* Allow lables and values to be justified when printing objects

* Fix NSS SECITEM_CompareItem bug via workaround. * Fix incorrect format strings in PyArg_ParseTuple* for: - GeneralName - BasicConstraints - cert_x509_key_usage * Fix hang in setup_certs. * For NSS >= 3.13 support CERTDB_TERMINAL_RECORD * You can now query for a specific certificate extension Certficate.get_extension() * The following class methods were added: - nss.nss.Certificate.get_extension * The following module functions were added: - nss.nss.pub_wrap_sym_key * The following internal utilities were added: - PyString_UTF8 - SecItem_new_alloc() * The following were deprecated: - nss.nss.make_line_pairs (replaced by nss.nss.make_line_fmt_tuples) Deprecated Functionality: ------------------------- - make_line_pairs() has been replaced by make_line_fmt_tuples() because 2-valued tuples were not sufficently general. It is expected very few programs will have used this function, it's mostly used internally but provided as a support utility. git-svn-id: svn://10.0.0.236/trunk@263589 18797224-902f-48f8-a5cc-f745e15eee43
2012-03-20 19:05:49 +00:00 · 2012-03-20 19:05:49 +00:00 · 0efd5aeecf
commit 0efd5aeecf
parent be9740d220
7 changed files with 969 additions and 529 deletions
--- a/mozilla/security/python/nss/doc/ChangeLog
+++ b/mozilla/security/python/nss/doc/ChangeLog
@ -1,3 +1,40 @@
+2012-03-20  John Dennis  <jdennis@redhat.com> 0.13
+  * Allow lables and values to be justified when printing objects
+
+  * Fix NSS SECITEM_CompareItem bug via workaround.
+
+  * Fix incorrect format strings in PyArg_ParseTuple* for:
+    - GeneralName
+    - BasicConstraints
+    - cert_x509_key_usage
+
+  * Fix hang in setup_certs.
+
+  * For NSS >= 3.13 support CERTDB_TERMINAL_RECORD
+
+  * You can now query for a specific certificate extension
+    Certficate.get_extension()
+
+  * The following class methods were added:
+    - nss.nss.Certificate.get_extension
+
+  * The following module functions were added:
+    - nss.nss.pub_wrap_sym_key
+
+  * The following internal utilities were added:
+    - PyString_UTF8
+    - SecItem_new_alloc()
+
+  * The following were deprecated:
+    - nss.nss.make_line_pairs (replaced by nss.nss.make_line_fmt_tuples)
+
+    Deprecated Functionality:
+    -------------------------
+    - make_line_pairs() has been replaced by make_line_fmt_tuples()
+      because 2-valued tuples were not sufficently general. It is
+      expected very few programs will have used this function, it's mostly
+      used internally but provided as a support utility.
+
 2011-04-22  John Dennis  <jdennis@redhat.com> 0.12
  * Major new enhancement is additon of PKCS12 support and
    AlgorithmID's.
@ -120,7 +157,7 @@
    - test/test_client_server.py
    - test/test_digest.py (replaces digest_test.py)
    - test/test_pkcs12.py
-	
+
  * The following were deprecated:
    - SignatureAlgorithm

--- a/mozilla/security/python/nss/doc/examples/cert_dump.py
+++ b/mozilla/security/python/nss/doc/examples/cert_dump.py
@ -69,11 +69,11 @@ def print_extension(level, extension):

    if   oid_tag == nss.SEC_OID_PKCS12_KEY_USAGE:
        print nss.indented_format([(level, 'Usages:')])
-        print nss.indented_format(nss.make_line_pairs(level+1, nss.x509_key_usage(extension.value)))
+        print nss.indented_format(nss.make_line_fmt_tuples(level+1, nss.x509_key_usage(extension.value)))

    elif oid_tag == nss.SEC_OID_X509_SUBJECT_KEY_ID:
        print nss.indented_format([(level, 'Data:')])
-        print nss.indented_format(nss.make_line_pairs(level+1,
+        print nss.indented_format(nss.make_line_fmt_tuples(level+1,
              extension.value.der_to_hex(nss.OCTETS_PER_LINE_DEFAULT)))

    elif oid_tag == nss.SEC_OID_X509_CRL_DIST_POINTS:
@ -92,7 +92,7 @@ def print_extension(level, extension):
    elif oid_tag == nss.SEC_OID_X509_AUTH_KEY_ID:
        auth_key_id = nss.AuthKeyID(extension.value)
        print nss.indented_format([(level+1, 'Key ID:')])
-        print nss.indented_format(nss.make_line_pairs(level+2,
+        print nss.indented_format(nss.make_line_fmt_tuples(level+2,
              auth_key_id.key_id.to_hex(nss.OCTETS_PER_LINE_DEFAULT)))
        print nss.indented_format([(level+1, 'Serial Number: %s' % (auth_key_id.serial_number))])
        print nss.indented_format([(level+1, 'Issuer:' % auth_key_id.get_general_names())])
@ -103,14 +103,14 @@ def print_extension(level, extension):

    elif oid_tag == nss.SEC_OID_X509_EXT_KEY_USAGE:
        print nss.indented_format([(level, 'Usages:')])
-        print nss.indented_format(nss.make_line_pairs(level+1, nss.x509_ext_key_usage(extension.value)))
+        print nss.indented_format(nss.make_line_fmt_tuples(level+1, nss.x509_ext_key_usage(extension.value)))

    elif oid_tag in (nss.SEC_OID_X509_SUBJECT_ALT_NAME, nss.SEC_OID_X509_ISSUER_ALT_NAME):
        names = nss.x509_alt_name(extension.value)
        print nss.indented_format([(level+2, 'Alternate Names: [%d total]' % len(names))])
        for name in names:
            print nss.indented_format([(level+3, '%s:' % name)])
-       
+
    print

