From jcea at ARGO.ES Wed Oct 3 18:04:34 2007 From: jcea at ARGO.ES (Jesus Cea) Date: Wed, 3 Oct 2007 18:04:34 +0200 Subject: [PYTHON-CRYPTO] Some issues with M2Crypto 0.18 and timeouts In-Reply-To: <46F7F33B.1000202@osafoundation.org> References: <46F4AB08.6040906@argo.es> <46F4B4AA.4010808@osafoundation.org> <46F4C579.7010507@argo.es> <46F7F33B.1000202@osafoundation.org> Message-ID: <4703BD92.6040808@argo.es> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Heikki Toivonen wrote: > You are the second or third person to ask about it in M2Crypto in the > past 4 years, so it is not *that* frequent a request. I suspect most > people use something more robust than plain M2Crypto for a server > application (like Apache or Twisted). Client side is a different thing, > of course. Definitively M2Crypto, as is, is not suitable for server SSL, since DoS (Denial of Service) is trivial :-(, unless the programmer fight the BIO layer, hard. > If you really want this simple solution, I'd advice first > trying the patch in the bug I pointed out, and seeing how it works. If > it does everything you need, reliably, I could consider applying the patch. The patch proposed is good idea, but it has two problems: 1. SO_RCVTIMEO/SO_SNDTIMEO are *very* non-portable, not universally supported and, worse, plagued with bugs and inconsistences between OS's and releases. 2. The patch only considers timeout's in the SSL handshake, not in the send/receive code, renegotiation, shutdown, etc. > TLS Lite is pure Python, but can use various other native modules (if > available) to speed up SSL: http://trevp.net/tlslite/ TLS Lite seems to support asyncronous (timeout) operations, but current release is a bit dated (2005). Performance is an incognita. - -- Jesus Cea Avion _/_/ _/_/_/ _/_/_/ jcea at argo.es http://www.argo.es/~jcea/ _/_/ _/_/ _/_/ _/_/ _/_/ jabber / xmpp:jcea at jabber.org _/_/ _/_/ _/_/_/_/_/ _/_/ _/_/ _/_/ _/_/ _/_/ "Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/ "My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/ "El amor es poner tu felicidad en la felicidad de otro" - Leibniz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQCVAwUBRwO9kZlgi5GaxT1NAQIlGAP/QQLej3bi9JjIGWSbR1krJzVnDvZ6WRP2 Bdco+5ulZFou6Smi6TMxuL6noQMNJo4CCMqBNcxoXP3PLrtzeKd+rNCMEvTgELGV EZNDYVGv+whEBYF0PiIKYbJrTb1cJvQfv4mnlKPCgya0XzBpaGl/RMU4aMc46RAy FN2b9m1C9CU= =8p9p -----END PGP SIGNATURE----- From jcea at ARGO.ES Wed Oct 3 20:14:32 2007 From: jcea at ARGO.ES (Jesus Cea) Date: Wed, 3 Oct 2007 20:14:32 +0200 Subject: [PYTHON-CRYPTO] Some issues with M2Crypto 0.18 and timeouts In-Reply-To: <4703BD92.6040808@argo.es> References: <46F4AB08.6040906@argo.es> <46F4B4AA.4010808@osafoundation.org> <46F4C579.7010507@argo.es> <46F7F33B.1000202@osafoundation.org> <4703BD92.6040808@argo.es> Message-ID: <4703DC08.4000709@argo.es> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jesus Cea wrote: > Definitively M2Crypto, as is, is not suitable for server SSL, since DoS > (Denial of Service) is trivial :-(, unless the programmer fight the BIO > layer, hard. I'm learning more about openssl internals that I would like to know :-). Seems "accept_ssl()" can be called several times if the socket is notblocking. Nice. But return codes is not consistent with openssl docs. In