Ubuntu
m2crypto package

Merge lp:~jtaylor/ubuntu/oneiric/m2crypto/cleanup into lp:ubuntu/oneiric/m2crypto

  1. Oneiric (11.10)
  2. cleanup
  3. Merge into oneiric
Proposed by Julian Taylor
Status: Merged
Merged at revision: 24
Proposed branch: lp:~jtaylor/ubuntu/oneiric/m2crypto/cleanup
Merge into: lp:ubuntu/oneiric/m2crypto
Diff against target: 783 lines (+642/-8)
15 files modified
M2Crypto/m2urllib2.py (+0/-1)
debian/README.source (+2/-0)
debian/changelog (+31/-0)
debian/control (+1/-1)
debian/patches/disable_sslv2_test.patch (+17/-0)
debian/patches/fix_build_with_new_openssl.patch (+487/-0)
debian/patches/fix_kill_signal.patch (+17/-0)
debian/patches/fix_sslv2_test.patch (+19/-0)
debian/patches/fix_sslv2_test2.patch (+54/-0)
debian/patches/series (+5/-0)
debian/rules (+1/-1)
debian/source/format (+1/-0)
debian/watch (+1/-0)
tests/test_smime.py (+4/-3)
tests/test_ssl.py (+2/-2)
To merge this branch: bzr merge lp:~jtaylor/ubuntu/oneiric/m2crypto/cleanup
Reviewer Review Type Date Requested Status
Ubuntu branches Pending
Review via email: mp+71102@code.launchpad.net

Description of the change

remove undistributable file (see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=634015)
merge with debian, fixes new openssl ftbs
switch do dh_python2
quiltify existing patches
add patch to fix testsuite for new openssl

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'M2Crypto/m2urllib2.py'
--- M2Crypto/m2urllib2.py 2009-11-06 01:28:39 +0000
+++ M2Crypto/m2urllib2.py 2011-08-10 19:50:59 +0000
@@ -14,7 +14,6 @@
14import socket14import socket
15from urllib2 import *15from urllib2 import *
16import urlparse16import urlparse
17import inspect
1817
19import SSL18import SSL
20import httpslib19import httpslib
2120
=== added file 'debian/README.source'
--- debian/README.source 1970-01-01 00:00:00 +0000
+++ debian/README.source 2011-08-10 19:50:59 +0000
@@ -0,0 +1,2 @@
1removed non-free files in 0.20.1+dfsg1:
2demo/x509/proxylib.py
03
=== modified file 'debian/changelog'
--- debian/changelog 2010-12-03 00:04:32 +0000
+++ debian/changelog 2011-08-10 19:50:59 +0000
@@ -1,3 +1,34 @@
1m2crypto (0.20.1+dfsg1-1.1ubuntu1) oneiric; urgency=low
2
3 * repackage upstream
4 - remove non-free demo/x509/proxylib.py
5 * switch to dh_python2 (LP: #788514)
6 * switch to 3.0 (quilt)
7 - converted all upstream changes to patches
8 - fix_sslv2_test.patch: testsuite patch for sslv2 deactivation
9 - fix_build_with_new_openssl.patch: build fix from debian 0.20.1-1.1
10 * Merge from debian testing, remaining changes:
11 - disable_sslv2_test.patch: disable sslv23_weak_crypto test as it is expected to
12 fail with SSLv2 having been disabled in openssl 0.9.8o-1ubuntu3.
13 (LP: #600549)
14 - fix_sslv2_test2.patch: fix testsuite with newer openssl. (LP: #600549)
15 - Backported from http://svn.osafoundation.org/viewvc/m2crypto/trunk/tests/test_smime.py?r1=698&r2=721
16 - debian/control: Add openssl for FTBFS.
17 - debian/rules; enable testsuite, add more files to "clean" rule.
18 - fix_kill_signal.patch: use signal 9 to kill old s_server processes
19 to work around build HUP signal-ignore-mask (LP: #451998).
20
21 -- Julian Taylor <jtaylor.debian@googlemail.com> Wed, 10 Aug 2011 17:01:24 +0200
22
23m2crypto (0.20.1-1.1) unstable; urgency=low
24
25 * Non-maintainer upload.
26 * Backport revision 721 from upstream SVN repository to fix build errors
27 with libssl-dev >= 1.0.0. (Closes: #622001)
28 * Do not provide sslv2_method if SSLv2 is not available.
29
30 -- Sebastian Ramacher <s.ramacher@gmx.at> Fri, 24 Jun 2011 17:27:46 +0200
31
1m2crypto (0.20.1-1ubuntu5) natty; urgency=low32m2crypto (0.20.1-1ubuntu5) natty; urgency=low
233
3 * Rebuild to add support for python 2.7.34 * Rebuild to add support for python 2.7.
435
=== modified file 'debian/control'
--- debian/control 2010-04-23 12:55:10 +0000
+++ debian/control 2011-08-10 19:50:59 +0000
@@ -3,7 +3,7 @@
3Priority: optional3Priority: optional
4Maintainer: Ubuntu MOTU Developers <ubuntu-motu@lists.ubuntu.com>4Maintainer: Ubuntu MOTU Developers <ubuntu-motu@lists.ubuntu.com>
5XSBC-Original-Maintainer: Dima Barsky <dima@debian.org>5XSBC-Original-Maintainer: Dima Barsky <dima@debian.org>
6Build-Depends: debhelper (>= 5.0.37.2), python-all-dev (>= 2.3.5-11), python-support (>= 0.4), libssl-dev (>= 0.9.7), swig (>= 1.3.24), python-setuptools (>=0.6c5-3), openssl6Build-Depends: debhelper (>= 5.0.37.2), python-all-dev (>= 2.6.6-3~), libssl-dev (>= 0.9.7), swig (>= 1.3.24), python-setuptools (>=0.6c5-3), openssl
7Standards-Version: 3.8.37Standards-Version: 3.8.3
88
9Package: python-m2crypto9Package: python-m2crypto
1010
=== added directory 'debian/patches'
=== added file 'debian/patches/disable_sslv2_test.patch'
--- debian/patches/disable_sslv2_test.patch 1970-01-01 00:00:00 +0000
+++ debian/patches/disable_sslv2_test.patch 2011-08-10 19:50:59 +0000
@@ -0,0 +1,17 @@
1Description: disable sslv2 test
2 disable sslv23_weak_crypto test as it is expected to
3 fail with SSLv2 having been disabled in openssl 0.9.8o-1ubuntu3.
4Bug.Ubuntu: https://bugs.launchpad.net/ubuntu/+source/m2crypto/+bug/600549
5Author: Marc Deslauriers <marc.deslauriers@ubuntu.com>
6Origin: 0.20.1-1ubuntu4
7--- m2crypto-0.20.1.orig/tests/test_ssl.py
8+++ m2crypto-0.20.1/tests/test_ssl.py
9@@ -398,7 +398,7 @@ class MiscSSLClientTestCase(BaseSSLClien
10 finally:
11 self.stop_server(pid)
12
13- def test_sslv23_weak_crypto(self):
14+ def disabled_test_sslv23_weak_crypto(self):
15 if fips_mode: # TLS is required in FIPS mode
16 return
17 self.args = self.args + ['-no_tls1', '-no_ssl3']
018
=== added file 'debian/patches/fix_build_with_new_openssl.patch'
--- debian/patches/fix_build_with_new_openssl.patch 1970-01-01 00:00:00 +0000
+++ debian/patches/fix_build_with_new_openssl.patch 2011-08-10 19:50:59 +0000
@@ -0,0 +1,487 @@
1Description: fix ftbs with openssl 1.0.0
2 Backport revision 721 from upstream SVN repository to fix build errors
3 with libssl-dev >= 1.0.0
4Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622001
5Author: Sebastian Ramacher <s.ramacher@gmx.at>
6--- m2crypto-0.20.1.orig/M2Crypto/m2urllib2.py
7+++ m2crypto-0.20.1/M2Crypto/m2urllib2.py
8@@ -14,6 +14,7 @@ Summary of changes:
9 import socket
10 from urllib2 import *
11 import urlparse
12+import inspect
13
14 import SSL
15 import httpslib
16--- m2crypto-0.20.1.orig/SWIG/_evp.i
17+++ m2crypto-0.20.1/SWIG/_evp.i
18@@ -180,7 +180,7 @@ PyObject *pkcs5_pbkdf2_hmac_sha1(PyObjec
19
20 PKCS5_PBKDF2_HMAC_SHA1(passbuf, passlen, saltbuf, saltlen, iter,
21 keylen, key);
22- ret = PyString_FromStringAndSize(key, keylen);
23+ ret = PyString_FromStringAndSize((char*)key, keylen);
24 OPENSSL_cleanse(key, keylen);
25 return ret;
26 }
27@@ -339,7 +339,7 @@ PyObject *bytes_to_key(const EVP_CIPHER
28 klen = EVP_BytesToKey(cipher, md, (unsigned char *)sbuf,
29 (unsigned char *)dbuf, dlen, iter,
30 key, NULL); /* Since we are not returning IV no need to derive it */
31- ret = PyString_FromStringAndSize(key, klen);
32+ ret = PyString_FromStringAndSize((char*)key, klen);
33 return ret;
34 }
35
36@@ -435,7 +435,7 @@ PyObject *sign_final(EVP_MD_CTX *ctx, EV
37 PyErr_SetString(_evp_err, ERR_reason_error_string(ERR_get_error()));
38 return NULL;
39 }
40- ret = PyString_FromStringAndSize(sigbuf, siglen);
41+ ret = PyString_FromStringAndSize((char*)sigbuf, siglen);
42 OPENSSL_cleanse(sigbuf, siglen);
43 OPENSSL_free(sigbuf);
44 return ret;
45@@ -513,7 +513,7 @@ PyObject *pkey_as_der(EVP_PKEY *pkey) {
46 PyErr_SetString(PyExc_ValueError, "EVP_PKEY as DER failed");
47 return NULL;
48 }
49- der = PyString_FromStringAndSize(pp, len);
50+ der = PyString_FromStringAndSize((char*)pp, len);
51 OPENSSL_free(pp);
52 return der;
53 }
54--- m2crypto-0.20.1.orig/SWIG/_m2crypto.i
55+++ m2crypto-0.20.1/SWIG/_m2crypto.i
56@@ -38,6 +38,19 @@ static PyObject *ssl_set_tmp_rsa_cb_func
57 #define CONST098
58 #endif
59
60+/* Bring in STACK_OF macro definition */
61+%include <openssl/safestack.h>
62+
63+/* Bring in LHASH_OF macro definition */
64+/* XXX Can't include lhash.h where LHASH_OF is defined, because it includes
65+ XXX stdio.h etc. which we fail to include. So we have to (re)define
66+ XXX LHASH_OF here instead.