 # -----------------------------------------------------------------------------
@ -185,12 +185,12 @@ if len(extensions) > 0:
 print nss.indented_format(cert.signed_data.format_lines(1))

 print nss.indented_format([(1, 'Fingerprint (MD5):')])
-print nss.indented_format(nss.make_line_pairs(2,
-                                              nss.data_to_hex(nss.md5_digest(cert.der_data),
-                                              nss.OCTETS_PER_LINE_DEFAULT)))
+print nss.indented_format(nss.make_line_fmt_tuples(2,
+                                                   nss.data_to_hex(nss.md5_digest(cert.der_data),
+                                                                   nss.OCTETS_PER_LINE_DEFAULT)))

 print nss.indented_format([(1, 'Fingerprint (SHA1):')])
-print nss.indented_format(nss.make_line_pairs(2,
-                                              nss.data_to_hex(nss.sha1_digest(cert.der_data),
-                                              nss.OCTETS_PER_LINE_DEFAULT)))
+print nss.indented_format(nss.make_line_fmt_tuples(2,
+                                                   nss.data_to_hex(nss.sha1_digest(cert.der_data),
+                                                                   nss.OCTETS_PER_LINE_DEFAULT)))

--- a/mozilla/security/python/nss/setup.py
+++ b/mozilla/security/python/nss/setup.py
@ -50,7 +50,7 @@ from distutils.util import subst_vars, change_root
 from distutils.command.build_py import build_py as _build_py
 from distutils.command.sdist import sdist as _sdist

-version = "0.12"
+version = "0.13"

 doc_manifest = [
    [['include README LICENSE* doc/ChangeLog',
--- a/mozilla/security/python/nss/src/init.py
+++ b/mozilla/security/python/nss/src/init.py
@ -345,5 +345,5 @@ FAQ
 To be added

 """
-__version__ = '0.12'
+__version__ = '0.13'

--- a/mozilla/security/python/nss/src/py_nss.c
+++ b/mozilla/security/python/nss/src/py_nss.c
--- a/mozilla/security/python/nss/test/setup_certs.py
+++ b/mozilla/security/python/nss/test/setup_certs.py
@ -1,5 +1,6 @@
 #!/usr/bin/python

+import traceback
 import getopt
 import sys
 import os
@ -11,6 +12,7 @@ import shlex
 import pty
 import tty
 import re
+import time

 #-------------------------------------------------------------------------------

@ -28,7 +30,7 @@ client_username = 'test_user'
 config = {
    'verbose'          : False,
    'debug'            : False,
-    'logfile'          : None,
+    'logfile'          : 'setup_certs.log',
    'log_level'        : logging.INFO,
    'interactive'      : sys.stdout.isatty(),
    'dbdir'            : os.path.join(os.path.dirname(sys.argv[0]), 'pki'),
@ -101,6 +103,7 @@ def run_cmd_with_password(cmd, password_prompt, password):
    if pid == 0:
        os.execlp(argv[0], *argv)

+    time.sleep(0.1)            # FIXME: why is this necessary?
    output = ''
    search_position = 0
    while True:
@ -114,19 +117,19 @@ def run_cmd_with_password(cmd, password_prompt, password):
        if len(new_data) == 0:
            break               # EOF
        output += new_data
-        if config['debug']: loggin.debug("output=%s", output);
+        logging.debug("output=%s", output);
        match = prompt_re.search(output, search_position)
        if match:
            search_position = match.end()
            parsed = output[match.start() : match.end()]
-            if config['debug']: loggin.debug("found password: %s", parsed)
+            logging.debug("found password: %s", parsed)
            os.write(master_fd, "%s\n" % password)

    exit_value = os.waitpid(pid, 0)[1]
    exit_signal = exit_value & 0xFF
    exit_code = exit_value >> 8
-    if config['debug']: loggin.debug("output=%s" % output)
-    if config['debug']: loggin.debug("cmd signal=%s, exit_code=%s" % exit_signal, exit_code)
+    logging.debug("output=%s" % output)
+    logging.debug("cmd signal=%s, exit_code=%s" % (exit_signal, exit_code))

    return exit_code, output

@ -187,7 +190,6 @@ def setup_certs():
            raise CmdError(cmd, exit_code, output)

        # 5. Import public root CA's
-
        cmd = 'modutil -dbdir %s -add ca_certs -libfile libnssckbi.so' % \
            (config['dbdir'])

@ -301,6 +303,7 @@ def main(argv=None):
    try:
        setup_certs()
    except Exception, e:
+        logging.error(traceback.format_exc())
        logging.error(str(e))
        return 1

--- a/mozilla/security/python/nss/test/test_client_server.py
+++ b/mozilla/security/python/nss/test/test_client_server.py
@ -336,7 +336,7 @@ def cleanup_server(pid):
            pass                # child already exited
        else:
            print >>sys.stderr, "cleanup_server: %s" % e
-    
+
 class TestSSL(unittest.TestCase):

    def setUp(self):
@ -352,7 +352,7 @@ class TestSSL(unittest.TestCase):
        reply = client(request)
        nss.nss_shutdown()
        self.assertEqual("{%s}" % request, reply)
-        
+

 if __name__ == '__main__':
    unittest.main()