Merge pull request #79 from mitmproxy/remove_certffi

Remove certffi
This commit is contained in:
Aldo Cortesi 2015-06-27 09:22:33 +12:00
commit 3d6dc0879b
5 changed files with 5 additions and 133 deletions

View File

@ -1,41 +0,0 @@
from __future__ import (absolute_import, print_function, division)
from cffi import FFI
import OpenSSL
xffi = FFI()
xffi.cdef("""
struct rsa_meth_st {
int flags;
...;
};
struct rsa_st {
int pad;
long version;
struct rsa_meth_st *meth;
...;
};
""")
xffi.verify(
"""#include <openssl/rsa.h>""",
extra_compile_args=['-w']
)
def handle(privkey):
new = xffi.new("struct rsa_st*")
newbuf = xffi.buffer(new)
rsa = OpenSSL.SSL._lib.EVP_PKEY_get1_RSA(privkey._pkey)
oldbuf = OpenSSL.SSL._ffi.buffer(rsa)
newbuf[:] = oldbuf[:]
return new
def set_flags(privkey, val):
hdl = handle(privkey)
hdl.meth.flags = val
return privkey
def get_flags(privkey):
hdl = handle(privkey)
return hdl.meth.flags

View File

@ -333,12 +333,6 @@ class CertStore(object):
return entry.cert, entry.privatekey, entry.chain_file
def gen_pkey(self, cert_):
# FIXME: We should do something with cert here?
from . import certffi
certffi.set_flags(self.default_privatekey, 1)
return self.default_privatekey
class _GeneralName(univ.Choice):
# We are only interested in dNSNames. We use a default handler to ignore

View File

@ -1,5 +1,3 @@
from distutils.command.build import build
from setuptools.command.install import install
from setuptools import setup, find_packages
from codecs import open
import os
@ -15,25 +13,6 @@ here = os.path.abspath(os.path.dirname(__file__))
with open(os.path.join(here, 'README.mkd'), encoding='utf-8') as f:
long_description = f.read()
def get_ext_modules():
from netlib import certffi
return [certffi.xffi.verifier.get_extension()]
class CFFIBuild(build):
def finalize_options(self):
self.distribution.ext_modules = get_ext_modules()
build.finalize_options(self)
class CFFIInstall(install):
def finalize_options(self):
self.distribution.ext_modules = get_ext_modules()
install.finalize_options(self)
setup(
name="netlib",
version=version.VERSION,
@ -62,16 +41,12 @@ setup(
include_package_data=True,
zip_safe=False,
install_requires=[
"cffi",
"pyasn1>=0.1.7",
"pyOpenSSL>=0.15.1",
"cryptography>=0.9",
"passlib>=1.6.2",
"hpack>=1.0.1",
"certifi"],
setup_requires=[
"cffi",
"pyOpenSSL>=0.15.1",
"certifi"
],
extras_require={
'dev': [
@ -84,9 +59,7 @@ setup(
"wheel>=0.24.0",
"pathod>=%s, <%s" %
(version.MINORVERSION,
version.NEXT_MINORVERSION)]},
cmdclass={
"build": CFFIBuild,
"install": CFFIInstall,
version.NEXT_MINORVERSION)
]
},
)

View File

@ -1,5 +1,5 @@
import os
from netlib import certutils, certffi
from netlib import certutils
import tutils
# class TestDNTree:
@ -92,24 +92,6 @@ class TestCertStore:
ret = ca1.get_cert("foo.com", [])
assert ret[0].serial == dc[0].serial
def test_gen_pkey(self):
try:
with tutils.tmpdir() as d:
ca1 = certutils.CertStore.from_store(
os.path.join(
d,
"ca1"),
"test")
ca2 = certutils.CertStore.from_store(
os.path.join(
d,
"ca2"),
"test")
cert = ca1.get_cert("foo.com", [])
assert certffi.get_flags(ca2.gen_pkey(cert[0])) == 1
finally:
certffi.set_flags(ca2.default_privatekey, 0)
class TestDummyCert:

View File

@ -10,7 +10,7 @@ import mock
from OpenSSL import SSL
import OpenSSL
from netlib import tcp, certutils, certffi
from netlib import tcp, certutils
from . import tutils, tservers
@ -566,42 +566,6 @@ class TestDHParams(tservers.ServerTestBase):
assert os.path.exists(filename)
class TestPrivkeyGen(tservers.ServerTestBase):
class handler(tcp.BaseHandler):
def handle(self):
with tutils.tmpdir() as d:
ca1 = certutils.CertStore.from_store(d, "test2")
ca2 = certutils.CertStore.from_store(d, "test3")
cert, _, _ = ca1.get_cert("foo.com", [])
key = ca2.gen_pkey(cert)
self.convert_to_ssl(cert, key)
def test_privkey(self):
c = tcp.TCPClient(("127.0.0.1", self.port))
c.connect()
tutils.raises("bad record mac", c.convert_to_ssl)
class TestPrivkeyGenNoFlags(tservers.ServerTestBase):
class handler(tcp.BaseHandler):
def handle(self):
with tutils.tmpdir() as d:
ca1 = certutils.CertStore.from_store(d, "test2")
ca2 = certutils.CertStore.from_store(d, "test3")
cert, _, _ = ca1.get_cert("foo.com", [])
certffi.set_flags(ca2.default_privatekey, 0)
self.convert_to_ssl(cert, ca2.default_privatekey)
def test_privkey(self):
c = tcp.TCPClient(("127.0.0.1", self.port))
c.connect()
tutils.raises("sslv3 alert handshake failure", c.convert_to_ssl)
class TestTCPClient:
def test_conerr(self):