STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *);
305+
306+ %rename(x509_extension_get_critical) X509_EXTENSION_get_critical;
307+ extern int X509_EXTENSION_get_critical(X509_EXTENSION *);
308+@@ -348,7 +355,7 @@ PyObject *i2d_x509(X509 *x)
309+ PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error()));
310+ }
311+ else {
312+- ret = PyString_FromStringAndSize(buf, len);
313++ ret = PyString_FromStringAndSize((char*)buf, len);
314+ OPENSSL_free(buf);
315+ }
316+ return ret;
317+@@ -435,12 +442,12 @@ PyObject *x509_name_by_nid(X509_NAME *na
318+ }
319+
320+ int x509_name_set_by_nid(X509_NAME *name, int nid, PyObject *obj) {
321+- return X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC, PyString_AsString(obj), -1, -1, 0);
322++ return X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC, (unsigned char *)PyString_AsString(obj), -1, -1, 0);
323+ }
324+
325+ /* x509_name_add_entry_by_txt */
326+ int x509_name_add_entry_by_txt(X509_NAME *name, char *field, int type, char *bytes, int len, int loc, int set) {
327+- return X509_NAME_add_entry_by_txt(name, field, type, bytes, len, loc, set);
328++ return X509_NAME_add_entry_by_txt(name, field, type, (unsigned char *)bytes, len, loc, set);
329+ }
330+
331+ PyObject *x509_name_get_der(X509_NAME *name)
332+@@ -450,23 +457,23 @@ PyObject *x509_name_get_der(X509_NAME *n
333+ }
334+
335+ /* sk_X509_new_null() is a macro returning "STACK_OF(X509) *". */
336+-STACK *sk_x509_new_null(void) {
337+- return (STACK *)sk_X509_new_null();
338++STACK_OF(X509) *sk_x509_new_null(void) {
339++ return sk_X509_new_null();
340+ }
341+
342+ /* sk_X509_free() is a macro. */
343+-void sk_x509_free(STACK *stack) {
344+- sk_X509_free((STACK_OF(X509) *)stack);
345++void sk_x509_free(STACK_OF(X509) *stack) {
346++ sk_X509_free(stack);
347+ }
348+
349+ /* sk_X509_push() is a macro. */
350+-int sk_x509_push(STACK *stack, X509 *x509) {
351+- return sk_X509_push((STACK_OF(X509) *)stack, x509);
352++int sk_x509_push(STACK_OF(X509) *stack, X509 *x509) {
353++ return sk_X509_push(stack, x509);
354+ }
355+
356+ /* sk_X509_pop() is a macro. */
357+-X509 *sk_x509_pop(STACK *stack) {
358+- return sk_X509_pop((STACK_OF(X509) *)stack);
359++X509 *sk_x509_pop(STACK_OF(X509) *stack) {
360++ return sk_X509_pop(stack);
361+ }
362+
363+ int x509_store_load_locations(X509_STORE *store, const char *file) {
364+@@ -493,21 +500,29 @@ int x509_req_set_version(X509_REQ *x, lo
365+ return X509_REQ_set_version(x, version);
366+ }
367+
368+-int x509_req_add_extensions(X509_REQ *req, STACK *exts) {
369+- return X509_REQ_add_extensions(req, (STACK_OF(X509_EXTENSION) *)exts);
370++int x509_req_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts) {
371++ return X509_REQ_add_extensions(req, exts);
372+ }
373+