67+%include <openssl/lhash.h>
68+*/
69+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
70+#define LHASH_OF(type) struct lhash_st_##type
71+#endif
72+
73 %include constraints.i
74 %include _threads.i
75 %include _lib.i
76--- m2crypto-0.20.1.orig/SWIG/_rand.i
77+++ m2crypto-0.20.1/SWIG/_rand.i
78@@ -87,7 +87,7 @@ PyObject *rand_pseudo_bytes(int n) {
79 Py_INCREF(Py_None);
80 return Py_None;
81 } else {
82- PyTuple_SET_ITEM(tuple, 0, PyString_FromStringAndSize(blob, n));
83+ PyTuple_SET_ITEM(tuple, 0, PyString_FromStringAndSize((char*)blob, n));
84 PyMem_Free(blob);
85 PyTuple_SET_ITEM(tuple, 1, PyInt_FromLong((long)ret));
86 return tuple;
87--- m2crypto-0.20.1.orig/SWIG/_pkcs7.i
88+++ m2crypto-0.20.1/SWIG/_pkcs7.i
89@@ -12,7 +12,7 @@
90 %apply Pointer NONNULL { EVP_CIPHER * };
91 %apply Pointer NONNULL { EVP_PKEY * };
92 %apply Pointer NONNULL { PKCS7 * };
93-%apply Pointer NONNULL { STACK * };
94+%apply Pointer NONNULL { STACK_OF(X509) * };
95 %apply Pointer NONNULL { X509 * };
96
97 %rename(pkcs7_new) PKCS7_new;
98@@ -54,8 +54,8 @@ void smime_init(PyObject *smime_err) {
99
100 %threadallow pkcs7_encrypt;
101 %inline %{
102-PKCS7 *pkcs7_encrypt(STACK *stack, BIO *bio, EVP_CIPHER *cipher, int flags) {
103- return PKCS7_encrypt((STACK_OF(X509) *)stack, bio, cipher, flags);
104+PKCS7 *pkcs7_encrypt(STACK_OF(X509) *stack, BIO *bio, EVP_CIPHER *cipher, int flags) {
105+ return PKCS7_encrypt(stack, bio, cipher, flags);
106 }
107
108 PyObject *pkcs7_decrypt(PKCS7 *pkcs7, EVP_PKEY *pkey, X509 *cert, int flags) {
109@@ -96,14 +96,14 @@ PKCS7 *pkcs7_sign0(X509 *x509, EVP_PKEY
110
111 %threadallow pkcs7_sign1;
112 %inline %{
113-PKCS7 *pkcs7_sign1(X509 *x509, EVP_PKEY *pkey, STACK *stack, BIO *bio, int flags) {
114- return PKCS7_sign(x509, pkey, (STACK_OF(X509) *)stack, bio, flags);
115+PKCS7 *pkcs7_sign1(X509 *x509, EVP_PKEY *pkey, STACK_OF(X509) *stack, BIO *bio, int flags) {
116+ return PKCS7_sign(x509, pkey, stack, bio, flags);
117 }
118 %}
119
120 %threadallow pkcs7_verify1;
121 %inline %{
122-PyObject *pkcs7_verify1(PKCS7 *pkcs7, STACK *stack, X509_STORE *store, BIO *data, int flags) {
123+PyObject *pkcs7_verify1(PKCS7 *pkcs7, STACK_OF(X509) *stack, X509_STORE *store, BIO *data, int flags) {
124 int outlen;
125 char *outbuf;
126 BIO *bio;
127@@ -113,7 +113,7 @@ PyObject *pkcs7_verify1(PKCS7 *pkcs7, ST
128 PyErr_SetString(PyExc_MemoryError, "pkcs7_verify1");
129 return NULL;
130 }
131- if (!PKCS7_verify(pkcs7, (STACK_OF(X509) *)stack, store, data, bio, flags)) {
132+ if (!PKCS7_verify(pkcs7, stack, store, data, bio, flags)) {
133 PyErr_SetString(_pkcs7_err, ERR_reason_error_string(ERR_get_error()));
134 BIO_free(bio);
135 return NULL;
136@@ -131,7 +131,7 @@ PyObject *pkcs7_verify1(PKCS7 *pkcs7, ST
137 return ret;
138 }
139
140-PyObject *pkcs7_verify0(PKCS7 *pkcs7, STACK *stack, X509_STORE *store, int flags) {
141+PyObject *pkcs7_verify0(PKCS7 *pkcs7, STACK_OF(X509) *stack, X509_STORE *store, int flags) {
142 return pkcs7_verify1(pkcs7, stack, store, NULL, flags);
143 }
144 %}
145@@ -229,7 +229,7 @@ int smime_crlf_copy(BIO *in, BIO *out) {
146 }
147
148 /* return STACK_OF(X509)* */
149-STACK *pkcs7_get0_signers(PKCS7 *p7, STACK *certs, int flags) {
150+STACK_OF(X509) *pkcs7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) {
151 return PKCS7_get0_signers(p7, certs, flags);
152 }
153
154--- m2crypto-0.20.1.orig/SWIG/_util.i
155+++ m2crypto-0.20.1/SWIG/_util.i
156@@ -48,7 +48,7 @@ PyObject *util_string_to_hex(PyObject *b
157 PyErr_SetString(_util_err, ERR_reason_error_string(ERR_get_error()));
158 return NULL;
159 }
160- obj = PyString_FromStringAndSize(ret, len);
161+ obj = PyString_FromStringAndSize((char*)ret, len);
162 OPENSSL_free(ret);
163 return obj;
164 }
165--- m2crypto-0.20.1.orig/SWIG/_x509.i
166+++ m2crypto-0.20.1/SWIG/_x509.i
167@@ -148,8 +148,15 @@ extern int X509_NAME_add_entry_by_NID(X5
168 extern int X509_NAME_print_ex(BIO *, X509_NAME *, int, unsigned long);
169 %rename(x509_name_print_ex_fp) X509_NAME_print_ex_fp;
170 extern int X509_NAME_print_ex_fp(FILE *, X509_NAME *, int, unsigned long);
171+
172+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
173+%rename(x509_name_hash) X509_NAME_hash_old;
174+extern unsigned long X509_NAME_hash_old(X509_NAME *);
175+#else
176 %rename(x509_name_hash) X509_NAME_hash;
177 extern unsigned long X509_NAME_hash(X509_NAME *);
178+#endif
179+
180 %rename(x509_name_get_index_by_nid) X509_NAME_get_index_by_NID;
181 extern int X509_NAME_get_index_by_NID(X509_NAME *, int, int);
182
183@@ -171,7 +178,7 @@ extern ASN1_STRING *X509_NAME_ENTRY_get_
184 if (PyString_Check($input)) {
185 Py_ssize_t len;
186
187- $1 = PyString_AsString($input);
188+ $1 = (unsigned char *)PyString_AsString($input);
189 len = PyString_Size($input);
190 if (len > INT_MAX) {
191 PyErr_SetString(PyExc_ValueError, "object too large");
192@@ -184,7 +191,7 @@ extern ASN1_STRING *X509_NAME_ENTRY_get_
193 }
194 }
195 %rename(x509_name_entry_set_data) X509_NAME_ENTRY_set_data;
196-extern int X509_NAME_ENTRY_set_data( X509_NAME_ENTRY *, int, CONST unsigned char *, int);
197+extern int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *, int, CONST unsigned char *, int);
198 %typemap(in) (CONST unsigned char *, int);
199
200 %rename(x509_req_new) X509_REQ_new;
201@@ -230,7 +237,7 @@ extern int X509_STORE_CTX_get_error_dept
202 %rename(x509_store_ctx_free) X509_STORE_CTX_free;
203 extern void X509_STORE_CTX_free(X509_STORE_CTX *);
204 %rename(x509_store_ctx_get1_chain) X509_STORE_CTX_get1_chain;
205-extern STACK *X509_STORE_CTX_get1_chain(X509_STORE_CTX *);
206+extern STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *);
207
208 %rename(x509_extension_get_critical) X509_EXTENSION_get_critical;
209 extern int X509_EXTENSION_get_critical(X509_EXTENSION *);
210@@ -348,7 +355,7 @@ PyObject *i2d_x509(X509 *x)
211 PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error()));
212 }
213 else {
214- ret = PyString_FromStringAndSize(buf, len);
215+ ret = PyString_FromStringAndSize((char*)buf, len);
216 OPENSSL_free(buf);
217 }
218 return ret;
219@@ -435,12 +442,12 @@ PyObject *x509_name_by_nid(X509_NAME *na
220 }
221
222 int x509_name_set_by_nid(X509_NAME *name, int nid, PyObject *obj) {
223- return X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC, PyString_AsString(obj), -1, -1, 0);
224+ return X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC, (unsigned char *)PyString_AsString(obj), -1, -1, 0);
225 }
226
227 /* x509_name_add_entry_by_txt */
228 int x509_name_add_entry_by_txt(X509_NAME *name, char *field, int type, char *bytes, int len, int loc, int set) {
229- return X509_NAME_add_entry_by_txt(name, field, type, bytes, len, loc, set);
230+ return X509_NAME_add_entry_by_txt(name, field, type, (unsigned char *)bytes, len, loc, set);
231 }
232
233 PyObject *x509_name_get_der(X509_NAME *name)
234@@ -450,23 +457,23 @@ PyObject *x509_name_get_der(X509_NAME *n
235 }
236
237 /* sk_X509_new_null() is a macro returning "STACK_OF(X509) *". */
238-STACK *sk_x509_new_null(void) {
239- return (STACK *)sk_X509_new_null();
240+STACK_OF(X509) *sk_x509_new_null(void) {
241+ return sk_X509_new_null();
242 }
243
244 /* sk_X509_free() is a macro. */
245-void sk_x509_free(STACK *stack) {
246- sk_X509_free((STACK_OF(X509) *)stack);
247+void sk_x509_free(STACK_OF(X509) *stack) {
248+ sk_X509_free(stack);
249 }
250
251 /* sk_X509_push() is a macro. */
252-int sk_x509_push(STACK *stack, X509 *x509) {
253- return sk_X509_push((STACK_OF(X509) *)stack, x509);
254+int sk_x509_push(STACK_OF(X509) *stack, X509 *x509) {
255+ return sk_X509_push(stack, x509);
256 }
257
258 /* sk_X509_pop() is a macro. */
259-X509 *sk_x509_pop(STACK *stack) {
260- return sk_X509_pop((STACK_OF(X509) *)stack);
261+X509 *sk_x509_pop(STACK_OF(X509) *stack) {
262+ return sk_X509_pop(stack);
263 }
264
265 int x509_store_load_locations(X509_STORE *store, const char *file) {
266@@ -493,21 +500,29 @@ int x509_req_set_version(X509_REQ *x, lo
267 return X509_REQ_set_version(x, version);
268 }
269
270-int x509_req_add_extensions(X509_REQ *req, STACK *exts) {
271- return X509_REQ_add_extensions(req, (STACK_OF(X509_EXTENSION) *)exts);
272+int x509_req_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts) {
