More M2Crypto issues. Not big ones, though.

Heikki Toivonen heikki at osafoundation.org
Fri Jan 12 20:01:04 EST 2007 

John Nagle wrote:
>   A list of small problems and bugs in the current M2Crypto:
> I need to look at SSL certificates in some detail, so this
> is all about the access functions for certificates.

Thanks, got the reports, will check them out.

>     3. /M2Crypto/SSL/Connection.py:147:
>     DeprecationWarning: Old style callback, use cb_func(ok, store)
>     instead return m2.ssl_connect(self.ssl)
>     (Also reported, in Polish, here:
> http://www.mail-archive.com/pld-devel-pl@lists.pld-linux.org/msg12433.html)
>     Entered into Bugzilla as #7718.

This is actually intended. Once I figure out how to implement all the
functionality in the new way I'd like to remove the old way.

> 
>     4. "close()" on an SSL socket that's just finished certificate
>     negotiation hangs, at least on Windows.  "del" does not hang,
>     but I don't know if there's a leak problem.
>     Not enough info yet to file a bug report.  I might be doing
>     something wrong there.  Any known "close" issues?

No known issues, but the ending of an SSL connection is a little grey
area to me so I wouldn't be surprised if there are some cases where we
shut down prematurely or too late. But I don't know why we'd hang.

>     1. X509.X509_name.__getattr__:
>     Field retrieval from X.509 name items with x509_name_by_nid
>     retrieves only first instance of field, not all instances.

Yes, I've been battling with this myself as well. OpenSSL provides
objects to get things as a list, but they are so weird I haven't yet
figured out a way to wrap them in Python so that you would actually be
able to get some values out.

>     2. Unclear if M2Crypto's X.509 interface is UTF-8 compatible.
>     OpenSSL will return info in UTF-8 if you use the
>     ASN1_STRFLGS_UTF8_CONVERT flag on as_text, but unclear if the
>     M2 glue code handles this correctly.  Haven't found a UTF8 cert
>     to test it on yet.

Yeah, I am not convinced everything works as it should. Any UTF8 (and
other encoding) samples would be welcome.

> Other than that, I'm having relatively good results with M2Crypto.

Glad to hear.

-- 
  Heikki Toivonen

More information about the Python-list mailing list