More M2Crypto issues. Not big ones, though.
Heikki Toivonen
heikki at osafoundation.org
Fri Jan 12 20:01:04 EST 2007
John Nagle wrote:
> A list of small problems and bugs in the current M2Crypto:
> I need to look at SSL certificates in some detail, so this
> is all about the access functions for certificates.
Thanks, got the reports, will check them out.
> 3. /M2Crypto/SSL/Connection.py:147:
> DeprecationWarning: Old style callback, use cb_func(ok, store)
> instead return m2.ssl_connect(self.ssl)
> (Also reported, in Polish, here:
> http://www.mail-archive.com/pld-devel-pl@lists.pld-linux.org/msg12433.html)
> Entered into Bugzilla as #7718.
This is actually intended. Once I figure out how to implement all the
functionality in the new way I'd like to remove the old way.
>
> 4. "close()" on an SSL socket that's just finished certificate
> negotiation hangs, at least on Windows. "del" does not hang,
> but I don't know if there's a leak problem.
> Not enough info yet to file a bug report. I might be doing
> something wrong there. Any known "close" issues?
No known issues, but the ending of an SSL connection is a little grey
area to me so I wouldn't be surprised if there are some cases where we
shut down prematurely or too late. But I don't know why we'd hang.
> 1. X509.X509_name.__getattr__:
> Field retrieval from X.509 name items with x509_name_by_nid
> retrieves only first instance of field, not all instances.
Yes, I've been battling with this myself as well. OpenSSL provides
objects to get things as a list, but they are so weird I haven't yet
figured out a way to wrap them in Python so that you would actually be
able to get some values out.
> 2. Unclear if M2Crypto's X.509 interface is UTF-8 compatible.
> OpenSSL will return info in UTF-8 if you use the
> ASN1_STRFLGS_UTF8_CONVERT flag on as_text, but unclear if the
> M2 glue code handles this correctly. Haven't found a UTF8 cert
> to test it on yet.
Yeah, I am not convinced everything works as it should. Any UTF8 (and
other encoding) samples would be welcome.
> Other than that, I'm having relatively good results with M2Crypto.
Glad to hear.
--
Heikki Toivonen
More information about the Python-list
mailing list