fact, I can't make sense of it :-?. Any example out there?. I can't differenciate between "waiting for read" and "waiting for writing", so I can't use a "select" there. Any idea?. I just discovered the undocumented "Connection._write_nbio()" and "Connection._read_nbio()". Could I use them combined with a "select()" loop?. Seems so, actually. - -- Jesus Cea Avion _/_/ _/_/_/ _/_/_/ jcea at argo.es http://www.argo.es/~jcea/ _/_/ _/_/ _/_/ _/_/ _/_/ jabber / xmpp:jcea at jabber.org _/_/ _/_/ _/_/_/_/_/ _/_/ _/_/ _/_/ _/_/ _/_/ "Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/ "My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/ "El amor es poner tu felicidad en la felicidad de otro" - Leibniz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQCVAwUBRwPcCJlgi5GaxT1NAQLAwAP/X1nJL1Hf3x5KKNsnvG15sf24CabbDAc/ 9t8PQnnRTSZql0nbvOxY+bBeMnZJCjNHFgpB4xf45twMilxv3uWQUA0IbwV3wRjO khJGQ5UQ0MNEW67Z3LssvF4shxLElRxqzA+Rk30IFImYHrpH5i77haLXPLhT0DOo I1RqYMAqpg8= =3VAl -----END PGP SIGNATURE----- From rwx+crypto at SYNNERGY.NET Wed Oct 3 22:40:03 2007 From: rwx+crypto at SYNNERGY.NET (Juan M. Bello Rivas) Date: Wed, 3 Oct 2007 22:40:03 +0200 Subject: [PYTHON-CRYPTO] Some issues with M2Crypto 0.18 and timeouts In-Reply-To: <4703DC08.4000709@argo.es> References: <46F4AB08.6040906@argo.es> <46F4B4AA.4010808@osafoundation.org> <46F4C579.7010507@argo.es> <46F7F33B.1000202@osafoundation.org> <4703BD92.6040808@argo.es> <4703DC08.4000709@argo.es> Message-ID: <20071003204003.GA5201@morphism> Hi, On Wed, Oct 03, 2007 at 08:14:32PM +0200, Jesus Cea wrote: > > Seems "accept_ssl()" can be called several times if the socket is > notblocking. Nice. But return codes is not consistent with openssl docs. > In fact, I can't make sense of it :-?. Any example out there?. I can't > differenciate between "waiting for read" and "waiting for writing", so I > can't use a "select" there. Any idea?. I think this: http://www.opensslbook.com/res/nonblock_support.txt and pages 159 to 166 from the same book are what you're looking for. -- Juan M. Bello Rivas http://superadditive.com From heikki at OSAFOUNDATION.ORG Mon Oct 8 22:57:05 2007 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Mon, 8 Oct 2007 13:57:05 -0700 Subject: [PYTHON-CRYPTO] ANN: M2Crypto 0.18.1 Message-ID: <470A99A1.8020902@osafoundation.org> M2Crypto is the most complete Python wrapper for OpenSSL featuring RSA, DSA, DH, HMACs, message digests, symmetric ciphers (including AES); SSL functionality to implement clients and servers; HTTPS extensions to Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing AuthCookies for web session management; FTP/TLS client and server; S/MIME; ZServerSSL: A HTTPS server for Zope and ZSmime: An S/MIME messenger for Zope. http://chandlerproject.org/Projects/MeTooCrypto Changelog: - Redo build fix when OpenSSL configured without Elliptic Curves (EC), see also INSTALL file. This affects at least Fedora Core systems. -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature URL: From p.j.kershaw at RL.AC.UK Fri Oct 12 16:18:51 2007 From: p.j.kershaw at RL.AC.UK (Philip Kershaw) Date: Fri, 12 Oct 2007 15:18:51 +0100 Subject: [PYTHON-CRYPTO] M2Crypto build error - _lib.h:5: error: redefinition of typedef 'Py_ssize_t' Message-ID: <200710121518.51701.p.j.kershaw@rl.ac.uk> Hello, I'm getting a strange error installing M2Crypto on Redhat: In file included from SWIG/_m2crypto_wrap.c:2528: /tmp/easy_install-F8-kVi/m2crypto-0.18.1/SWIG/_lib.h:5: error: redefinition of typedef 'Py_ssize_t' Has anyone seen anything similar? I've tried different SWIG versions: 1.3.30, 1.3.30rc1, 1.3.31 but still the same result. Originally the machine had SWIG 1.3.21. The build worked with this but I noticed that the M2Crypto INSTALL file lists > 1.3.24 as a prerequisite. Other details ... Python version is 2.4.4. Redhat version info: # cat /proc/version Linux version 2.6.9-42.0.2.ELsmp (bhcompile at ls20-bc1-13.build.redhat.com) (gcc version 3.4.6 20060404 (Red Hat 3.4.6-3)) #1 SMP Thu Aug 17 18:00:32 EDT 2006 It works without any problems on Ubuntu: # cat /proc/version Linux version 2.6.15-23-386 (buildd at rothera) (gcc version 4.0.3 (Ubuntu 4.0.3-1ubuntu5)) #1 PREEMPT Tue May 23 13:49:40 UTC 2006 The only other thing I can see is there is an earlier version of gcc on the Redhat machine. Full output from easy_install below... Cheers, Phil # easy_install M2Crypto Searching for M2Crypto Reading http://pypi.python.org/simple/M2Crypto/ Reading http://chandlerproject.org/Projects/MeTooCrypto Reading http://sandbox.rulemaker.net/ngps/m2/ Reading http://www.post1.com/home/ngps/m2 Reading http://wiki.osafoundation.org/bin/view/Projects/MeTooCrypto Best match: m2crypto 0.18.1 Downloading http://chandlerproject.org/pub/Projects/MeTooCrypto/m2crypto-0.18.1.tar.gz Processing m2crypto-0.18.1.tar.gz Running m2crypto-0.18.1/setup.py -q bdist_egg --dist-dir /tmp/easy_install-F8-kVi/m2crypto-0.18.1/egg-dist-tmp-5IrhAu SWIG/_bio.i:62: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_rand.i:19: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_evp.i:148: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_dh.i:35: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_rsa.i:43: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_dsa.i:31: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_ssl.i:201: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_x509.i:302: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_pkcs7.i:40: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_pkcs7.i:40: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_util.i:9: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_ec.i:111: Warning(454): Setting a pointer/reference variable may leak memory. In file included from SWIG/_m2crypto_wrap.c:2528: /tmp/easy_install-F8-kVi/m2crypto-0.18.1/SWIG/_lib.h:5: error: redefinition of typedef 'Py_ssize_t' SWIG/_m2crypto_wrap.c:782: error: previous declaration of 'Py_ssize_t' was here SWIG/_m2crypto_wrap.c:5724: warning: function declaration isn't a prototype SWIG/_m2crypto_wrap.c: In function `make_stack_from_der_sequence': SWIG/_m2crypto_wrap.c:5828: warning: function declaration isn't a prototype error: Setup script exited with error: command 'gcc' failed with exit status 1 From heikki at OSAFOUNDATION.ORG Fri Oct 12 19:03:54 2007 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Fri, 12 Oct 2007 10:03:54 -0700 Subject: [PYTHON-CRYPTO] M2Crypto build error - _lib.h:5: error: redefinition of typedef 'Py_ssize_t' In-Reply-To: <200710121518.51701.p.j.kershaw@rl.ac.uk> References: <200710121518.51701.p.j.kershaw@rl.ac.uk> Message-ID: <470FA8FA.10904@osafoundation.org> Philip Kershaw wrote: > I'm getting a strange error installing M2Crypto on Redhat: > > In file included from SWIG/_m2crypto_wrap.c:2528: > /tmp/easy_install-F8-kVi/m2crypto-0.18.1/SWIG/_lib.h:5: error: redefinition of > typedef 'Py_ssize_t' I have never seen that before. Do you have a 64-bit system? What is your OpenSSL version? Oh, I noticed you used easy_install. I haven't really tested that, gotta add a note to my release checklist... -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature URL: From shramov at MEXMAT.NET Fri Oct 12 19:21:58 2007 From: shramov at MEXMAT.NET (Pavel Shramov) Date: Fri, 12 Oct 2007 21:21:58 +0400 Subject: [PYTHON-CRYPTO] M2Crypto build error - _lib.h:5: error: redefinition of typedef 'Py_ssize_t' In-Reply-To: <200710121518.51701.p.j.kershaw@rl.ac.uk> References: <200710121518.51701.p.j.kershaw@rl.ac.uk> Message-ID: <20071012172158.GB8859@voodoo.psha-ns.mexmat.net> On Fri, Oct 12, 2007 at 03:18:51PM +0100, Philip Kershaw wrote: > Hello, > > I'm getting a strange error installing M2Crypto on Redhat: > > In file included from SWIG/_m2crypto_wrap.c:2528: > /tmp/easy_install-F8-kVi/m2crypto-0.18.1/SWIG/_lib.h:5: error: redefinition of > typedef 'Py_ssize_t' > > Has anyone seen anything similar? I have same error on debian/unstable with $ gcc --version gcc (GCC) 4.1.3 20070518 (prerelease) (Debian 4.1.2-8) $ swig -version SWIG Version 1.3.31 $ python Python 2.4.4 (#2, Apr 26 2007, 00:02:45) [GCC 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)] on linux2 (Python 2.5.1 (r251:54863, Aug 17 2007, 00:51:07) is also installed) As I remember this error appears when I'd upgraded python (or SWIG? don't remember, it was somewhat in the middle of summer). I commented out block with Py_ssize_t definition in local version. Patch is attached. Maybe better solution will be something like #if !defined(Py_ssize_t) typedef.... #endif Pavel -------------- next part -------------- commit 96ba76af3dc40c071ff6fef7109c381ba19babe4 Author: Pavel Shramov Date: Fri Oct 12 20:52:45 2007 +0400 fixe compile error with some versions of SWIG (?) diff --git a/SWIG/_lib.h b/SWIG/_lib.h index c0760d4..c131e4a 100644 --- a/SWIG/_lib.h +++ b/SWIG/_lib.h @@ -1,9 +1,11 @@ /* Copyright (c) 1999 Ng Pheng Siong. All rights reserved. */ /* $Id$ */ +/* #if PY_VERSION_HEX < 0x02050000 typedef int Py_ssize_t; #endif +*/ typedef struct _blob { unsigned char *data; From heikki at OSAFOUNDATION.ORG Sat Oct 13 00:11:49 2007 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Fri, 12 Oct 2007 15:11:49 -0700 Subject: [PYTHON-CRYPTO] ANN: M2Crypto 0.18.2 Message-ID: <470FF125.6020005@osafoundation.org> M2Crypto is the most complete Python wrapper for OpenSSL featuring RSA, DSA, DH, HMACs, message digests, symmetric ciphers (including AES); SSL functionality to implement clients and servers; HTTPS extensions to Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing AuthCookies for web session management; FTP/TLS client and server; S/MIME; ZServerSSL: A HTTPS server for Zope and ZSmime: An S/MIME messenger for Zope. http://chandlerproject.org/Projects/MeTooCrypto Changelog: - typedef Py_ssize_t was insufficiently guarded, now follows PEP 353. This prevented building on