Egenix-pyopenssl

2011-04-06 Jean-Paul Calderone <email address hidden>

* OpenSSL/crypto/x509.c: Add get_extension_count and get_extension
to the X509 type, allowing read access to certificate extensions.

* OpenSSL/crypto/x509ext.c: Add get_short_name and get_data to the
X509Extension type, allowing read access to the contents of an
extension.

2011-03-21 Olivier Hervieu <lp:~ohe>

* OpenSSL/ssl/ssl.c: Expose a number of symbolic constants for
values passed to the connection "info" callback.

2011-01-22 Jean-Paul Calderone <email address hidden>

* OpenSSL/ssl/connection.py: Add support for new-style
buffers (primarily memoryviews) to Connection.send and
Connection.sendall.

2010-10-07 Jean-Paul Calderone <email address hidden>

* Initial support for Python 3.x throughout the codebase.

2010-09-14 Jean-Paul Calderone <email address hidden>

* OpenSSL/crypto/netscape_spki.c: Fix an off-by-one mistake in the
error handling for NetscapeSPKI.verify. Add additional error
checking to NetscapeSPKI.sign to handle the case where there is no
private key.

* OpenSSL/crypto/x509.c: Fix an overflow bug in the subject_name_hash
method of the X509 type which would cause it to return negative
values on 32 bit systems.

* OpenSSL/crypto/x509req.c: Fix an off-by-one mistake in the error
handling for X509Req.verify.

* OpenSSL/ssl/context.c: Fix the error handling in the load_tmp_dh
method of the Context type which would cause it to always raise
MemoryError, regardless of the actual error (such as a bad file
name).

* OpenSSL/test/: Numerous unit tests added, both for above fixes
and for other previously untested code paths.

2010-07-27 Jean-Paul Calderone <email address hidden>

* Re-arrange the repository so that the package can be built and
used in-place without requiring installation.

2010-02-27 James Yonan <email address hidden>

* src/crypto/crypto.c: Added crypto.sign and crypto.verify methods
that wrap EVP_Sign and EVP_Verify function families, using code
derived from Dave Cridland's PyOpenSSL branch.

* test/test_crypto.py: Added unit tests for crypto.sign and
crypto.verify.

2010-01-27 Jean-Paul Calderone <email address hidden>

* src/ssl/connection.c, src/util.h: Apply patch from Sandro Tosi to
fix misspellings of "compatibility".

2010-10-07 Jean-Paul Calderone <email address hidden>

* Initial support for Python 3.x throughout the codebase.

2010-09-14 Jean-Paul Calderone <email address hidden>

* OpenSSL/crypto/netscape_spki.c: Fix an off-by-one mistake in the
error handling for NetscapeSPKI.verify. Add additional error
checking to NetscapeSPKI.sign to handle the case where there is no
private key.

* OpenSSL/crypto/x509.c: Fix an overflow bug in the subject_name_hash
method of the X509 type which would cause it to return negative
values on 32 bit systems.

* OpenSSL/crypto/x509req.c: Fix an off-by-one mistake in the error
handling for X509Req.verify.

* OpenSSL/ssl/context.c: Fix the error handling in the load_tmp_dh
method of the Context type which would cause it to always raise
MemoryError, regardless of the actual error (such as a bad file
name).

* OpenSSL/test/: Numerous unit tests added, both for above fixes
and for other previously untested code paths.

2010-07-27 Jean-Paul Calderone <email address hidden>

* Re-arrange the repository so that the package can be built and
used in-place without requiring installation.

2010-02-27 James Yonan <email address hidden>

* src/crypto/crypto.c: Added crypto.sign and crypto.verify methods
that wrap EVP_Sign and EVP_Verify function families, using code
derived from Dave Cridland's PyOpenSSL branch.

* test/test_crypto.py: Added unit tests for crypto.sign and
crypto.verify.

2010-01-27 Jean-Paul Calderone <email address hidden>

* src/ssl/connection.c, src/util.h: Apply patch from Sandro Tosi to
fix misspellings of "compatibility".

2008-09-22 Jean-Paul Calderone <email address hidden>

* tsafe.py: Deprecated the thread-safe Connection wrapper, since the
basic connection class should be thread-safe now.

2008-09-21 Jean-Paul Calderone <email address hidden>

* src/ssl/ssl.h, src/ssl/ssl.c: Add a thread-local storage key
which will be used to store and retrieve PyThreadState pointers
whenever it is necessary to release or re-acquire the GIL.

* src/ssl/context.c: Change global_verify_callback so that it
unconditionally manipulates the Python threadstate, rather than
checking the tstate field which is now always NULL.

2008-04-26 Jean-Paul Calderone <email address hidden>

* src/ssl/context.c: Change global_passphrase_callback and
global_info_callback so that they acquire the GIL before
invoking any CPython APIs and do not release it until after they
are finished invoking all of them (based heavily on on patch
from Dan Williams).
* src/ssl/crypto.c: Initialize OpenSSL thread support so that it
is valid to use OpenSSL APIs from more than one thread (based on
patch from Dan Williams).
* test/test_crypto.py: Add tests for load_privatekey and
dump_privatekey when a passphrase or a passphrase callback is
supplied.
* test/test_ssl.py: Add tests for Context.set_passwd_cb and
Context.set_info_callback.

2008-03-26 Jean-Paul Calderone <email address hidden>

* src/crypto/x509name.c: Add X509Name.get_components

2008-03-25 Jean-Paul Calderone <email address hidden>

* src/crypto/x509name.c: Add hash and der methods to X509Name.
* src/crypto/x509.c: Fix a bug in X509.get_notBefore and
X509.get_notAfter preventing UTCTIME format timestamps from
working.

2008-03-12 Jean-Paul Calderone <email address hidden>

* Fix coding problems in examples/. Remove keys and certificates
and add a note about how to generate new ones.

2008-03-09 Jean-Paul Calderone <email address hidden>

* src/crypto/x509.c: Add getters and setters for the notBefore and
notAfter attributes of X509s.
* src/crypto/pkey.h, src/crypto/pkey.c, src/crypto/x509req.c,
src/crypto/x509.c: Track the initialized and public/private state
of EVP_PKEY structures underlying the crypto_PKeyObj type and
reject X509Req signature operations on keys not suitable for the
task.

2008-03-06 Jean-Paul Calderone <email address hidden>

* src/crypto/x509name.c: Fix tp_compare so it only returns -1, 0, or
1. This eliminates a RuntimeWarning emitted by Python.
* src/crypto/x509req.c: Fix reference counting for X509Name returned
by X509Req.get_subject. This removes a segfault when the subject
name outlives the request object.
* src/crypto/x509.c: Change get_serial_number and set_serial_number
to accept Python longs.
* doc/pyOpenSSL.tex: A number of minor corrections.

2008-03-03 Jean-Paul Calderone <email address hidden>

* src/crypto/crypto.c: Expose X509_verify_cert_error_string. (patch
from Victor Stinner)

2008-02-22 Jean-Paul Calderone <email address hidden>

* src/ssl/connection.c src/ssl/context.c src/ssl/ssl.c: Fix
compilation on Windows. (patch from Michael Schneider)

2008-02-21 Jean-Paul Calderone <email address hidden>

* src/ssl/connection.c: Expose SSL_get_shutdown and
SSL_set_shutdown. (patch from James Knight)
* src/ssl/ssl.c: Expose SSL_SENT_SHUTDOWN and SSL_RECEIVED_SHUTDOWN.
(patch from James Knight)

2008-02-19 Jean-Paul Calderone <email address hidden>

* src/ssl/context.c: Expose SSL_CTX_add_extra_chain_cert.
* src/crypto/x509name.c: Fix memory leaks in __getattr__ and
__setattr_ implementations.
* src/crypto/x509.c: Fix memory leak in X509.get_pubkey().
* leakcheck/: An attempt at a systematic approach to leak
elimination.