273+ return X509_REQ_add_extensions(req, exts);
274 }
275
276-X509_NAME_ENTRY *x509_name_entry_create_by_txt( X509_NAME_ENTRY **ne, char *field, int type, char *bytes, int len) {
277- return X509_NAME_ENTRY_create_by_txt( ne, field, type, bytes, len);
278+X509_NAME_ENTRY *x509_name_entry_create_by_txt(X509_NAME_ENTRY **ne, char *field, int type, char *bytes, int len) {
279+ return X509_NAME_ENTRY_create_by_txt( ne, field, type, (unsigned char *)bytes, len);
280 }
281
282-LHASH *
283-x509v3_lhash(){
284- return lh_new(NULL,NULL);
285+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
286+LHASH_OF(CONF_VALUE)
287+#else
288+LHASH
289+#endif
290+*x509v3_lhash() {
291+ return lh_new(NULL, NULL); /* Should probably be lh_CONF_VALUE_new but won't compile. */
292 }
293
294 X509V3_CTX *
295-x509v3_set_conf_lhash(LHASH * lhash){
296+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
297+x509v3_set_conf_lhash(LHASH_OF(CONF_VALUE) * lhash) {
298+#else
299+x509v3_set_conf_lhash(LHASH * lhash) {
300+#endif
301 X509V3_CTX * ctx;
302 if (!(ctx=(X509V3_CTX *)PyMem_Malloc(sizeof(X509V3_CTX)))) {
303 PyErr_SetString(PyExc_MemoryError, "x509v3_set_conf_lhash");
304@@ -517,11 +532,20 @@ x509v3_set_conf_lhash(LHASH * lhash){
305 return ctx;
306 }
307
308-X509_EXTENSION *x509v3_ext_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value) {
309+X509_EXTENSION *
310+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
311+x509v3_ext_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, char *name, char *value) {
312+#else
313+x509v3_ext_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value) {
314+#endif
315 X509_EXTENSION * ext = NULL;
316 ext = X509V3_EXT_conf(conf, ctx, name, value);
317 PyMem_Free(ctx);
318+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
319+ lh_CONF_VALUE_free(conf);
320+#else
321 lh_free(conf);
322+#endif
323 return ext;
324 }
325
326@@ -543,33 +567,33 @@ PyObject *x509_extension_get_name(X509_E
327 }
328
329 /* sk_X509_EXTENSION_new_null is a macro. */
330-STACK *sk_x509_extension_new_null(void) {
331- return (STACK *)sk_X509_EXTENSION_new_null();
332+STACK_OF(X509_EXTENSION) *sk_x509_extension_new_null(void) {
333+ return sk_X509_EXTENSION_new_null();
334 }
335
336 /* sk_X509_EXTENSION_free() is a macro. */
337-void sk_x509_extension_free(STACK *stack) {
338- sk_X509_EXTENSION_free((STACK_OF(X509_EXTENSION) *)stack);
339+void sk_x509_extension_free(STACK_OF(X509_EXTENSION) *stack) {
340+ sk_X509_EXTENSION_free(stack);
341 }
342
343 /* sk_X509_EXTENSION_push() is a macro. */
344-int sk_x509_extension_push(STACK *stack, X509_EXTENSION *x509_ext) {
345- return sk_X509_EXTENSION_push((STACK_OF(X509_EXTENSION) *)stack, x509_ext);
346+int sk_x509_extension_push(STACK_OF(X509_EXTENSION) *stack, X509_EXTENSION *x509_ext) {
347+ return sk_X509_EXTENSION_push(stack, x509_ext);
348 }
349
350 /* sk_X509_EXTENSION_pop() is a macro. */
351-X509_EXTENSION *sk_x509_extension_pop(STACK *stack) {
352- return sk_X509_EXTENSION_pop((STACK_OF(X509_EXTENSION) *)stack);
353+X509_EXTENSION *sk_x509_extension_pop(STACK_OF(X509_EXTENSION) *stack) {
354+ return sk_X509_EXTENSION_pop(stack);
355 }
356
357 /* sk_X509_EXTENSION_num() is a macro. */
358-int sk_x509_extension_num(STACK *stack) {
359- return sk_X509_EXTENSION_num((STACK_OF(X509_EXTENSION) *)stack);
360+int sk_x509_extension_num(STACK_OF(X509_EXTENSION) *stack) {
361+ return sk_X509_EXTENSION_num(stack);
362 }
363
364 /* sk_X509_EXTENSION_value() is a macro. */
365-X509_EXTENSION *sk_x509_extension_value(STACK *stack, int i) {
366- return sk_X509_EXTENSION_value((STACK_OF(X509_EXTENSION) *)stack, i);
367+X509_EXTENSION *sk_x509_extension_value(STACK_OF(X509_EXTENSION) *stack, int i) {
368+ return sk_X509_EXTENSION_value(stack, i);
369 }
370
371 /* X509_STORE_CTX_get_app_data is a macro. */
372@@ -590,7 +614,7 @@ Used in the wrapping of ASN1_seq_unpack
373 #define I2DTYPE int (*)()
374 #endif
375
376-STACK *
377+STACK_OF(X509) *
378 make_stack_from_der_sequence(PyObject * pyEncodedString){
379 STACK_OF(X509) *certs;
380 Py_ssize_t encoded_string_len;
381@@ -606,7 +630,7 @@ make_stack_from_der_sequence(PyObject *
382 return NULL;
383 }
384
385- certs = ASN1_seq_unpack((unsigned char *)encoded_string, encoded_string_len, (D2ITYPE)d2i_X509, (void(*)())X509_free );
386+ certs = ASN1_seq_unpack_X509((unsigned char *)encoded_string, encoded_string_len, d2i_X509, X509_free );
387 if (!certs) {
388 PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error()));
389 return NULL;
390@@ -616,13 +640,13 @@ make_stack_from_der_sequence(PyObject *
391 }
392
393 PyObject *
394-get_der_encoding_stack(STACK * stack){
395+get_der_encoding_stack(STACK_OF(X509) *stack){
396 PyObject * encodedString;
397
398 unsigned char * encoding;
399 int len;
400
401- encoding = ASN1_seq_pack((STACK_OF(X509)*) stack, (I2DTYPE)i2d_X509, NULL, &len);
402+ encoding = ASN1_seq_pack_X509(stack, i2d_X509, NULL, &len);
403 if (!encoding) {
404 PyErr_SetString(_x509_err, ERR_reason_error_string(ERR_get_error()));
405 return NULL;
406--- m2crypto-0.20.1.orig/SWIG/_aes.i
407+++ m2crypto-0.20.1/SWIG/_aes.i
408@@ -76,7 +76,7 @@ PyObject *AES_crypt(const AES_KEY *key,
409 AES_encrypt((const unsigned char *)in, out, key);
410 else
411 AES_decrypt((const unsigned char *)in, out, key);
412- return PyString_FromStringAndSize(out, outlen);
413+ return PyString_FromStringAndSize((char*)out, outlen);
414 }
415
416 int AES_type_check(AES_KEY *key) {
417--- m2crypto-0.20.1.orig/SWIG/_ssl.i
418+++ m2crypto-0.20.1/SWIG/_ssl.i
419@@ -17,13 +17,17 @@
420 %apply Pointer NONNULL { SSL_CTX * };
421 %apply Pointer NONNULL { SSL * };
422 %apply Pointer NONNULL { SSL_CIPHER * };
423-%apply Pointer NONNULL { STACK * };
424+%apply Pointer NONNULL { STACK_OF(SSL_CIPHER) * };
425+%apply Pointer NONNULL { STACK_OF(X509) * };
426 %apply Pointer NONNULL { BIO * };
427 %apply Pointer NONNULL { DH * };
428 %apply Pointer NONNULL { RSA * };
429 %apply Pointer NONNULL { EVP_PKEY *};
430 %apply Pointer NONNULL { PyObject *pyfunc };
431
432+%rename(ssl_get_ciphers) SSL_get_ciphers;
433+extern STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);
434+
435 %rename(ssl_get_version) SSL_get_version;
436 extern const char *SSL_get_version(CONST SSL *);
437 %rename(ssl_get_error) SSL_get_error;
438@@ -41,8 +45,10 @@ extern const char *SSL_alert_desc_string
439 %rename(ssl_get_alert_desc_v) SSL_alert_desc_string_long;
440 extern const char *SSL_alert_desc_string_long(int);
441
442+#ifndef OPENSSL_NO_SSL2
443 %rename(sslv2_method) SSLv2_method;
444 extern SSL_METHOD *SSLv2_method(void);
445+#endif
446 %rename(sslv3_method) SSLv3_method;
447 extern SSL_METHOD *SSLv3_method(void);
448 %rename(sslv23_method) SSLv23_method;
449@@ -668,28 +674,24 @@ int ssl_cipher_get_bits(SSL_CIPHER *c) {
450 return SSL_CIPHER_get_bits(c, NULL);
451 }
452
453-STACK *ssl_get_ciphers(SSL *ssl) {
454- return (STACK *)SSL_get_ciphers(ssl);
455-}
456-
457-int sk_ssl_cipher_num(STACK *stack) {
458- return sk_num(stack);
459+int sk_ssl_cipher_num(STACK_OF(SSL_CIPHER) *stack) {
460+ return sk_SSL_CIPHER_num(stack);
461 }
462
463-SSL_CIPHER *sk_ssl_cipher_value(STACK *stack, int idx) {
464- return (SSL_CIPHER *)sk_value(stack, idx);
465+SSL_CIPHER *sk_ssl_cipher_value(STACK_OF(SSL_CIPHER) *stack, int idx) {
466+ return sk_SSL_CIPHER_value(stack, idx);
467 }
468
469-STACK *ssl_get_peer_cert_chain(SSL *ssl) {
470- return (STACK *)SSL_get_peer_cert_chain(ssl);
471+STACK_OF(X509) *ssl_get_peer_cert_chain(SSL *ssl) {
472+ return SSL_get_peer_cert_chain(ssl);
473 }
474
475-int sk_x509_num(STACK *stack) {
476- return sk_num(stack);
477+int sk_x509_num(STACK_OF(X509) *stack) {
478+ return sk_X509_num(stack);
479 }
480
481-X509 *sk_x509_value(STACK *stack, int idx) {
482- return (X509 *)sk_value(stack, idx);
483+X509 *sk_x509_value(STACK_OF(X509) *stack, int idx) {
484+ return sk_X509_value(stack, idx);
485 }
486 %}
487
0488
=== added file 'debian/patches/fix_kill_signal.patch'
--- debian/patches/fix_kill_signal.patch 1970-01-01 00:00:00 +0000
+++ debian/patches/fix_kill_signal.patch 2011-08-10 19:50:59 +0000
@@ -0,0 +1,17 @@
1Description: fix kill signal
2 use signal 9 to kill old s_server processes
3 to work around build HUP signal-ignore-mask (LP: #451998).
4Author: Chuck Short <zulcss@ubuntu.com>
5Origin: 0.20.1-1ubuntu1
6Bug-Ubuntu: https://bugs.launchpad.net/bugs/451998
7--- m2crypto-0.20.1.orig/tests/test_ssl.py
8+++ m2crypto-0.20.1/tests/test_ssl.py
9@@ -92,7 +92,7 @@ class BaseSSLClientTestCase(unittest.Tes
10 return pid
11
12 def stop_server(self, pid):
13- os.kill(pid, 1)
14+ os.kill(pid, 9)
15 os.waitpid(pid, 0)
16
17 def http_get(self, s):
018
=== added file 'debian/patches/fix_sslv2_test.patch'
--- debian/patches/fix_sslv2_test.patch 1970-01-01 00:00:00 +0000
+++ debian/patches/fix_sslv2_test.patch 2011-08-10 19:50:59 +0000
@@ -0,0 +1,19 @@
1Description: fix test_sslv23_no_v2_no_service test
2 sslv2 is disabled in openssl 1.0.0 thus sslv23 will build up an sslv3
3 connection instead of throwing an error
4Author: Julian Taylor <jtaylor.debian@googlemail.com>
5Forwarded: no
6=== modified file 'tests/test_ssl.py'
7--- m2crypto.orig/tests/test_ssl.py 2010-10-01 11:58:15 +0000
8+++ m2crypto/tests/test_ssl.py 2011-08-10 17:25:08 +0000
9@@ -392,7 +392,8 @@
10 try:
11 ctx = SSL.Context('sslv23')
12 s = SSL.Connection(ctx)
13- self.assertRaises(SSL.SSLError, s.connect, self.srv_addr)
14+ s.connect(self.srv_addr)
15+ self.failUnlessEqual(s.get_version(), 'SSLv3')
16 s.close()
17 finally:
18 self.stop_server(pid)
19
020
=== added file 'debian/patches/fix_sslv2_test2.patch'
--- debian/patches/fix_sslv2_test2.patch 1970-01-01 00:00:00 +0000
+++ debian/patches/fix_sslv2_test2.patch 2011-08-10 19:50:59 +0000
@@ -0,0 +1,54 @@
1Description: fix testsuite for newer openssl
2Origin: 0.20.1-1ubuntu3
3Applied-Upstream: http://svn.osafoundation.org/viewvc/m2crypto/trunk/tests/test_smime.py?r1=698&r2=721
4Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/m2crypto/+bug/600549
5Author: Marc Deslauriers <marc.deslauriers@ubuntu.com>
6--- m2crypto-0.20.1.orig/tests/test_smime.py
7+++ m2crypto-0.20.1/tests/test_smime.py
8@@ -37,7 +37,7 @@ class SMIMETestCase(unittest.TestCase):
9 buf = BIO.MemoryBuffer(self.cleartext)
10 s = SMIME.SMIME()
11 s.load_key('tests/signer_key.pem', 'tests/signer.pem')
12- p7 = s.sign(buf)
13+ p7 = s.sign(buf, SMIME.PKCS7_DETACHED)
14 assert len(buf) == 0
15 assert p7.type() == SMIME.PKCS7_SIGNED, p7.type()
16 assert isinstance(p7, SMIME.PKCS7), p7
17@@ -73,9 +73,8 @@ class SMIMETestCase(unittest.TestCase):
18
19 p7, data = SMIME.smime_load_pkcs7_bio(self.signed)
20
21- assert data.read() == self.cleartext
22 assert isinstance(p7, SMIME.PKCS7), p7
23- v = s.verify(p7)
24+ v = s.verify(p7, data)
25 assert v == self.cleartext
26
27 t = p7.get0_signers(sk)
28@@ -169,7 +168,7 @@ class SMIMETestCase(unittest.TestCase):
29 s.set_cipher(SMIME.Cipher('des_ede3_cbc'))
30
31 tmp = BIO.MemoryBuffer()
32- s.write(tmp, p7, buf)
33+ s.write(tmp, p7)
34
35 p7 = s.encrypt(tmp)
36
37@@ -211,6 +210,7 @@ class WriteLoadTestCase(unittest.TestCas
38 assert p7.write(f) == 1
39 f.close()
40
41+ p7 = s.sign(BIO.MemoryBuffer('some text'), SMIME.PKCS7_DETACHED)
42 self.filenameSmime = 'tests/sig.p7s'
43 f = BIO.openfile(self.filenameSmime, 'wb')
44 assert s.write(f, p7, BIO.MemoryBuffer('some text')) == 1
45@@ -220,7 +220,7 @@ class WriteLoadTestCase(unittest.TestCas
46 buf = BIO.MemoryBuffer()
47 assert SMIME.load_pkcs7(self.filename).write_der(buf) == 1
48 s = buf.read()
49- assert len(s) == 1204, len(s)
50+ assert len(s) in (1204, 1243), len(s)
51
52 def test_load_pkcs7(self):
53 assert SMIME.load_pkcs7(self.filename).type() == SMIME.PKCS7_SIGNED
54
055
=== added file 'debian/patches/series'
--- debian/patches/series 1970-01-01 00:00:00 +0000
+++ debian/patches/series 2011-08-10 19:50:59 +0000
@@ -0,0 +1,5 @@
1disable_sslv2_test.patch
2fix_build_with_new_openssl.patch
3fix_kill_signal.patch
4fix_sslv2_test2.patch
5fix_sslv2_test.patch
06
=== modified file 'debian/rules'
--- debian/rules 2009-10-16 12:51:15 +0000
+++ debian/rules 2011-08-10 19:50:59 +0000
@@ -73,7 +73,7 @@
73 dh_strip73 dh_strip
74 dh_compress74 dh_compress
75 dh_fixperms75 dh_fixperms
76 dh_pysupport76 dh_python2
77 dh_installdeb77 dh_installdeb
78 dh_shlibdeps78 dh_shlibdeps
79 dh_gencontrol79 dh_gencontrol
8080
=== added directory 'debian/source'
=== added file 'debian/source/format'
--- debian/source/format 1970-01-01 00:00:00 +0000
+++ debian/source/format 2011-08-10 19:50:59 +0000
@@ -0,0 +1,1 @@
13.0 (quilt)
02
=== modified file 'debian/watch'
--- debian/watch 2009-06-15 22:11:39 +0000
+++ debian/watch 2011-08-10 19:50:59 +0000
@@ -1,2 +1,3 @@
1version=31version=3
2opts=dversionmangle=s/\+dfsg// \
2http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-(.*).tar.gz3http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-(.*).tar.gz
34
=== modified file 'tests/test_smime.py'
--- tests/test_smime.py 2010-07-09 11:17:57 +0000
+++ tests/test_smime.py 2011-08-10 19:50:59 +0000
@@ -37,7 +37,7 @@
37 buf = BIO.MemoryBuffer(self.cleartext)37 buf = BIO.MemoryBuffer(self.cleartext)
38 s = SMIME.SMIME()38 s = SMIME.SMIME()
39 s.load_key('tests/signer_key.pem', 'tests/signer.pem')39 s.load_key('tests/signer_key.pem', 'tests/signer.pem')
40 p7 = s.sign(buf, SMIME.PKCS7_DETACHED)40 p7 = s.sign(buf)
41 assert len(buf) == 041 assert len(buf) == 0
42 assert p7.type() == SMIME.PKCS7_SIGNED, p7.type()42 assert p7.type() == SMIME.PKCS7_SIGNED, p7.type()
43 assert isinstance(p7, SMIME.PKCS7), p743 assert isinstance(p7, SMIME.PKCS7), p7
@@ -73,8 +73,9 @@
73 73
74 p7, data = SMIME.smime_load_pkcs7_bio(self.signed)74 p7, data = SMIME.smime_load_pkcs7_bio(self.signed)
75 75
76 assert data.read() == self.cleartext
76 assert isinstance(p7, SMIME.PKCS7), p777 assert isinstance(p7, SMIME.PKCS7), p7
77 v = s.verify(p7, data) 78 v = s.verify(p7)
78 assert v == self.cleartext79 assert v == self.cleartext
79 80
80 t = p7.get0_signers(sk)81 t = p7.get0_signers(sk)
@@ -168,7 +169,7 @@
168 s.set_cipher(SMIME.Cipher('des_ede3_cbc'))169 s.set_cipher(SMIME.Cipher('des_ede3_cbc'))
169 170
170 tmp = BIO.MemoryBuffer()171 tmp = BIO.MemoryBuffer()
171 s.write(tmp, p7)172 s.write(tmp, p7, buf)
172173
173 p7 = s.encrypt(tmp)174 p7 = s.encrypt(tmp)
174 175
175176
=== modified file 'tests/test_ssl.py'
--- tests/test_ssl.py 2010-10-01 11:58:15 +0000
+++ tests/test_ssl.py 2011-08-10 19:50:59 +0000
@@ -92,7 +92,7 @@
92 return pid92 return pid
9393
94 def stop_server(self, pid):94 def stop_server(self, pid):
95 os.kill(pid, 9)95 os.kill(pid, 1)
96 os.waitpid(pid, 0)96 os.waitpid(pid, 0)
9797
98 def http_get(self, s):98 def http_get(self, s):
@@ -397,7 +397,7 @@
397 finally:397 finally:
398 self.stop_server(pid)398 self.stop_server(pid)
399399
400 def disabled_test_sslv23_weak_crypto(self):400 def test_sslv23_weak_crypto(self):
401 if fips_mode: # TLS is required in FIPS mode401 if fips_mode: # TLS is required in FIPS mode
402 return402 return
403 self.args = self.args + ['-no_tls1', '-no_ssl3']403 self.args = self.args + ['-no_tls1', '-no_ssl3']

Subscribers

People subscribed via source and target branches

to all changes: