Merge lp://staging/~rick-fdd/pyopenssl/rand_bytes2 into lp://staging/~exarkun/pyopenssl/trunk
- rand_bytes2
- Merge into trunk
Proposed by
rick_dean
Status: | Merged | ||||
---|---|---|---|---|---|
Merged at revision: | not available | ||||
Proposed branch: | lp://staging/~rick-fdd/pyopenssl/rand_bytes2 | ||||
Merge into: | lp://staging/~exarkun/pyopenssl/trunk | ||||
Diff against target: | None lines | ||||
To merge this branch: | bzr merge lp://staging/~rick-fdd/pyopenssl/rand_bytes2 | ||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Jean-Paul Calderone | Pending | ||
Review via email:
|
Commit message
Description of the change
To post a comment you must log in.
Revision history for this message
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
rick_dean (rick-fdd) wrote : | # |
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === added file 'doc/README' |
2 | --- doc/README 1970-01-01 00:00:00 +0000 |
3 | +++ doc/README 2009-07-07 18:11:55 +0000 |
4 | @@ -0,0 +1,17 @@ |
5 | + |
6 | +Only the .tex format documentation is original, |
7 | +because the others are derived from it, so don't |
8 | +edit them directly. To build the other formats |
9 | +use a command of ... |
10 | + |
11 | + make all |
12 | + |
13 | + |
14 | +To build the documentation you will need to have |
15 | +latex2html and lynx installed. On fedora both can |
16 | +be obtained with... |
17 | + |
18 | + sudo yum install latex2html lynx |
19 | + |
20 | + |
21 | + |
22 | |
23 | === modified file 'doc/pyOpenSSL.tex' |
24 | --- doc/pyOpenSSL.tex 2009-07-04 20:15:36 +0000 |
25 | +++ doc/pyOpenSSL.tex 2009-07-08 17:06:10 +0000 |
26 | @@ -593,6 +593,14 @@ |
27 | \var{string}, measured in bytes. For more information, see e.g. \rfc{1750}. |
28 | \end{funcdesc} |
29 | |
30 | +\begin{funcdesc}{bytes}{num_bytes} |
31 | +From PRNG get some random bytes as a string. It's a wrapper of the C function \function{RAND_bytes}. |
32 | +\end{funcdesc} |
33 | + |
34 | +\begin{funcdesc}{cleanup}{} |
35 | +Erase the memory used by the PRNG. It's a wrapper of the C function \function{RAND_cleanup}. |
36 | +\end{funcdesc} |
37 | + |
38 | \begin{funcdesc}{egd}{path\optional{, bytes}} |
39 | Query the Entropy Gathering Daemon\footnote{See |
40 | \url{http://www.lothar.com/tech/crypto/}} on socket \var{path} for \var{bytes} |
41 | @@ -624,6 +632,16 @@ |
42 | file can then be used with \function{load_file} to seed the PRNG again. |
43 | \end{funcdesc} |
44 | |
45 | +\begin{excdesc}{Error} |
46 | +If the current RAND method supports any errors, this is raised when needed. |
47 | +The default method does not raise this when the entropy pool is depleted. |
48 | + |
49 | +Whenever this exception is raised directly, it has a list of error messages |
50 | +from the OpenSSL error queue, where each item is a tuple \code{(\var{lib}, |
51 | +\var{function}, \var{reason})}. Here \var{lib}, \var{function} and \var{reason} |
52 | +are all strings, describing where and what the problem is. See \manpage{err}{3} |
53 | +for more information. |
54 | +\end{excdesc} |
55 | |
56 | |
57 | % % % SSL module |
58 | |
59 | === modified file 'setup.py' |
60 | --- setup.py 2009-07-05 16:44:41 +0000 |
61 | +++ setup.py 2009-07-07 18:11:55 +0000 |
62 | @@ -88,6 +88,7 @@ |
63 | 'OpenSSL.version', 'OpenSSL.test.__init__', |
64 | 'OpenSSL.test.util', |
65 | 'OpenSSL.test.test_crypto', |
66 | + 'OpenSSL.test.test_rand', |
67 | 'OpenSSL.test.test_ssl'], |
68 | data_files = data_files, |
69 | description = 'Python wrapper module around the OpenSSL library', |
70 | |
71 | === modified file 'src/crypto/crypto.c' |
72 | --- src/crypto/crypto.c 2009-07-04 14:21:07 +0000 |
73 | +++ src/crypto/crypto.c 2009-07-08 16:48:33 +0000 |
74 | @@ -112,7 +112,7 @@ |
75 | |
76 | if (pkey == NULL) |
77 | { |
78 | - exception_from_error_queue(); |
79 | + exception_from_error_queue(crypto_Error); |
80 | return NULL; |
81 | } |
82 | |
83 | @@ -213,7 +213,7 @@ |
84 | if (ret == 0) |
85 | { |
86 | BIO_free(bio); |
87 | - exception_from_error_queue(); |
88 | + exception_from_error_queue(crypto_Error); |
89 | return NULL; |
90 | } |
91 | |
92 | @@ -264,7 +264,7 @@ |
93 | |
94 | if (cert == NULL) |
95 | { |
96 | - exception_from_error_queue(); |
97 | + exception_from_error_queue(crypto_Error); |
98 | return NULL; |
99 | } |
100 | |
101 | @@ -316,7 +316,7 @@ |
102 | if (ret == 0) |
103 | { |
104 | BIO_free(bio); |
105 | - exception_from_error_queue(); |
106 | + exception_from_error_queue(crypto_Error); |
107 | return NULL; |
108 | } |
109 | |
110 | @@ -367,7 +367,7 @@ |
111 | |
112 | if (req == NULL) |
113 | { |
114 | - exception_from_error_queue(); |
115 | + exception_from_error_queue(crypto_Error); |
116 | return NULL; |
117 | } |
118 | |
119 | @@ -419,7 +419,7 @@ |
120 | if (ret == 0) |
121 | { |
122 | BIO_free(bio); |
123 | - exception_from_error_queue(); |
124 | + exception_from_error_queue(crypto_Error); |
125 | return NULL; |
126 | } |
127 | |
128 | @@ -475,7 +475,7 @@ |
129 | */ |
130 | if (pkcs7 == NULL) |
131 | { |
132 | - exception_from_error_queue(); |
133 | + exception_from_error_queue(crypto_Error); |
134 | return NULL; |
135 | } |
136 | |
137 | @@ -506,7 +506,7 @@ |
138 | if ((p12 = d2i_PKCS12_bio(bio, NULL)) == NULL) |
139 | { |
140 | BIO_free(bio); |
141 | - exception_from_error_queue(); |
142 | + exception_from_error_queue(crypto_Error); |
143 | return NULL; |
144 | } |
145 | BIO_free(bio); |
146 | |
147 | === modified file 'src/crypto/crypto.h' |
148 | --- src/crypto/crypto.h 2009-04-01 16:58:26 +0000 |
149 | +++ src/crypto/crypto.h 2009-07-08 16:48:33 +0000 |
150 | @@ -27,15 +27,6 @@ |
151 | |
152 | extern PyObject *crypto_Error; |
153 | |
154 | -#ifdef exception_from_error_queue |
155 | -# undef exception_from_error_queue |
156 | -#endif |
157 | -#define exception_from_error_queue() do { \ |
158 | - PyObject *errlist = error_queue_to_list(); \ |
159 | - PyErr_SetObject(crypto_Error, errlist); \ |
160 | - Py_DECREF(errlist); \ |
161 | -} while (0) |
162 | - |
163 | #define crypto_X509_New_NUM 0 |
164 | #define crypto_X509_New_RETURN crypto_X509Obj * |
165 | #define crypto_X509_New_PROTO (X509 *, int) |
166 | |
167 | === modified file 'src/crypto/netscape_spki.c' |
168 | --- src/crypto/netscape_spki.c 2009-06-27 18:32:07 +0000 |
169 | +++ src/crypto/netscape_spki.c 2009-07-08 16:48:33 +0000 |
170 | @@ -57,7 +57,7 @@ |
171 | spki = NETSCAPE_SPKI_new(); |
172 | if (spki == NULL) |
173 | { |
174 | - exception_from_error_queue(); |
175 | + exception_from_error_queue(crypto_Error); |
176 | return NULL; |
177 | } |
178 | return (PyObject *)crypto_NetscapeSPKI_New(spki, 1); |
179 | @@ -107,7 +107,7 @@ |
180 | |
181 | if (!NETSCAPE_SPKI_sign(self->netscape_spki, pkey->pkey, digest)) |
182 | { |
183 | - exception_from_error_queue(); |
184 | + exception_from_error_queue(crypto_Error); |
185 | return NULL; |
186 | } |
187 | |
188 | @@ -133,7 +133,7 @@ |
189 | |
190 | if ((answer = NETSCAPE_SPKI_verify(self->netscape_spki, pkey->pkey)) < 0) |
191 | { |
192 | - exception_from_error_queue(); |
193 | + exception_from_error_queue(crypto_Error); |
194 | return NULL; |
195 | } |
196 | |
197 | @@ -176,7 +176,7 @@ |
198 | |
199 | if ((pkey = NETSCAPE_SPKI_get_pubkey(self->netscape_spki)) == NULL) |
200 | { |
201 | - exception_from_error_queue(); |
202 | + exception_from_error_queue(crypto_Error); |
203 | return NULL; |
204 | } |
205 | |
206 | @@ -200,7 +200,7 @@ |
207 | |
208 | if (!NETSCAPE_SPKI_set_pubkey(self->netscape_spki, pkey->pkey)) |
209 | { |
210 | - exception_from_error_queue(); |
211 | + exception_from_error_queue(crypto_Error); |
212 | return NULL; |
213 | } |
214 | |
215 | |
216 | === modified file 'src/crypto/pkcs12.c' |
217 | --- src/crypto/pkcs12.c 2009-06-27 18:32:07 +0000 |
218 | +++ src/crypto/pkcs12.c 2009-07-08 16:48:33 +0000 |
219 | @@ -110,7 +110,7 @@ |
220 | /* parse the PKCS12 lump */ |
221 | if (!(cacerts && PKCS12_parse(p12, passphrase, &pkey, &cert, &cacerts))) |
222 | { |
223 | - exception_from_error_queue(); |
224 | + exception_from_error_queue(crypto_Error); |
225 | return NULL; |
226 | } |
227 | |
228 | |
229 | === modified file 'src/crypto/pkey.c' |
230 | --- src/crypto/pkey.c 2009-06-27 14:54:48 +0000 |
231 | +++ src/crypto/pkey.c 2009-07-08 16:48:33 +0000 |
232 | @@ -21,7 +21,7 @@ |
233 | */ |
234 | #define FAIL() \ |
235 | do { \ |
236 | - exception_from_error_queue(); \ |
237 | + exception_from_error_queue(crypto_Error); \ |
238 | return NULL; \ |
239 | } while (0) |
240 | |
241 | |
242 | === modified file 'src/crypto/x509.c' |
243 | --- src/crypto/x509.c 2009-06-27 14:54:04 +0000 |
244 | +++ src/crypto/x509.c 2009-07-08 16:48:33 +0000 |
245 | @@ -136,7 +136,7 @@ |
246 | |
247 | if (bignum == NULL) { |
248 | if (ASN1_INTEGER_set(X509_get_serialNumber(self->x509), small_serial)) { |
249 | - exception_from_error_queue(); |
250 | + exception_from_error_queue(crypto_Error); |
251 | goto err; |
252 | } |
253 | } else { |
254 | @@ -144,11 +144,11 @@ |
255 | BN_free(bignum); |
256 | bignum = NULL; |
257 | if (asn1_i == NULL) { |
258 | - exception_from_error_queue(); |
259 | + exception_from_error_queue(crypto_Error); |
260 | goto err; |
261 | } |
262 | if (!X509_set_serialNumber(self->x509, asn1_i)) { |
263 | - exception_from_error_queue(); |
264 | + exception_from_error_queue(crypto_Error); |
265 | goto err; |
266 | } |
267 | ASN1_INTEGER_free(asn1_i); |
268 | @@ -221,7 +221,7 @@ |
269 | |
270 | if (!X509_set_issuer_name(self->x509, issuer->x509_name)) |
271 | { |
272 | - exception_from_error_queue(); |
273 | + exception_from_error_queue(crypto_Error); |
274 | return NULL; |
275 | } |
276 | |
277 | @@ -273,7 +273,7 @@ |
278 | |
279 | if (!X509_set_subject_name(self->x509, subject->x509_name)) |
280 | { |
281 | - exception_from_error_queue(); |
282 | + exception_from_error_queue(crypto_Error); |
283 | return NULL; |
284 | } |
285 | |
286 | @@ -299,7 +299,7 @@ |
287 | |
288 | if ((pkey = X509_get_pubkey(self->x509)) == NULL) |
289 | { |
290 | - exception_from_error_queue(); |
291 | + exception_from_error_queue(crypto_Error); |
292 | return NULL; |
293 | } |
294 | |
295 | @@ -327,7 +327,7 @@ |
296 | |
297 | if (!X509_set_pubkey(self->x509, pkey->pkey)) |
298 | { |
299 | - exception_from_error_queue(); |
300 | + exception_from_error_queue(crypto_Error); |
301 | return NULL; |
302 | } |
303 | |
304 | @@ -422,7 +422,7 @@ |
305 | } else { |
306 | ASN1_TIME_to_generalizedtime(timestamp, >_timestamp); |
307 | if (gt_timestamp == NULL) { |
308 | - exception_from_error_queue(); |
309 | + exception_from_error_queue(crypto_Error); |
310 | return NULL; |
311 | } else { |
312 | py_timestamp = PyString_FromString((char *)gt_timestamp->data); |
313 | @@ -558,7 +558,7 @@ |
314 | |
315 | if (!X509_sign(self->x509, pkey->pkey, digest)) |
316 | { |
317 | - exception_from_error_queue(); |
318 | + exception_from_error_queue(crypto_Error); |
319 | return NULL; |
320 | } |
321 | |
322 | @@ -629,7 +629,7 @@ |
323 | |
324 | if (!X509_digest(self->x509,digest,fp,&len)) |
325 | { |
326 | - exception_from_error_queue(); |
327 | + exception_from_error_queue(crypto_Error); |
328 | } |
329 | tmp = malloc(3*len+1); |
330 | memset(tmp, 0, 3*len+1); |
331 | @@ -679,7 +679,7 @@ |
332 | if (!X509_add_ext(self->x509, ext->x509_extension, -1)) |
333 | { |
334 | Py_DECREF(seq); |
335 | - exception_from_error_queue(); |
336 | + exception_from_error_queue(crypto_Error); |
337 | return NULL; |
338 | } |
339 | } |
340 | |
341 | === modified file 'src/crypto/x509ext.c' |
342 | --- src/crypto/x509ext.c 2009-06-27 15:17:28 +0000 |
343 | +++ src/crypto/x509ext.c 2009-07-08 16:48:33 +0000 |
344 | @@ -126,7 +126,7 @@ |
345 | return self; |
346 | |
347 | nconf_error: |
348 | - exception_from_error_queue(); |
349 | + exception_from_error_queue(crypto_Error); |
350 | |
351 | critical_malloc_error: |
352 | Py_XDECREF(self); |
353 | @@ -204,7 +204,7 @@ |
354 | if (!X509V3_EXT_print(bio, self->x509_extension, 0, 0)) |
355 | { |
356 | BIO_free(bio); |
357 | - exception_from_error_queue(); |
358 | + exception_from_error_queue(crypto_Error); |
359 | return NULL; |
360 | } |
361 | |
362 | |
363 | === modified file 'src/crypto/x509name.c' |
364 | --- src/crypto/x509name.c 2009-06-27 15:02:46 +0000 |
365 | +++ src/crypto/x509name.c 2009-07-08 16:48:33 +0000 |
366 | @@ -88,7 +88,7 @@ |
367 | data = X509_NAME_ENTRY_get_data(entry); |
368 | if ((len = ASN1_STRING_to_UTF8((unsigned char **)utf8string, data)) < 0) |
369 | { |
370 | - exception_from_error_queue(); |
371 | + exception_from_error_queue(crypto_Error); |
372 | return -1; |
373 | } |
374 | |
375 | @@ -129,7 +129,7 @@ |
376 | (unsigned char *)utf8string, |
377 | -1, -1, 0)) |
378 | { |
379 | - exception_from_error_queue(); |
380 | + exception_from_error_queue(crypto_Error); |
381 | return -1; |
382 | } |
383 | return 0; |
384 | @@ -236,7 +236,7 @@ |
385 | |
386 | if (X509_NAME_oneline(self->x509_name, tmpbuf, 512) == NULL) |
387 | { |
388 | - exception_from_error_queue(); |
389 | + exception_from_error_queue(crypto_Error); |
390 | return NULL; |
391 | } |
392 | else |
393 | |
394 | === modified file 'src/crypto/x509req.c' |
395 | --- src/crypto/x509req.c 2009-06-27 15:10:43 +0000 |
396 | +++ src/crypto/x509req.c 2009-07-08 16:48:33 +0000 |
397 | @@ -30,7 +30,7 @@ |
398 | |
399 | if ((name = X509_REQ_get_subject_name(self->x509_req)) == NULL) |
400 | { |
401 | - exception_from_error_queue(); |
402 | + exception_from_error_queue(crypto_Error); |
403 | return NULL; |
404 | } |
405 | if ((pyname = crypto_X509Name_New(name, 0)) != NULL) { |
406 | @@ -58,7 +58,7 @@ |
407 | |
408 | if ((pkey = X509_REQ_get_pubkey(self->x509_req)) == NULL) |
409 | { |
410 | - exception_from_error_queue(); |
411 | + exception_from_error_queue(crypto_Error); |
412 | return NULL; |
413 | } |
414 | |
415 | @@ -86,7 +86,7 @@ |
416 | |
417 | if (!X509_REQ_set_pubkey(self->x509_req, pkey->pkey)) |
418 | { |
419 | - exception_from_error_queue(); |
420 | + exception_from_error_queue(crypto_Error); |
421 | return NULL; |
422 | } |
423 | |
424 | @@ -131,7 +131,7 @@ |
425 | |
426 | if (!X509_REQ_sign(self->x509_req, pkey->pkey, digest)) |
427 | { |
428 | - exception_from_error_queue(); |
429 | + exception_from_error_queue(crypto_Error); |
430 | return NULL; |
431 | } |
432 | |
433 | @@ -160,7 +160,7 @@ |
434 | |
435 | if ((answer = X509_REQ_verify(self->x509_req, key->pkey)) < 0) |
436 | { |
437 | - exception_from_error_queue(); |
438 | + exception_from_error_queue(crypto_Error); |
439 | return NULL; |
440 | } |
441 | |
442 | @@ -194,7 +194,7 @@ |
443 | /* Make a STACK_OF(X509_EXTENSION) from sequence */ |
444 | if ((exts = sk_X509_EXTENSION_new_null()) == NULL) |
445 | { |
446 | - exception_from_error_queue(); |
447 | + exception_from_error_queue(crypto_Error); |
448 | return NULL; |
449 | } |
450 | |
451 | @@ -217,7 +217,7 @@ |
452 | if (!X509_REQ_add_extensions(self->x509_req, exts)) |
453 | { |
454 | sk_X509_EXTENSION_free(exts); |
455 | - exception_from_error_queue(); |
456 | + exception_from_error_queue(crypto_Error); |
457 | return NULL; |
458 | } |
459 | |
460 | |
461 | === modified file 'src/crypto/x509store.c' |
462 | --- src/crypto/x509store.c 2009-07-04 14:21:07 +0000 |
463 | +++ src/crypto/x509store.c 2009-07-08 16:48:33 +0000 |
464 | @@ -27,7 +27,7 @@ |
465 | |
466 | if (!X509_STORE_add_cert(self->x509_store, cert->x509)) |
467 | { |
468 | - exception_from_error_queue(); |
469 | + exception_from_error_queue(crypto_Error); |
470 | return NULL; |
471 | } |
472 | |
473 | |
474 | === modified file 'src/rand/rand.c' |
475 | --- src/rand/rand.c 2009-05-27 18:06:48 +0000 |
476 | +++ src/rand/rand.c 2009-07-08 16:48:33 +0000 |
477 | @@ -21,6 +21,9 @@ |
478 | # endif |
479 | #endif |
480 | #include <openssl/rand.h> |
481 | +#include "../util.h" |
482 | + |
483 | +PyObject *rand_Error; |
484 | |
485 | static char rand_doc[] = "\n\ |
486 | PRNG management routines, thin wrappers.\n\ |
487 | @@ -188,6 +191,42 @@ |
488 | return PyInt_FromLong((long)RAND_write_file(filename)); |
489 | } |
490 | |
491 | +static char rand_bytes_doc[] = "\n\ |
492 | +Get some randomm bytes as a string.\n\ |
493 | +\n\ |
494 | +@param num_bytes: The number of bytes to fetch\n\ |
495 | +@return: A string of random bytes\n\ |
496 | +"; |
497 | + |
498 | +static PyObject * |
499 | +rand_bytes(PyObject *spam, PyObject *args, PyObject *keywds) |
500 | +{ |
501 | + int num_bytes; |
502 | + static char *kwlist[] = {"num_bytes", NULL}; |
503 | + char *buf; |
504 | + unsigned int rc; |
505 | + PyObject *obj = NULL; |
506 | + |
507 | + if (!PyArg_ParseTupleAndKeywords(args, keywds, "i:bytes", kwlist, &num_bytes)) |
508 | + return NULL; |
509 | + if(num_bytes < 0) { |
510 | + PyErr_SetString(PyExc_ValueError, "num_bytes must not be negative"); |
511 | + return NULL; |
512 | + } |
513 | + buf = malloc(num_bytes); |
514 | + if (buf == NULL) /* out of memory */ |
515 | + return NULL; |
516 | + rc = RAND_bytes((unsigned char *) buf, num_bytes); |
517 | + if(rc != 1) { /* if unsuccessful */ |
518 | + exception_from_error_queue(rand_Error); |
519 | + goto done; |
520 | + } |
521 | + obj = PyString_FromStringAndSize(buf, (unsigned) num_bytes); |
522 | + done: |
523 | + free(buf); |
524 | + return obj; |
525 | +} |
526 | + |
527 | |
528 | /* Methods in the OpenSSL.rand module */ |
529 | static PyMethodDef rand_methods[] = { |
530 | @@ -201,6 +240,7 @@ |
531 | { "cleanup", (PyCFunction)rand_cleanup, METH_VARARGS, rand_cleanup_doc }, |
532 | { "load_file", (PyCFunction)rand_load_file, METH_VARARGS, rand_load_file_doc }, |
533 | { "write_file",(PyCFunction)rand_write_file, METH_VARARGS, rand_write_file_doc }, |
534 | + { "bytes", (PyCFunction)rand_bytes, METH_VARARGS|METH_KEYWORDS, rand_bytes_doc }, |
535 | { NULL, NULL } |
536 | }; |
537 | |
538 | @@ -220,5 +260,13 @@ |
539 | |
540 | if ((module = Py_InitModule3("rand", rand_methods, rand_doc)) == NULL) |
541 | return; |
542 | + |
543 | + rand_Error = PyErr_NewException("OpenSSL.rand.Error", NULL, NULL); |
544 | + if (rand_Error == NULL) |
545 | + goto error; |
546 | + if (PyModule_AddObject(module, "Error", rand_Error) != 0) |
547 | + goto error; |
548 | + error: |
549 | + ; |
550 | } |
551 | |
552 | |
553 | === modified file 'src/ssl/connection.c' |
554 | --- src/ssl/connection.c 2009-05-27 21:09:15 +0000 |
555 | +++ src/ssl/connection.c 2009-07-08 16:48:33 +0000 |
556 | @@ -164,7 +164,7 @@ |
557 | * the code which triggered the error also kindly pushed something onto |
558 | * the error stack. |
559 | */ |
560 | - exception_from_error_queue(); |
561 | + exception_from_error_queue(ssl_Error); |
562 | } |
563 | } |
564 | |
565 | @@ -238,7 +238,7 @@ |
566 | case SSL_ERROR_SSL: |
567 | ; |
568 | default: |
569 | - exception_from_error_queue(); |
570 | + exception_from_error_queue(ssl_Error); |
571 | break; |
572 | } |
573 | } |
574 | @@ -788,7 +788,7 @@ |
575 | |
576 | if (ret < 0) |
577 | { |
578 | - exception_from_error_queue(); |
579 | + exception_from_error_queue(ssl_Error); |
580 | return NULL; |
581 | } |
582 | else if (ret > 0) |
583 | |
584 | === modified file 'src/ssl/context.c' |
585 | --- src/ssl/context.c 2009-06-27 14:44:00 +0000 |
586 | +++ src/ssl/context.c 2009-07-08 16:48:33 +0000 |
587 | @@ -265,7 +265,7 @@ |
588 | |
589 | if (!SSL_CTX_load_verify_locations(self->ctx, cafile, capath)) |
590 | { |
591 | - exception_from_error_queue(); |
592 | + exception_from_error_queue(ssl_Error); |
593 | return NULL; |
594 | } |
595 | else |
596 | @@ -291,7 +291,7 @@ |
597 | * -exarkun |
598 | */ |
599 | if (!SSL_CTX_set_default_verify_paths(self->ctx)) { |
600 | - exception_from_error_queue(); |
601 | + exception_from_error_queue(ssl_Error); |
602 | return NULL; |
603 | } |
604 | Py_INCREF(Py_None); |
605 | @@ -388,14 +388,14 @@ |
606 | } |
607 | if (!(cert_original = X509_dup(cert->x509))) |
608 | { |
609 | - /* exception_from_error_queue(); */ |
610 | + /* exception_from_error_queue(ssl_Error); */ |
611 | PyErr_SetString(PyExc_RuntimeError, "X509_dup failed"); |
612 | return NULL; |
613 | } |
614 | if (!SSL_CTX_add_extra_chain_cert(self->ctx, cert_original)) |
615 | { |
616 | X509_free(cert_original); |
617 | - exception_from_error_queue(); |
618 | + exception_from_error_queue(ssl_Error); |
619 | return NULL; |
620 | } |
621 | else |
622 | @@ -422,7 +422,7 @@ |
623 | |
624 | if (!SSL_CTX_use_certificate_chain_file(self->ctx, certfile)) |
625 | { |
626 | - exception_from_error_queue(); |
627 | + exception_from_error_queue(ssl_Error); |
628 | return NULL; |
629 | } |
630 | else |
631 | @@ -451,7 +451,7 @@ |
632 | |
633 | if (!SSL_CTX_use_certificate_file(self->ctx, certfile, filetype)) |
634 | { |
635 | - exception_from_error_queue(); |
636 | + exception_from_error_queue(ssl_Error); |
637 | return NULL; |
638 | } |
639 | else |
640 | @@ -478,7 +478,7 @@ |
641 | |
642 | if (!SSL_CTX_use_certificate(self->ctx, cert->x509)) |
643 | { |
644 | - exception_from_error_queue(); |
645 | + exception_from_error_queue(ssl_Error); |
646 | return NULL; |
647 | } |
648 | else |
649 | @@ -516,7 +516,7 @@ |
650 | |
651 | if (!ret) |
652 | { |
653 | - exception_from_error_queue(); |
654 | + exception_from_error_queue(ssl_Error); |
655 | return NULL; |
656 | } |
657 | else |
658 | @@ -565,7 +565,7 @@ |
659 | |
660 | if (!SSL_CTX_use_PrivateKey(self->ctx, pkey->pkey)) |
661 | { |
662 | - exception_from_error_queue(); |
663 | + exception_from_error_queue(ssl_Error); |
664 | return NULL; |
665 | } |
666 | else |
667 | @@ -588,7 +588,7 @@ |
668 | |
669 | if (!SSL_CTX_check_private_key(self->ctx)) |
670 | { |
671 | - exception_from_error_queue(); |
672 | + exception_from_error_queue(ssl_Error); |
673 | return NULL; |
674 | } |
675 | else |
676 | @@ -637,7 +637,7 @@ |
677 | |
678 | if (!SSL_CTX_set_session_id_context(self->ctx, buf, len)) |
679 | { |
680 | - exception_from_error_queue(); |
681 | + exception_from_error_queue(ssl_Error); |
682 | return NULL; |
683 | } |
684 | else |
685 | @@ -779,7 +779,7 @@ |
686 | |
687 | if (!SSL_CTX_set_cipher_list(self->ctx, cipher_list)) |
688 | { |
689 | - exception_from_error_queue(); |
690 | + exception_from_error_queue(ssl_Error); |
691 | return NULL; |
692 | } |
693 | else |
694 | |
695 | === modified file 'src/ssl/ssl.h' |
696 | --- src/ssl/ssl.h 2008-09-21 21:42:34 +0000 |
697 | +++ src/ssl/ssl.h 2009-07-08 16:48:33 +0000 |
698 | @@ -27,15 +27,6 @@ |
699 | *ssl_WantX509LookupError, /* ... */ |
700 | *ssl_SysCallError; /* Uses (errno,errstr) */ |
701 | |
702 | -#ifdef exception_from_error_queue |
703 | -# undef exception_from_error_queue |
704 | -#endif |
705 | -#define exception_from_error_queue() do { \ |
706 | - PyObject *errlist = error_queue_to_list(); \ |
707 | - PyErr_SetObject(ssl_Error, errlist); \ |
708 | - Py_DECREF(errlist); \ |
709 | -} while (0) |
710 | - |