374+-X509_NAME_ENTRY *x509_name_entry_create_by_txt( X509_NAME_ENTRY **ne, char *field, int type, char *bytes, int len) {
375+- return X509_NAME_ENTRY_create_by_txt( ne, field, type, bytes, len);
376++X509_NAME_ENTRY *x509_name_entry_create_by_txt(X509_NAME_ENTRY **ne, char *field, int type, char *bytes, int len) {
377++ return X509_NAME_ENTRY_create_by_txt( ne, field, type, (unsigned char *)bytes, len);
378+ }
379+
380+-LHASH *
381+-x509v3_lhash(){
382+- return lh_new(NULL,NULL);
383++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
384++LHASH_OF(CONF_VALUE)
385++#else
386++LHASH
387++#endif
388++*x509v3_lhash() {
389++ return lh_new(NULL, NULL); /* Should probably be lh_CONF_VALUE_new but won't compile. */
390+ }
391+
392+ X509V3_CTX *
393+-x509v3_set_conf_lhash(LHASH * lhash){
394++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
395++x509v3_set_conf_lhash(LHASH_OF(CONF_VALUE) * lhash) {
396++#else
397++x509v3_set_conf_lhash(LHASH * lhash) {
398++#endif
399+ X509V3_CTX * ctx;
400+ if (!(ctx=(X509V3_CTX *)PyMem_Malloc(sizeof(X509V3_CTX)))) {
401+ PyErr_SetString(PyExc_MemoryError, "x509v3_set_conf_lhash");
402+@@ -517,11 +532,20 @@ x509v3_set_conf_lhash(LHASH * lhash){
403+ return ctx;
404+ }
405+
406+-X509_EXTENSION *x509v3_ext_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value) {
407++X509_EXTENSION *
408++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
409++x509v3_ext_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, char *name, char *value) {
410++#else
411++x509v3_ext_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value) {
412++#endif
413+ X509_EXTENSION * ext = NULL;
414+ ext = X509V3_EXT_conf(conf, ctx, name, value);
415+ PyMem_Free(ctx);
416++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
417++ lh_CONF_VALUE_free(conf);
418++#else
419+ lh_free(conf);
420++#endif
421+ return ext;
422+ }
423+
424+@@ -543,33 +567,33 @@ PyObject *x509_extension_get_name(X509_E
425+ }
426+
427+ /* sk_X509_EXTENSION_new_null is a macro. */
428+-STACK *sk_x509_extension_new_null(void) {
429+- return (STACK *)sk_X509_EXTENSION_new_null();
430++STACK_OF(X509_EXTENSION) *sk_x509_extension_new_null(void) {
431++ return sk_X509_EXTENSION_new_null();
432+ }
433+
434+ /* sk_X509_EXTENSION_free() is a macro. */
435+-void sk_x509_extension_free(STACK *stack) {
436+- sk_X509_EXTENSION_free((STACK_OF(X509_EXTENSION) *)stack);
437++void sk_x509_extension_free(STACK_OF(X509_EXTENSION) *stack) {
438++ sk_X509_EXTENSION_free(stack);
439+ }
440+
441+ /* sk_X509_EXTENSION_push() is a macro. */
442+-int sk_x509_extension_push(STACK *stack, X509_EXTENSION *x509_ext) {
443+- return sk_X509_EXTENSION_push((STACK_OF(X509_EXTENSION) *)stack, x509_ext);
444++int sk_x509_extension_push(STACK_OF(X509_EXTENSION) *stack, X509_EXTENSION *x509_ext) {
445++ return sk_X509_EXTENSION_push(stack, x509_ext);
446+ }
447+
448+ /* sk_X509_EXTENSION_pop() is a macro. */
449+-X509_EXTENSION *sk_x509_extension_pop(STACK *stack) {
450+- return sk_X509_EXTENSION_pop((STACK_OF(X509_EXTENSION) *)stack);
451++X509_EXTENSION *sk_x509_extension_pop(STACK_OF(X509_EXTENSION) *stack) {
452++ return sk_X509_EXTENSION_pop(stack);
453+ }
454+
455+ /* sk_X509_EXTENSION_num() is a macro. */
456+-int sk_x509_extension_num(STACK *stack) {
457+- return sk_X509_EXTENSION_num((STACK_OF(X509_EXTENSION) *)stack);
458++int sk_x509_extension_num(STACK_OF(X509_EXTENSION) *stack) {
459++ return sk_X509_EXTENSION_num(stack);
460+ }
461+
462+ /* sk_X509_EXTENSION_value() is a macro. */
463+-X509_EXTENSION *sk_x509_extension_value(STACK *stack, int i) {
464+- return sk_X509_EXTENSION_value((STACK_OF(X509_EXTENSION) *)stack, i);
465++X509_EXTENSION *sk_x509_extension_value(STACK_OF(X509_EXTENSION) *stack, int i) {
466++ return sk_X509_EXTENSION_value(stack, i);
467+ }
468+
469+ /* X509_STORE_CTX_get_app_data is a macro. */
470+@@ -590,7 +614,7 @@ Used in the wrapping of ASN1_seq_unpack
471+ #define I2DTYPE int (*)()
472+ #endif
473+
474+-STACK *
475++STACK_OF(X509) *
476+ make_stack_from_der_sequence(PyObject * pyEncodedString){
477+ STACK_OF(X509) *certs;
478+ Py_ssize_t encoded_string_len;
479+@@ -606,7 +630,7 @@ make_stack_from_der_sequence(PyObject *
480+ return NULL;
481+ }
482+
483+- certs = ASN1_seq_unpack((unsigned char *)encoded_string, encoded_string_len, (D2ITYPE)d2i_X509, (void(*)())X509_free );
484++ certs = ASN1_seq_unpack_X509((unsigned char *)encoded_string, encoded_string_len, d2i_X509, X509_free );
485+ if (!certs) {
486+ PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error()));
487+ return NULL;
488+@@ -616,13 +640,13 @@ make_stack_from_der_sequence(PyObject *
489+ }
490+
491+ PyObject *
492+-get_der_encoding_stack(STACK * stack){
493++get_der_encoding_stack(STACK_OF(X509) *stack){
494+ PyObject * encodedString;
495+
496+ unsigned char * encoding;
497+ int len;
498+
499+- encoding = ASN1_seq_pack((STACK_OF(X509)*) stack, (I2DTYPE)i2d_X509, NULL, &len);
500++ encoding = ASN1_seq_pack_X509(stack, i2d_X509, NULL, &len);
501+ if (!encoding) {
502+ PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error()));
503+ return NULL;
504+--- m2crypto-0.20.1.orig/SWIG/_aes.i
505++++ m2crypto-0.20.1/SWIG/_aes.i
506+@@ -76,7 +76,7 @@ PyObject *AES_crypt(const AES_KEY *key,
507+ AES_encrypt((const unsigned char *)in, out, key);
508+ else
509+ AES_decrypt((const unsigned char *)in, out, key);
510+- return PyString_FromStringAndSize(out, outlen);
511++ return PyString_FromStringAndSize((char*)out, outlen);
512+ }
513+
514+ int AES_type_check(AES_KEY *key) {
515+--- m2crypto-0.20.1.orig/SWIG/_ssl.i
516++++ m2crypto-0.20.1/SWIG/_ssl.i
517+@@ -17,13 +17,17 @@
518+ %apply Pointer NONNULL { SSL_CTX * };
519+ %apply Pointer NONNULL { SSL * };
520+ %apply Pointer NONNULL { SSL_CIPHER * };
521+-%apply Pointer NONNULL { STACK * };
522++%apply Pointer NONNULL { STACK_OF(SSL_CIPHER) * };
523++%apply Pointer NONNULL { STACK_OF(X509) * };
524+ %apply Pointer NONNULL { BIO * };
525+ %apply Pointer NONNULL { DH * };
526+ %apply Pointer NONNULL { RSA * };
527+ %apply Pointer NONNULL { EVP_PKEY *};
528+ %apply Pointer NONNULL { PyObject *pyfunc };
529+
530++%rename(ssl_get_ciphers) SSL_get_ciphers;
531++extern STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);
532++
533+ %rename(ssl_get_version) SSL_get_version;
534+ extern const char *SSL_get_version(CONST SSL *);
535+ %rename(ssl_get_error) SSL_get_error;
536+@@ -41,8 +45,10 @@ extern const char *SSL_alert_desc_string
537+ %rename(ssl_get_alert_desc_v) SSL_alert_desc_string_long;
538+ extern const char *SSL_alert_desc_string_long(int);
539+
540++#ifndef OPENSSL_NO_SSL2
541+ %rename(sslv2_method) SSLv2_method;
542+ extern SSL_METHOD *SSLv2_method(void);
543++#endif
544+ %rename(sslv3_method) SSLv3_method;
545+ extern SSL_METHOD *SSLv3_method(void);
546+ %rename(sslv23_method) SSLv23_method;
547+@@ -668,28 +674,24 @@ int ssl_cipher_get_bits(SSL_CIPHER *c) {
548+ return SSL_CIPHER_get_bits(c, NULL);
549+ }
550+
551+-STACK *ssl_get_ciphers(SSL *ssl) {
552+- return (STACK *)SSL_get_ciphers(ssl);
553+-}
554+-
555+-int sk_ssl_cipher_num(STACK *stack) {
556+- return sk_num(stack);
557++int sk_ssl_cipher_num(STACK_OF(SSL_CIPHER) *stack) {
558++ return sk_SSL_CIPHER_num(stack);
559+ }
560+
561+-SSL_CIPHER *sk_ssl_cipher_value(STACK *stack, int idx) {
562+- return (SSL_CIPHER *)sk_value(stack, idx);
563++SSL_CIPHER *sk_ssl_cipher_value(STACK_OF(SSL_CIPHER) *stack, int idx) {
564++ return sk_SSL_CIPHER_value(stack, idx);
565+ }
566+
567+-STACK *ssl_get_peer_cert_chain(SSL *ssl) {
568+- return (STACK *)SSL_get_peer_cert_chain(ssl);
569++STACK_OF(X509) *ssl_get_peer_cert_chain(SSL *ssl) {
570++ return SSL_get_peer_cert_chain(ssl);
571+ }
572+
573+-int sk_x509_num(STACK *stack) {
574+- return sk_num(stack);
575++int sk_x509_num(STACK_OF(X509) *stack) {
576++ return sk_X509_num(stack);
577+ }
578+
579+-X509 *sk_x509_value(STACK *stack, int idx) {
580+- return (X509 *)sk_value(stack, idx);
581++X509 *sk_x509_value(STACK_OF(X509) *stack, int idx) {
582++ return sk_X509_value(stack, idx);
583+ }
584+ %}
585+
586
587=== added file 'debian/patches/fix_kill_signal.patch'
588--- debian/patches/fix_kill_signal.patch 1970-01-01 00:00:00 +0000
589+++ debian/patches/fix_kill_signal.patch 2011-08-10 19:50:59 +0000
590@@ -0,0 +1,17 @@
591+Description: fix kill signal
592+ use signal 9 to kill old s_server processes
593+ to work around build HUP signal-ignore-mask (LP: #451998).
594+Author: Chuck Short <zulcss@ubuntu.com>
595+Origin: 0.20.1-1ubuntu1
596+Bug-Ubuntu: https://bugs.launchpad.net/bugs/451998
597+--- m2crypto-0.20.1.orig/tests/test_ssl.py
598++++ m2crypto-0.20.1/tests/test_ssl.py
599+@@ -92,7 +92,7 @@ class BaseSSLClientTestCase(unittest.Tes
600+ return pid
601+
602+ def stop_server(self, pid):
603+- os.kill(pid, 1)
604++ os.kill(pid, 9)
605+ os.waitpid(pid, 0)
606+
607+ def http_get(self, s):
608
609=== added file 'debian/patches/fix_sslv2_test.patch'
610--- debian/patches/fix_sslv2_test.patch 1970-01-01 00:00:00 +0000
611+++ debian/patches/fix_sslv2_test.patch 2011-08-10 19:50:59 +0000
612@@ -0,0 +1,19 @@
613+Description: fix test_sslv23_no_v2_no_service test
614+ sslv2 is disabled in openssl 1.0.0 thus sslv23 will build up an sslv3
615+ connection instead of throwing an error
616+Author: Julian Taylor <jtaylor.debian@googlemail.com>
617+Forwarded: no
618+=== modified file 'tests/test_ssl.py'
619+--- m2crypto.orig/tests/test_ssl.py 2010-10-01 11:58:15 +0000
620++++ m2crypto/tests/test_ssl.py 2011-08-10 17:25:08 +0000
621+@@ -392,7 +392,8 @@
622+ try:
623+ ctx = SSL.Context('sslv23')
624+ s = SSL.Connection(ctx)
625+- self.assertRaises(SSL.SSLError, s.connect, self.srv_addr)
626++ s.connect(self.srv_addr)
627++ self.failUnlessEqual(s.get_version(), 'SSLv3')
628+ s.close()
629+ finally:
630+ self.stop_server(pid)
631+
632
633=== added file 'debian/patches/fix_sslv2_test2.patch'
634--- debian/patches/fix_sslv2_test2.patch 1970-01-01 00:00:00 +0000
635+++ debian/patches/fix_sslv2_test2.patch 2011-08-10 19:50:59 +0000
636@@ -0,0 +1,54 @@
637+Description: fix testsuite for newer openssl
638+Origin: 0.20.1-1ubuntu3
639+Applied-Upstream: http://svn.osafoundation.org/viewvc/m2crypto/trunk/tests/test_smime.py?r1=698&r2=721
640+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/m2crypto/+bug/600549
641+Author: Marc Deslauriers <marc.deslauriers@ubuntu.com>
642+--- m2crypto-0.20.1.orig/tests/test_smime.py
643++++ m2crypto-0.20.1/tests/test_smime.py
644+@@ -37,7 +37,7 @@ class SMIMETestCase(unittest.TestCase):
645+ buf = BIO.MemoryBuffer(self.cleartext)
646+ s = SMIME.SMIME()
647+ s.load_key('tests/signer_key.pem', 'tests/signer.pem')
648+- p7 = s.sign(buf)
649++ p7 = s.sign(buf, SMIME.PKCS7_DETACHED)
650+ assert len(buf) == 0
651+ assert p7.type() == SMIME.PKCS7_SIGNED, p7.type()
652+ assert isinstance(p7, SMIME.PKCS7), p7
653+@@ -73,9 +73,8 @@ class SMIMETestCase(unittest.TestCase):
654+
655+ p7, data = SMIME.smime_load_pkcs7_bio(self.signed)
656+
657+- assert data.read() == self.cleartext
658+ assert isinstance(p7, SMIME.PKCS7), p7
659+- v = s.verify(p7)
660++ v = s.verify(p7, data)
661+ assert v == self.cleartext
662+
663+ t = p7.get0_signers(sk)
664+@@ -169,7 +168,7 @@ class SMIMETestCase(unittest.TestCase):
665+ s.set_cipher(SMIME.Cipher('des_ede3_cbc'))
666+
667+ tmp = BIO.MemoryBuffer()
668+- s.write(tmp, p7, buf)
669++ s.write(tmp, p7)
670+
671+ p7 = s.encrypt(tmp)
672+
673+@@ -211,6 +210,7 @@ class WriteLoadTestCase(unittest.TestCas
674+ assert p7.write(f) == 1
675+ f.close()
676+
677++ p7 = s.sign(BIO.MemoryBuffer('some text'), SMIME.PKCS7_DETACHED)
678+ self.filenameSmime = 'tests/sig.p7s'
679+ f = BIO.openfile(self.filenameSmime, 'wb')
680+ assert s.write(f, p7, BIO.MemoryBuffer('some text')) == 1
681+@@ -220,7 +220,7 @@ class WriteLoadTestCase(unittest.TestCas
682+ buf = BIO.MemoryBuffer()
683+ assert SMIME.load_pkcs7(self.filename).write_der(buf) == 1
684+ s = buf.read()
685+- assert len(s) == 1204, len(s)
686++ assert len(s) in (1204, 1243), len(s)
687+
688+ def test_load_pkcs7(self):
689+ assert SMIME.load_pkcs7(self.filename).type() == SMIME.PKCS7_SIGNED
690+
691
692=== added file 'debian/patches/series'
693--- debian/patches/series 1970-01-01 00:00:00 +0000
694+++ debian/patches/series 2011-08-10 19:50:59 +0000
695@@ -0,0 +1,5 @@
696+disable_sslv2_test.patch
697+fix_build_with_new_openssl.patch
698+fix_kill_signal.patch
699+fix_sslv2_test2.patch
700+fix_sslv2_test.patch
701
702=== modified file 'debian/rules'
703--- debian/rules 2009-10-16 12:51:15 +0000
704+++ debian/rules 2011-08-10 19:50:59 +0000
705@@ -73,7 +73,7 @@
706 dh_strip
707 dh_compress
708 dh_fixperms
709- dh_pysupport
710+ dh_python2
711 dh_installdeb
712 dh_shlibdeps
713 dh_gencontrol
714
715=== added directory 'debian/source'
716=== added file 'debian/source/format'
717--- debian/source/format 1970-01-01 00:00:00 +0000
718+++ debian/source/format 2011-08-10 19:50:59 +0000
719@@ -0,0 +1,1 @@
720+3.0 (quilt)
721
722=== modified file 'debian/watch'
723--- debian/watch 2009-06-15 22:11:39 +0000
724+++ debian/watch 2011-08-10 19:50:59 +0000
725@@ -1,2 +1,3 @@
726 version=3
727+opts=dversionmangle=s/\+dfsg// \
728 http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-(.*).tar.gz
729
730=== modified file 'tests/test_smime.py'
731--- tests/test_smime.py 2010-07-09 11:17:57 +0000
732+++ tests/test_smime.py 2011-08-10 19:50:59 +0000
733@@ -37,7 +37,7 @@
734 buf = BIO.MemoryBuffer(self.cleartext)
735 s = SMIME.SMIME()
736 s.load_key('tests/signer_key.pem', 'tests/signer.pem')
737- p7 = s.sign(buf, SMIME.PKCS7_DETACHED)
738+ p7 = s.sign(buf)
739 assert len(buf) == 0
740 assert p7.type() == SMIME.PKCS7_SIGNED, p7.type()
741 assert isinstance(p7, SMIME.PKCS7), p7
742@@ -73,8 +73,9 @@
743
744 p7, data = SMIME.smime_load_pkcs7_bio(self.signed)
745
746+ assert data.read() == self.cleartext
747 assert isinstance(p7, SMIME.PKCS7), p7
748- v = s.verify(p7, data)
749+ v = s.verify(p7)
750 assert v == self.cleartext
751
752 t = p7.get0_signers(sk)
753@@ -168,7 +169,7 @@
754 s.set_cipher(SMIME.Cipher('des_ede3_cbc'))
755
756 tmp = BIO.MemoryBuffer()
757- s.write(tmp, p7)
758+ s.write(tmp, p7, buf)
759
760 p7 = s.encrypt(tmp)
761
762
763=== modified file 'tests/test_ssl.py'
764--- tests/test_ssl.py 2010-10-01 11:58:15 +0000
765+++ tests/test_ssl.py 2011-08-10 19:50:59 +0000
766@@ -92,7 +92,7 @@
767 return pid
768
769 def stop_server(self, pid):
770- os.kill(pid, 9)
771+ os.kill(pid, 1)
772 os.waitpid(pid, 0)
773
774 def http_get(self, s):
775@@ -397,7 +397,7 @@
776 finally:
777 self.stop_server(pid)
778
779- def disabled_test_sslv23_weak_crypto(self):
780+ def test_sslv23_weak_crypto(self):
781 if fips_mode: # TLS is required in FIPS mode
782 return
783 self.args = self.args + ['-no_tls1', '-no_ssl3']

Subscribers

People subscribed via source and target branches

to all changes: