[pyOpenSSL] Call for testing - pyOpenSSL 0.7a1
Jean-Paul Calderone
exarkun at divmod.com
Sun Mar 23 00:20:32 CET 2008
On Sat, 22 Mar 2008 22:16:56 +0100, Sebastian Vieira <sebvieira at gmail.com> wrote:
>Hi,
>
>Any chance of including the CRL patch found on http://tinyurl.com/2kj8o6 ? I
>found that the required pkcs12 patched cleanly against the 0.7 source, but
>the crl patch failed one hunk:
>
>patching file src/crypto/crypto.c
>Hunk #1 succeeded at 461 (offset -1 lines).
>Hunk #2 succeeded at 591 (offset -1 lines).
>Hunk #3 succeeded at 626 (offset -1 lines).
>Hunk #4 succeeded at 794 (offset 25 lines).
>Hunk #5 FAILED at 803.
>Hunk #6 succeeded at 872 (offset 26 lines).
>
>I ask this because my python/openvpn script depends on it :)
>
>kind regards,
>
Hey Sebastian,
This is definitely a possibility. I may need some help with it, though.
First, http://arnaud.desmons.free.fr/pyOpenSSL-0.6-crl.patch is the patch
you're referring to, right? And the patch which must be applied first is
http://arnaud.desmons.free.fr/pyOpenSSL-0.6-pkcs12.patch?
If so, here are some specific questions the answers to which would help me
out a bunch:
* What is the proper usage of crypto_dump_pkcs12?
* Is crypto_PKCS12_set_certificate stealing a reference (meaning memory corruption will likely follow a call to it)?
* Same question for crypto_PKCS12_set_privatekey.
* Why the commented out lines in crypto_PKCS12_dealloc and in the definition of crypto_PKCS12_Type?
* What is the proper usage of crypto_dump_crl?
And more generally:
* Documentation would be greatly appreciated. Either in the form of C
comments in the code, or docstrings exposed to Python (instead of the
empty strings currently given to the new APIs), or in LaTeX as diffs
against doc/pyOpenSSL.tex
* Unit tests would be even better. ;)
In the mean time, I've applied both patches (resolving the simple conflicts)
and pushed a branch to launchpad - https://code.launchpad.net/~exarkun/pyopenssl/pkcs12-crl - in case you want
to use that diff (since it applies clean to trunk now) or if you want to
generate any patches.
Jean-Paul
More information about the pyopenssl-users
mailing list