From d1904c2f52dfc7409ae275bb081f23635c94acc9 Mon Sep 17 00:00:00 2001
From: Maximilian Hils <git@maximilianhils.com>
Date: Fri, 18 Sep 2015 15:38:31 +0200
Subject: [PATCH] python3++

---
 netlib/certutils.py | 40 ++++++++++++++++++++--------------------
 1 file changed, 20 insertions(+), 20 deletions(-)

diff --git a/netlib/certutils.py b/netlib/certutils.py
index c3b795acc..9193b7579 100644
--- a/netlib/certutils.py
+++ b/netlib/certutils.py
@@ -12,7 +12,7 @@ import OpenSSL
 
 DEFAULT_EXP = 157680000  # = 24 * 60 * 60 * 365 * 5
 # Generated with "openssl dhparam". It's too slow to generate this on startup.
-DEFAULT_DHPARAM = """
+DEFAULT_DHPARAM = b"""
 -----BEGIN DH PARAMETERS-----
 MIICCAKCAgEAyT6LzpwVFS3gryIo29J5icvgxCnCebcdSe/NHMkD8dKJf8suFCg3
 O2+dguLakSVif/t6dhImxInJk230HmfC8q93hdcg/j8rLGJYDKu3ik6H//BAHKIv
@@ -43,29 +43,29 @@ def create_ca(o, cn, exp):
     cert.set_pubkey(key)
     cert.add_extensions([
         OpenSSL.crypto.X509Extension(
-            "basicConstraints",
+            b"basicConstraints",
             True,
-            "CA:TRUE"
+            b"CA:TRUE"
         ),
         OpenSSL.crypto.X509Extension(
-            "nsCertType",
+            b"nsCertType",
             False,
-            "sslCA"
+            b"sslCA"
         ),
         OpenSSL.crypto.X509Extension(
-            "extendedKeyUsage",
+            b"extendedKeyUsage",
             False,
-            "serverAuth,clientAuth,emailProtection,timeStamping,msCodeInd,msCodeCom,msCTLSign,msSGC,msEFS,nsSGC"
+            b"serverAuth,clientAuth,emailProtection,timeStamping,msCodeInd,msCodeCom,msCTLSign,msSGC,msEFS,nsSGC"
         ),
         OpenSSL.crypto.X509Extension(
-            "keyUsage",
+            b"keyUsage",
             True,
-            "keyCertSign, cRLSign"
+            b"keyCertSign, cRLSign"
         ),
         OpenSSL.crypto.X509Extension(
-            "subjectKeyIdentifier",
+            b"subjectKeyIdentifier",
             False,
-            "hash",
+            b"hash",
             subject=cert
         ),
     ])
@@ -103,7 +103,7 @@ def dummy_cert(privkey, cacert, commonname, sans):
     if ss:
         cert.set_version(2)
         cert.add_extensions(
-            [OpenSSL.crypto.X509Extension("subjectAltName", False, ss)])
+            [OpenSSL.crypto.X509Extension(b"subjectAltName", False, ss)])
     cert.set_pubkey(cacert.get_pubkey())
     cert.sign(privkey, "sha256")
     return SSLCert(cert)
@@ -291,14 +291,14 @@ class CertStore(object):
 
     @staticmethod
     def asterisk_forms(dn):
-        parts = dn.split(".")
+        parts = dn.split(b".")
         parts.reverse()
-        curr_dn = ""
-        dn_forms = ["*"]
+        curr_dn = b""
+        dn_forms = [b"*"]
         for part in parts[:-1]:
-            curr_dn = "." + part + curr_dn  # .example.com
-            dn_forms.append("*" + curr_dn)   # *.example.com
-        if parts[-1] != "*":
+            curr_dn = b"." + part + curr_dn  # .example.com
+            dn_forms.append(b"*" + curr_dn)   # *.example.com
+        if parts[-1] != b"*":
             dn_forms.append(parts[-1] + curr_dn)
         return dn_forms
 
@@ -430,7 +430,7 @@ class SSLCert(object):
     def cn(self):
         c = None
         for i in self.subject:
-            if i[0] == "CN":
+            if i[0] == b"CN":
                 c = i[1]
         return c
 
@@ -439,7 +439,7 @@ class SSLCert(object):
         altnames = []
         for i in range(self.x509.get_extension_count()):
             ext = self.x509.get_extension(i)
-            if ext.get_short_name() == "subjectAltName":
+            if ext.get_short_name() == b"subjectAltName":
                 try:
                     dec = decode(ext.get_data(), asn1Spec=_GeneralNames())
                 except PyAsn1Error: