I am the author of those patches and I will try to document them this week.
Nevertheless, I already made a quick synopsis of each patch :
Nice to see that this code is useful for others ;-).
Selon Sebastian Vieira <sebvieira@...>:
> Hi Jean-Paul,
> I would love to take credit for the patches, and provide you with the
> documentation you asked for. But the truth is that i haven't written these,
> and to be honest my knowledge of C is extremely limited so i'm unable to
> answer these questions. Sorry.
> kind regards,
> On Sun, Mar 23, 2008 at 12:20 AM, Jean-Paul Calderone <exarkun@...>
> > On Sat, 22 Mar 2008 22:16:56 +0100, Sebastian Vieira <sebvieira@...>
> > wrote:
> > >Hi,
> > >
> > >Any chance of including the CRL patch found on http://tinyurl.com/2kj8o6?
> > >found that the required pkcs12 patched cleanly against the 0.7 source,
> > but
> > >the crl patch failed one hunk:
> > >
> > >patching file src/crypto/crypto.c
> > >Hunk #1 succeeded at 461 (offset -1 lines).
> > >Hunk #2 succeeded at 591 (offset -1 lines).
> > >Hunk #3 succeeded at 626 (offset -1 lines).
> > >Hunk #4 succeeded at 794 (offset 25 lines).
> > >Hunk #5 FAILED at 803.
> > >Hunk #6 succeeded at 872 (offset 26 lines).
> > >
> > >I ask this because my python/openvpn script depends on it :)
> > >
> > >kind regards,
> > >
> > Hey Sebastian,
> > This is definitely a possibility. I may need some help with it, though.
> > First, http://arnaud.desmons.free.fr/pyOpenSSL-0.6-crl.patch is the patch
> > you're referring to, right? And the patch which must be applied first is
> > http://arnaud.desmons.free.fr/pyOpenSSL-0.6-pkcs12.patch?
> > If so, here are some specific questions the answers to which would help me
> > out a bunch:
> > * What is the proper usage of crypto_dump_pkcs12?
> > * Is crypto_PKCS12_set_certificate stealing a reference (meaning memory
> > corruption will likely follow a call to it)?
> > * Same question for crypto_PKCS12_set_privatekey.
> > * Why the commented out lines in crypto_PKCS12_dealloc and in the
> > definition of crypto_PKCS12_Type?
> > * What is the proper usage of crypto_dump_crl?
> > And more generally:
> > * Documentation would be greatly appreciated. Either in the form of C
> > comments in the code, or docstrings exposed to Python (instead of the
> > empty strings currently given to the new APIs), or in LaTeX as diffs
> > against doc/pyOpenSSL.tex
> > * Unit tests would be even better. ;)
> > In the mean time, I've applied both patches (resolving the simple
> > conflicts)
> > and pushed a branch to launchpad -
> in case you want
> > to use that diff (since it applies clean to trunk now) or if you want to
> > generate any patches.
> > Jean-Paul