From c44f354fd0f9b4f1432913dd70cf1579910dfa4b Mon Sep 17 00:00:00 2001
From: Maximilian Hils <git@maximilianhils.com>
Date: Sat, 17 Aug 2013 16:15:37 +0200
Subject: [PATCH 1/4] fix windows bugs

---
 netlib/tcp.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/netlib/tcp.py b/netlib/tcp.py
index 31e9a398e..2de647aec 100644
--- a/netlib/tcp.py
+++ b/netlib/tcp.py
@@ -235,6 +235,7 @@ class TCPClient:
         try:
             if self.ssl_established:
                 self.connection.shutdown()
+                self.connection.sock_shutdown(socket.SHUT_WR)
             else:
                 self.connection.shutdown(socket.SHUT_WR)
             #Section 4.2.2.13 of RFC 1122 tells us that a close() with any pending readable data could lead to an immediate RST being sent.
@@ -302,6 +303,7 @@ class BaseHandler:
         if request_client_cert:
             def ver(*args):
                 self.clientcert = certutils.SSLCert(args[1])
+                return True
             ctx.set_verify(SSL.VERIFY_PEER, ver)
         self.connection = SSL.Connection(ctx, self.connection)
         self.ssl_established = True
@@ -338,6 +340,7 @@ class BaseHandler:
         try:
             if self.ssl_established:
                 self.connection.shutdown()
+                self.connection.sock_shutdown(socket.SHUT_WR)
             else:
                 self.connection.shutdown(socket.SHUT_WR)
             #Section 4.2.2.13 of RFC 1122 tells us that a close() with any pending readable data could lead to an immediate RST being sent.

From 28a0030c1ecacb8ac5c6e6453b6a22bdf94d9f7e Mon Sep 17 00:00:00 2001
From: Maximilian Hils <git@maximilianhils.com>
Date: Mon, 19 Aug 2013 19:41:20 +0200
Subject: [PATCH 2/4] compatibility fixes for windows

---
 netlib/tcp.py          | 3 ++-
 netlib/test.py         | 2 +-
 setup.py               | 2 +-
 test/test_http_auth.py | 2 +-
 4 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/netlib/tcp.py b/netlib/tcp.py
index 2de647aec..f4a713f95 100644
--- a/netlib/tcp.py
+++ b/netlib/tcp.py
@@ -303,7 +303,8 @@ class BaseHandler:
         if request_client_cert:
             def ver(*args):
                 self.clientcert = certutils.SSLCert(args[1])
-                return True
+                # err 20 = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
+                #return True
             ctx.set_verify(SSL.VERIFY_PEER, ver)
         self.connection = SSL.Connection(ctx, self.connection)
         self.ssl_established = True
diff --git a/netlib/test.py b/netlib/test.py
index 661395c50..87802bd53 100644
--- a/netlib/test.py
+++ b/netlib/test.py
@@ -52,7 +52,7 @@ class TServer(tcp.TCPServer):
         self.last_handler = h
         if self.ssl:
             cert = certutils.SSLCert.from_pem(
-                file(self.ssl["cert"], "r").read()
+                file(self.ssl["cert"], "rb").read()
             )
             if self.ssl["v3_only"]:
                 method = tcp.SSLv3_METHOD
diff --git a/setup.py b/setup.py
index e0dff0ff5..1b2a14f9e 100644
--- a/setup.py
+++ b/setup.py
@@ -65,7 +65,7 @@ def findPackages(path, dataExclude=[]):
     return packages, package_data
 
 
-long_description = file("README").read()
+long_description = file("README","rb").read()
 packages, package_data = findPackages("netlib")
 setup(
         name = "netlib",
diff --git a/test/test_http_auth.py b/test/test_http_auth.py
index cae69f5e8..83de0fa1c 100644
--- a/test/test_http_auth.py
+++ b/test/test_http_auth.py
@@ -17,7 +17,7 @@ class TestPassManHtpasswd:
         tutils.raises("invalid htpasswd", http_auth.PassManHtpasswd, s)
 
     def test_simple(self):
-        f = open(tutils.test_data.path("data/htpasswd"))
+        f = open(tutils.test_data.path("data/htpasswd"),"rb")
         pm = http_auth.PassManHtpasswd(f)
 
         vals = ("basic", "test", "test")

From 5e4ccbd7edc6eebf9eee25fd4d6ca64994ed6522 Mon Sep 17 00:00:00 2001
From: Maximilian Hils <git@maximilianhils.com>
Date: Tue, 19 Nov 2013 04:11:24 +0100
Subject: [PATCH 3/4] attempt to fix #24

---
 netlib/http.py    | 17 ++++-------------
 test/test_http.py | 22 +++++-----------------
 2 files changed, 9 insertions(+), 30 deletions(-)

diff --git a/netlib/http.py b/netlib/http.py
index f1a2bfb56..7060b688b 100644
--- a/netlib/http.py
+++ b/netlib/http.py
@@ -283,32 +283,23 @@ def parse_init_http(line):
     return method, url, httpversion
 
 
-def request_connection_close(httpversion, headers):
+def connection_close(httpversion, headers):
     """
-        Checks the request to see if the client connection should be closed.
+        Checks the message to see if the client connection should be closed according to RFC 2616 Section 8.1
     """
+    # At first, check if we have an explicit Connection header.
     if "connection" in headers:
         toks = get_header_tokens(headers, "connection")
         if "close" in toks:
             return True
         elif "keep-alive" in toks:
             return False
-    # HTTP 1.1 connections are assumed to be persistent
+    # If we don't have a Connection header, HTTP 1.1 connections are assumed to be persistent
     if httpversion == (1, 1):
         return False
     return True
 
 
-def response_connection_close(httpversion, headers):
-    """
-        Checks the response to see if the client connection should be closed.
-    """
-    if request_connection_close(httpversion, headers):
-        return True
-    elif (not has_chunked_encoding(headers)) and "content-length" in headers:
-        return False
-    return True
-
 
 def read_http_body_request(rfile, wfile, headers, httpversion, limit):
     """
diff --git a/test/test_http.py b/test/test_http.py
index 62d0c3dcc..4d89bf246 100644
--- a/test/test_http.py
+++ b/test/test_http.py
@@ -38,28 +38,16 @@ def test_read_chunked():
     tutils.raises("too large", http.read_chunked, 500, s, 2)
 
 
-def test_request_connection_close():
+def test_connection_close():
     h = odict.ODictCaseless()
-    assert http.request_connection_close((1, 0), h)
-    assert not http.request_connection_close((1, 1), h)
+    assert http.connection_close((1, 0), h)
+    assert not http.connection_close((1, 1), h)
 
     h["connection"] = ["keep-alive"]
-    assert not http.request_connection_close((1, 1), h)
+    assert not http.connection_close((1, 1), h)
 
     h["connection"] = ["close"]
-    assert http.request_connection_close((1, 1), h)
-
-
-def test_response_connection_close():
-    h = odict.ODictCaseless()
-    assert http.response_connection_close((1, 1), h)
-
-    h["content-length"] = [10]
-    assert not http.response_connection_close((1, 1), h)
-
-    h["connection"] = ["close"]
-    assert http.response_connection_close((1, 1), h)
-
+    assert http.connection_close((1, 1), h)
 
 def test_read_http_body_response():
     h = odict.ODictCaseless()

From 5aad09ab816b2343ca686d45e6c5d2b8ba07b10b Mon Sep 17 00:00:00 2001
From: Aldo Cortesi <aldo@nullcube.com>
Date: Sun, 8 Dec 2013 10:15:19 +1300
Subject: [PATCH 4/4] Fix client certificate request feature.

---
 netlib/tcp.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/netlib/tcp.py b/netlib/tcp.py
index f4a713f95..234587429 100644
--- a/netlib/tcp.py
+++ b/netlib/tcp.py
@@ -303,8 +303,8 @@ class BaseHandler:
         if request_client_cert:
             def ver(*args):
                 self.clientcert = certutils.SSLCert(args[1])
-                # err 20 = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
-                #return True
+                # Return true to prevent cert verification error
+                return True
             ctx.set_verify(SSL.VERIFY_PEER, ver)
         self.connection = SSL.Connection(ctx, self.connection)
         self.ssl_established = True