Add family parameter to Socket constructors in examples and doc.
Mark implicit family parameter as deprecated.
Raise exception if Socket family does not match NetworkAddress family.
Add --server-subject to setup_certs.py (made testing IPv6 easier without DNS)
git-svn-id: svn://10.0.0.236/trunk@262177 18797224-902f-48f8-a5cc-f745e15eee43
subsequent calls to nss_init() with a database from opening the database
and using it.
Clean up cruft in verify_server.py
git-svn-id: svn://10.0.0.236/trunk@260672 18797224-902f-48f8-a5cc-f745e15eee43
in NSS if Python programmer forgot to call one of the NSS
initialization routines.
Rename the classes X500Name, X500RDN, X500AVA to DN, RDN, AVA
respectively.
DN and RDN objects now return a list of their contents when indexed by
type, this is to support multi-valued items.
Fix bug where AVA object's string representation did not include it's
type.
Enhance test/test_cert_components.py unit test to test for above
changes.
git-svn-id: svn://10.0.0.236/trunk@260568 18797224-902f-48f8-a5cc-f745e15eee43
- Remove python-nss specific httplib.py, no longer needed
python-nss now compatible with standard library
- Rewrite httplib_example.py to use standard library and illustrate
ssl, non-ssl, connection class, http class usage
git-svn-id: svn://10.0.0.236/trunk@260467 18797224-902f-48f8-a5cc-f745e15eee43
Some of this logic had been in the spec file, but that requires more
manual maintenance of the spec file than is prudent.
git-svn-id: svn://10.0.0.236/trunk@260405 18797224-902f-48f8-a5cc-f745e15eee43
replace sec_oid_tag_str() with oid_str() due to API cleanup
data_to_hex() API changed to use default separator, explicitly set it to None
change string quotes from double to single for consistency
git-svn-id: svn://10.0.0.236/trunk@260389 18797224-902f-48f8-a5cc-f745e15eee43
Add support for cyclic garbage collection.
Use thread local storage.
General clean up for names, parameters, etc.
git-svn-id: svn://10.0.0.236/trunk@260384 18797224-902f-48f8-a5cc-f745e15eee43
interfaces expecting a string.
* Sockets were enhanced thusly:
- Threads will now yield during blocking IO.
- Socket.makefile() reimplemented
file object methods that had been missing (readlines(), sendall(),
and iteration) were implemented, makefile now just returns the same
Socket object but increments an "open" ref count. Thus a Socket
object behaves like a file object and must be closed once for each
makefile() call before it's actually closed.
- Sockets now support the iter protocol
- Add Socket.readlines(), Socket.sendall()
* The following classes were added:
AuthKeyID
CRLDistributionPoint
CRLDistributionPts
CertificateExtension
GeneralName
SignedCRL
X500AVA
X500Name
X500RDN
* The following module functions were added:
nss.nss.cert_crl_reason_from_name()
nss.nss.cert_crl_reason_name()
nss.nss.cert_general_name_type_from_name()
nss.nss.cert_general_name_type_name()
nss.nss.decode_der_crl()
nss.nss.der_universal_secitem_fmt_lines()
nss.nss.import_crl()
nss.nss.make_line_pairs()
nss.nss.oid_dotted_decimal()
nss.nss.oid_str()
nss.nss.oid_tag()
nss.nss.oid_tag_name()
nss.nss.read_der_from_file()
nss.nss.x509_alt_name()
nss.nss.x509_ext_key_usage()
nss.nss.x509_key_usage()
* The following class methods and properties were added:
Note: it's a method if the name is suffixed with (), a propety otherwise
Socket.next()
Socket.readlines()
Socket.sendall()
SSLSocket.next()
SSLSocket.readlines()
SSLSocket.sendall()
AuthKeyID.key_id
AuthKeyID.serial_number
AuthKeyID.get_general_names()
CRLDistributionPoint.issuer
CRLDistributionPoint.get_general_names()
CRLDistributionPoint.get_reasons()
CertDB.find_crl_by_cert()
CertDB.find_crl_by_name()
Certificate.extensions
CertificateExtension.critical
CertificateExtension.name
CertificateExtension.oid
CertificateExtension.oid_tag
CertificateExtension.value
GeneralName.type_enum
GeneralName.type_name
GeneralName.type_string
SecItem.der_to_hex()
SecItem.get_oid_sequence()
SecItem.to_hex()
SignedCRL.delete_permanently()
X500AVA.oid
X500AVA.oid_tag
X500AVA.value
X500AVA.value_str
X500Name.cert_uid
X500Name.common_name
X500Name.country_name
X500Name.dc_name
X500Name.email_address
X500Name.locality_name
X500Name.org_name
X500Name.org_unit_name
X500Name.state_name
X500Name.add_rdn()
X500Name.has_key()
X500RDN.has_key()
* The following module functions were removed:
Note: use nss.nss.oid_tag() instead
nss.nss.sec_oid_tag_from_name()
nss.nss.sec_oid_tag_name()
nss.nss.sec_oid_tag_str()
* The following files were added:
doc/examples/cert_dump.py
test/test_cert_components.py
git-svn-id: svn://10.0.0.236/trunk@260296 18797224-902f-48f8-a5cc-f745e15eee43
Add utility to print out SSLUsage flags.
Set the auth_certificate_callback in the client to verify the server,
it was a big problem that had been failing to verify the server cert.
Add new utility to verify a server based on the auth_certificate_callback().
git-svn-id: svn://10.0.0.236/trunk@260027 18797224-902f-48f8-a5cc-f745e15eee43
SecItem.type SecItem.len, SecItem.data
PK11SymKey.key_data, PK11SymKey.key_length, PK11SymKey.slot
create_context_by_sym_key
param_from_iv
generate_new_param
get_iv_length
get_block_size
get_pad_mechanism
* SecItem's now support indexing and slicing on their data
* Clean up parsing and parameter validation of variable arg functions
git-svn-id: svn://10.0.0.236/trunk@258428 18797224-902f-48f8-a5cc-f745e15eee43
add support for symmetric cipher encryption/decryption
add test code for above
some minor clean up in other areas
git-svn-id: svn://10.0.0.236/trunk@258418 18797224-902f-48f8-a5cc-f745e15eee43
