[PYTHON-CRYPTO] M2Crypto improvements

Heikki Toivonen heikki at OSAFOUNDATION.ORG
Thu Apr 1 08:14:51 CEST 2004

Well, it was easier than I thought, so I was actually able to port my 
changes to 0.13p1 already. See the attachment for the changes.

Some comments:
* In my opinion we should get rid of the raw C ptrs in the Python object 
method parameters if there is a corresponding high level Python object 
available. For example, we have X509_Name object, therefore we should 
not pass raw X509_NAME pointers around in the interfaces. Witness 
X509.set_issuer_name for example. I fixed a couple of these instances, 
but they should all be fixed.
* Look for XXX in my code for TODO parts and things I am unsure about.

I think 0.13(p1) has also introduced a bug: the server3/client3 samples 
used to work in 0.12 with my changes, but now with the attached patch 
applied against 0.13(p1) the samples no longer work. Namely, I get the 
following traceback:

Traceback (most recent call last):
   File "server3.py", line 99, in ?
     ctx = setup_server_ctx()
   File "server3.py", line 36, in setup_server_ctx
line 85, in load_cert_chain
     m2.ssl_ctx_use_cert_chain(self.ctx, certchainfile)
M2Crypto.SSL.SSLError: invalid directory

At this point none of my code has been executed (as far as I can see). 
Can anyone figure out what is going on?

   Heikki Toivonen

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: heikki.patch
URL: <http://mail.python.org/pipermail/python-crypto/attachments/20040331/878f927d/attachment.ksh>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/python-crypto/attachments/20040331/878f927d/attachment.pgp>

More information about the python-crypto mailing list