711 | #define ssl_Context_New_NUM 0 |
712 | #define ssl_Context_New_RETURN ssl_ContextObj * |
713 | #define ssl_Context_New_PROTO (int method) |
714 | |
715 | === modified file 'src/util.c' |
716 | --- src/util.c 2008-07-23 01:27:25 +0000 |
717 | +++ src/util.c 2009-07-08 16:48:33 +0000 |
718 | @@ -38,6 +38,13 @@ |
719 | return errlist; |
720 | } |
721 | |
722 | +void exception_from_error_queue(PyObject *the_Error) |
723 | +{ |
724 | + PyObject *errlist = error_queue_to_list(); |
725 | + PyErr_SetObject(the_Error, errlist); |
726 | + Py_DECREF(errlist); |
727 | +} |
728 | + |
729 | /* |
730 | * Flush OpenSSL's error queue and ignore the result |
731 | * |
732 | |
733 | === modified file 'src/util.h' |
734 | --- src/util.h 2009-03-22 16:21:17 +0000 |
735 | +++ src/util.h 2009-07-08 16:48:33 +0000 |
736 | @@ -23,6 +23,7 @@ |
737 | #include "pymemcompat.h" |
738 | |
739 | extern PyObject *error_queue_to_list(void); |
740 | +extern void exception_from_error_queue(PyObject *the_Error); |
741 | extern void flush_error_queue(void); |
742 | |
743 | /* |
744 | |
745 | === added file 'test/test_rand.py' |
746 | --- test/test_rand.py 1970-01-01 00:00:00 +0000 |
747 | +++ test/test_rand.py 2009-07-07 18:11:55 +0000 |
748 | @@ -0,0 +1,63 @@ |
749 | +# Copyright (C) Frederick Dean 2009, All rights reserved |
750 | + |
751 | +""" |
752 | +Unit tests for L{OpenSSL.rand}. |
753 | +""" |
754 | + |
755 | +from unittest import main |
756 | +import os |
757 | +import stat |
758 | + |
759 | +from OpenSSL.test.util import TestCase |
760 | +from OpenSSL import rand |
761 | + |
762 | +class RandTests(TestCase): |
763 | + def test_bytes(self): |
764 | + """ |
765 | + Verify that we can obtain bytes from rand_bytes() and |
766 | + that they are different each time. Test the parameter |
767 | + of rand_bytes() for bad values. |
768 | + """ |
769 | + b1 = rand.bytes(50) |
770 | + self.assertEqual(len(b1), 50) |
771 | + b2 = rand.bytes(num_bytes=50) # parameter by name |
772 | + self.assertNotEqual(b1, b2) # Hip, Hip, Horay! FIPS complaince |
773 | + b3 = rand.bytes(num_bytes=0) |
774 | + self.assertEqual(len(b3), 0) |
775 | + try: |
776 | + b4 = rand.bytes(-1) |
777 | + self.assertTrue(False) # We shouldn't get here |
778 | + except ValueError, v: |
779 | + self.assertTrue(v.message == "num_bytes must not be negative") |
780 | + |
781 | + |
782 | + def test_add(self): |
783 | + """ |
784 | + Test adding of entropy to the PRNG. |
785 | + """ |
786 | + rand.add('hamburger', 3) |
787 | + rand.seed('milk shake') |
788 | + self.assertTrue(rand.status()) |
789 | + |
790 | + |
791 | + def test_files(self): |
792 | + """ |
793 | + Test reading and writing of files via rand functions. |
794 | + """ |
795 | + # Write random bytes to a file |
796 | + tmpfile = self.mktemp() |
797 | + rand.write_file(tmpfile) |
798 | + # Verify length of written file |
799 | + size = os.stat(tmpfile)[stat.ST_SIZE] |
800 | + self.assertEquals(size, 1024) |
801 | + # Read random bytes from file |
802 | + rand.load_file(tmpfile) |
803 | + rand.load_file(tmpfile, 4) # specify a length |
804 | + # Cleanup |
805 | + os.unlink(tmpfile) |
806 | + |
807 | + |
808 | +if __name__ == '__main__': |
809 | + main() |
810 | + |
811 | + |
This branch is ready.