at least Red Hat Linux and Debian Linux (unstable). -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature URL: From p.j.kershaw at RL.AC.UK Mon Oct 15 11:06:41 2007 From: p.j.kershaw at RL.AC.UK (Philip Kershaw) Date: Mon, 15 Oct 2007 10:06:41 +0100 Subject: [PYTHON-CRYPTO] M2Crypto build error - _lib.h:5: error: redefinition of typedef 'Py_ssize_t' In-Reply-To: <20071012172158.GB8859@voodoo.psha-ns.mexmat.net> References: <200710121518.51701.p.j.kershaw@rl.ac.uk> <20071012172158.GB8859@voodoo.psha-ns.mexmat.net> Message-ID: <200710151006.41941.p.j.kershaw@rl.ac.uk> Thanks for the help. 0.18.2 still breaks for me unfortunately but I can build by commenting out: /* #if PY_VERSION_HEX < 0x02050000 typedef int Py_ssize_t; #endif */ My OpenSSL version is 0.9.8f. The system is 32-bit I think: # uname -a Linux ndg 2.6.9-42.0.2.ELsmp #1 SMP Thu Aug 17 18:00:32 EDT 2006 i686 i686 i386 GNU/Linux I've copied in the easy_install output again below... Cheers, Phil # easy_install M2Crypto Searching for M2Crypto Reading http://pypi.python.org/simple/M2Crypto/ Reading http://chandlerproject.org/Projects/MeTooCrypto Reading http://wiki.osafoundation.org/bin/view/Projects/MeTooCrypto Reading http://www.post1.com/home/ngps/m2 Reading http://sandbox.rulemaker.net/ngps/m2/ Best match: m2crypto 0.18.2 Downloading http://chandlerproject.org/pub/Projects/MeTooCrypto/m2crypto-0.18.2.tar.gz Processing m2crypto-0.18.2.tar.gz Running m2crypto-0.18.2/setup.py -q bdist_egg --dist-dir /tmp/easy_install-Ow4Qhc/m2crypto-0.18.2/egg-dist-tmp-tCKRoa SWIG/_bio.i:62: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_rand.i:19: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_evp.i:148: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_dh.i:35: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_rsa.i:43: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_dsa.i:31: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_ssl.i:201: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_x509.i:302: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_pkcs7.i:40: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_pkcs7.i:40: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_util.i:9: Warning(454): Setting a pointer/reference variable may leak memory. SWIG/_ec.i:111: Warning(454): Setting a pointer/reference variable may leak memory. In file included from SWIG/_m2crypto_wrap.c:2528: /tmp/easy_install-Ow4Qhc/m2crypto-0.18.2/SWIG/_lib.h:5: error: redefinition of typedef 'Py_ssize_t' SWIG/_m2crypto_wrap.c:782: error: previous declaration of 'Py_ssize_t' was here SWIG/_m2crypto_wrap.c:5724: warning: function declaration isn't a prototype SWIG/_m2crypto_wrap.c: In function `make_stack_from_der_sequence': SWIG/_m2crypto_wrap.c:5828: warning: function declaration isn't a prototype error: Setup script exited with error: command 'gcc' failed with exit status 1 On Friday 12 October 2007 18:21, Pavel Shramov wrote: > On Fri, Oct 12, 2007 at 03:18:51PM +0100, Philip Kershaw wrote: > > Hello, > > > > I'm getting a strange error installing M2Crypto on Redhat: > > > > In file included from SWIG/_m2crypto_wrap.c:2528: > > /tmp/easy_install-F8-kVi/m2crypto-0.18.1/SWIG/_lib.h:5: error: > > redefinition of typedef 'Py_ssize_t' > > > > Has anyone seen anything similar? > > I have same error on debian/unstable with > > $ gcc --version > gcc (GCC) 4.1.3 20070518 (prerelease) (Debian 4.1.2-8) > > $ swig -version > > SWIG Version 1.3.31 > > $ python > Python 2.4.4 (#2, Apr 26 2007, 00:02:45) > [GCC 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)] on linux2 > > (Python 2.5.1 (r251:54863, Aug 17 2007, 00:51:07) is also installed) > > As I remember this error appears when I'd upgraded python (or SWIG? > don't remember, it was somewhat in the middle of summer). > I commented out block with Py_ssize_t definition in local version. > Patch is attached. Maybe better solution will be something like > > #if !defined(Py_ssize_t) > typedef.... > #endif > > Pavel From heikki at OSAFOUNDATION.ORG Mon Oct 15 20:01:38 2007 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Mon, 15 Oct 2007 11:01:38 -0700 Subject: [PYTHON-CRYPTO] M2Crypto build error - _lib.h:5: error: redefinition of typedef 'Py_ssize_t' In-Reply-To: <200710151006.41941.p.j.kershaw@rl.ac.uk> References: <200710121518.51701.p.j.kershaw@rl.ac.uk> <20071012172158.GB8859@voodoo.psha-ns.mexmat.net> <200710151006.41941.p.j.kershaw@rl.ac.uk> Message-ID: <4713AB02.5010101@osafoundation.org> Philip Kershaw wrote: > 0.18.2 still breaks for me unfortunately but I can build by commenting out: > > /* > #if PY_VERSION_HEX < 0x02050000 > typedef int Py_ssize_t; > #endif > */ You don't have 0.18.2, because 0.18.2 has this: #if PY_VERSION_HEX < 0x02050000 && !defined(PY_SSIZE_T_MIN) typedef int Py_ssize_t; #define PY_SSIZE_T_MAX INT_MAX #define PY_SSIZE_T_MIN INT_MIN #endif -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature URL: From p.j.kershaw at RL.AC.UK Tue Oct 16 11:48:48 2007 From: p.j.kershaw at RL.AC.UK (Philip Kershaw) Date: Tue, 16 Oct 2007 10:48:48 +0100 Subject: [PYTHON-CRYPTO] M2Crypto build error - _lib.h:5: error: redefinition of typedef 'Py_ssize_t' In-Reply-To: <4713AB02.5010101@osafoundation.org> References: <200710121518.51701.p.j.kershaw@rl.ac.uk> <200710151006.41941.p.j.kershaw@rl.ac.uk> <4713AB02.5010101@osafoundation.org> Message-ID: <200710161048.48264.p.j.kershaw@rl.ac.uk> Hi Heikki, See below... On Monday 15 October 2007 19:01, Heikki Toivonen wrote: > Philip Kershaw wrote: > > 0.18.2 still breaks for me unfortunately but I can build by commenting > > out: > > > > /* > > #if PY_VERSION_HEX < 0x02050000 > > typedef int Py_ssize_t; > > #endif > > */ > > You don't have 0.18.2, because 0.18.2 has this: > > #if PY_VERSION_HEX < 0x02050000 && !defined(PY_SSIZE_T_MIN) > typedef int Py_ssize_t; > #define PY_SSIZE_T_MAX INT_MAX > #define PY_SSIZE_T_MIN INT_MIN > #endif I quoted the wrong piece of code. The build _does_ still fail with 0.18.2 and the code as you've included above. However I think the problem lies elsewhere. I noticed in _m2crypto_wrap.c: /* Py_ssize_t for old Pythons */ #if PY_VERSION_HEX < 0x02050000 typedef int Py_ssize_t; #endif It doesn't follow the formula in PEP 353 that you've used for _lib.h. If I edit the code and change it to: #if PY_VERSION_HEX < 0x02050000 && !defined(PY_SSIZE_T_MIN) typedef int Py_ssize_t; #define PY_SSIZE_T_MAX INT_MAX #define PY_SSIZE_T_MIN INT_MIN #endif I can compile it: # gcc -pthread -fno-strict-aliasing -DNDEBUG -g -O3 -Wall -Wstrict-prototypes -fPIC -I/usr/local/ssl/include -I/usr/local/include/python2.4 -I/usr/local/ssl/include -I/root/ndg-downloads/m2crypto-0.18.2/SWIG -c SWIG/_m2crypto_wrap.c -o build/temp.linux-i686-2.4/SWIG/_m2crypto_wrap.o -DTHREADING but I have to miss out the swig step as it overwrites _m2crypto_wrap.c. Given this I'm guessing it's a bug in swig's generation of the wrap file. Cheers, Phil From jcea at ARGO.ES Tue Oct 16 18:52:23 2007 From: jcea at ARGO.ES (Jesus Cea) Date: Tue, 16 Oct 2007 18:52:23 +0200 Subject: [PYTHON-CRYPTO] Some issues with M2Crypto 0.18 and timeouts In-Reply-To: <20071003204003.GA5201@morphism> References: <46F4AB08.6040906@argo.es> <46F4B4AA.4010808@osafoundation.org> <46F4C579.7010507@argo.es> <46F7F33B.1000202@osafoundation.org> <4703BD92.6040808@argo.es> <4703DC08.4000709@argo.es> <20071003204003.GA5201@morphism> Message-ID: <4714EC47.5030609@argo.es> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Juan M. Bello Rivas wrote: > Hi, > > On Wed, Oct 03, 2007 at 08:14:32PM +0200, Jesus Cea wrote: >> Seems "accept_ssl()" can be called several times if the socket is >> notblocking. Nice. But return codes is not consistent with openssl docs. >> In fact, I can't make sense of it :-?. Any example out there?. I can't >> differenciate between "waiting for read" and "waiting for writing", so I >> can't use a "select" there. Any idea?. > > I think this: > > http://www.opensslbook.com/res/nonblock_support.txt > > and pages 159 to 166 from the same book are what you're looking for. I was unable to make any significant progress in this issue. Too bad. Today I found this link in my inbox: it is a backport of the future "ssl" module from future python 2.6 to previous python revisions: http://pypi.python.org/pypi/ssl http://docs.python.org/dev/library/ssl.html The module will be included in python 2.6 (and Python 3000, of course) and it is *VERY* easy to use. It seems to support timeouts just fine. I will integrate it in my POP3 server this week. Hope this SSL try be the last one!. - -- Jesus Cea Avion _/_/ _/_/_/ _/_/_/ jcea at argo.es http://www.argo.es/~jcea/ _/_/ _/_/ _/_/ _/_/ _/_/ jabber / xmpp:jcea at jabber.org _/_/ _/_/ _/_/_/_/_/ _/_/ _/_/ _/_/ _/_/ _/_/ "Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/ "My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/ "El amor es poner tu felicidad en la felicidad de otro" - Leibniz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQCVAwUBRxTsR5lgi5GaxT1NAQLrGQQAjO/H8s3vy3JT7CKshO6RbS5wNPVgVXzD wjUDL6gp++64ln8lopbJW5Q7N5s6qeuMkt33Xesn5cbrV7x+yioy5U7wJffdDLH4 kjEUILCG3YI6ZnrlMC9IY35NK3DeHLKQ2Ve4CzLpH2jxjoi7iIuVuRjXil6ARKWa jZAe3ofEvBM= =3jZu -----END PGP SIGNATURE----- From heikki at OSAFOUNDATION.ORG Tue Oct 16 19:27:55 2007 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Tue, 16 Oct 2007 10:27:55 -0700 Subject: [PYTHON-CRYPTO] Some issues with M2Crypto 0.18 and timeouts In-Reply-To: <4714EC47.5030609@argo.es> References: <46F4AB08.6040906@argo.es> <46F4B4AA.4010808@osafoundation.org> <46F4C579.7010507@argo.es> <46F7F33B.1000202@osafoundation.org> <4703BD92.6040808@argo.es> <4703DC08.4000709@argo.es> <20071003204003.GA5201@morphism> <4714EC47.5030609@argo.es> Message-ID: <4714F49B.5080309@osafoundation.org> Jesus Cea wrote: > Today I found this link in my inbox: it is a backport of the future > "ssl" module from future python 2.6 to previous python revisions: Yes, I've read that the plan is for 2.6 to have usable, secure SSL for *servers*. Secure SSL clients will still require something like M2Crypto, even with Python 2.6. -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature URL: From heikki at OSAFOUNDATION.ORG Tue Oct 16 19:32:11 2007 From: heikki at OSAFOUNDATION.ORG (Heikki Toivonen) Date: Tue, 16 Oct 2007 10:32:11 -0700 Subject: [PYTHON-CRYPTO] M2Crypto build error - _lib.h:5: error: redefinition of typedef 'Py_ssize_t' In-Reply-To: <200710161048.48264.p.j.kershaw@rl.ac.uk> References: <200710121518.51701.p.j.kershaw@rl.ac.uk> <200710151006.41941.p.j.kershaw@rl.ac.uk> <4713AB02.5010101@osafoundation.org> <200710161048.48264.p.j.kershaw@rl.ac.uk> Message-ID: <4714F59B.9030803@osafoundation.org> Philip Kershaw wrote: > but I have to miss out the swig step as it overwrites _m2crypto_wrap.c. Given > this I'm guessing it's a bug in swig's generation of the wrap file. Ok. What is your exact linux distro, and swig version? I believe I saw mentions on the SWIG website that they had fixed Python 2.5 issues in 1.3.30 or something. I may need to add some info to M2Crypto page/build instructions about Python 2.5 requiring a newer SWIG... -- Heikki Toivonen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 254 bytes Desc: OpenPGP digital signature URL: From p.j.kershaw at RL.AC.UK Wed Oct 17 15:16:14 2007 From: p.j.kershaw at RL.AC.UK (Philip Kershaw) Date: Wed, 17 Oct 2007 14:16:14 +0100 Subject: [PYTHON-CRYPTO] M2Crypto build error - _lib.h:5: error: redefinition of typedef 'Py_ssize_t' In-Reply-To: <4714F59B.9030803@osafoundation.org> References: <200710121518.51701.p.j.kershaw@rl.ac.uk> <200710161048.48264.p.j.kershaw@rl.ac.uk> <4714F59B.9030803@osafoundation.org> Message-ID: <200710171416.14679.p.j.kershaw@rl.ac.uk> On Tuesday 16 October 2007 18:32, Heikki Toivonen wrote: > Philip Kershaw wrote: > > but I have to miss out the swig step as it overwrites _m2crypto_wrap.c. > > Given this I'm guessing it's a bug in swig's generation of the wrap file. > > Ok. What is your exact linux distro, and swig version? I believe I saw > mentions on the SWIG website that they had fixed Python 2.5 issues in > 1.3.30 or something. I may need to add some info to M2Crypto page/build > instructions about Python 2.5 requiring a newer SWIG... I think I've tracked it down to swig 1.3.30rc1. This didn't have the correct #if statement for Py_ssize_t as of PEP 353. It's fixed correctly in 1.3.30 and 1.3.31. The combination that failed was: swig 1.3.30rc1 + Python 2.4.4 + M2Crypto 0.18.2 Python 2.5 works fine regardless of swig version. For the record the distros I used were Redhat Enterprise and Ubuntu: Redhat ... # cat /proc/version Linux version 2.6.9-42.0.2.ELsmp (bhcompile at ls20-bc1-13.build.redhat.com) (gcc version 3.4.6 20060404 (Red Hat 3.4.6-3)) #1 SMP Thu Aug 17 18:00:32 EDT 2006 # cat /etc/redhat-release Red Hat Enterprise Linux WS release 4 (Nahant Update 5) Ubuntu ... $ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 6.06 LTS Release: 6.06 Codename: dapper $ cat /proc/version Linux version 2.6.15-23-386 (buildd at rothera) (gcc version 4.0.3 (Ubuntu 4.0.3-1ubuntu5)) #1 PREEMPT Tue May 23 13:49:40 UTC 2006 Cheers, Phil