Menu
▾
▴
pyopenssl-list — General discussion list for users and developers of pyOpenSSL
You can subscribe to this list here.
| 2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(6) |
Aug
(9) |
Sep
(2) |
Oct
(15) |
Nov
(1) |
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
(17) |
Feb
(2) |
Mar
(3) |
Apr
(2) |
May
(1) |
Jun
|
Jul
(9) |
Aug
(4) |
Sep
|
Oct
|
Nov
(4) |
Dec
(1) |
| 2004 |
Jan
|
Feb
(2) |
Mar
(7) |
Apr
(1) |
May
|
Jun
|
Jul
(4) |
Aug
(6) |
Sep
(13) |
Oct
(5) |
Nov
(1) |
Dec
(4) |
| 2005 |
Jan
(1) |
Feb
(7) |
Mar
(2) |
Apr
(2) |
May
|
Jun
(1) |
Jul
(7) |
Aug
(5) |
Sep
(3) |
Oct
(4) |
Nov
|
Dec
(1) |
| 2006 |
Jan
(1) |
Feb
|
Mar
(3) |
Apr
(1) |
May
|
Jun
(7) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(9) |
Dec
(2) |
| 2007 |
Jan
(4) |
Feb
|
Mar
(2) |
Apr
(1) |
May
(5) |
Jun
(6) |
Jul
|
Aug
(7) |
Sep
|
Oct
(1) |
Nov
(2) |
Dec
|
| 2008 |
Jan
(2) |
Feb
|
Mar
(10) |
Apr
(4) |
May
(3) |
Jun
(3) |
Jul
(5) |
Aug
(2) |
Sep
(30) |
Oct
(12) |
Nov
(5) |
Dec
(2) |
| 2009 |
Jan
(7) |
Feb
(1) |
Mar
(26) |
Apr
(20) |
May
(4) |
Jun
(1) |
Jul
(7) |
Aug
(21) |
Sep
(2) |
Oct
(9) |
Nov
(8) |
Dec
|
| 2010 |
Jan
(4) |
Feb
(5) |
Mar
(3) |
Apr
(1) |
May
|
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
(5) |
Nov
(3) |
Dec
|
| 2011 |
Jan
(1) |
Feb
|
Mar
|
Apr
(13) |
May
|
Jun
|
Jul
|
Aug
(3) |
Sep
(1) |
Oct
(6) |
Nov
(11) |
Dec
|
| 2012 |
Jan
|
Feb
(1) |
Mar
|
Apr
|
May
(1) |
Jun
|
Jul
(1) |
Aug
(13) |
Sep
(1) |
Oct
|
Nov
|
Dec
(3) |
|
From: t47 <t4_...@gm...> - 2005-07-28 18:28:44
|
hi list, im experimenting with pyopenssl and really like it so far :D i only have one problem, the maximum transmission size seems to be limited to 16384. no matter what higher value i pass to socket.recv(), whenever i send more than 16kb the server-side receive fails. is there any hidden switch i am missing or what can i do about this ? thanks in advance, t47. python 2.3.5-4 pyopenssl 0.6-2 debian sarge |
|
From: <ad...@ec...> - 2005-07-21 09:00:33
|
HI Nick,
I'm using GSI proxies and normal certificates and I'm importing them
using <Context object>.use_certificate_chain_file( file ). Does that
fail when using comodo signed certificates?.
Adri.
> After doing a little digging I am still unable to figure out how to
> import a cert chain. Is this function possible in pyopenssl?
> I have a python based web application (using twisted.web and quixote)
> that uses pyopenssl and would like to use my cert and not have it
> present the warning (it is a comodo signed certificate).
> Any pointers appreciated.
>
> nb
>
>
> -------------------------------------
> Nick Buraglio
> ni...@bu...
> GnuPG Key: 0x2E5B44F4
>
>
>
>
> -------------------------------------------------------
> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
> from IBM. Find simple to follow Roadmaps, straightforward articles,
> informative Webcasts and more! Get everything you need to get up to
> speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
> _______________________________________________
> pyopenssl-list mailing list
> pyo...@li...
> https://lists.sourceforge.net/lists/listinfo/pyopenssl-list
>
|
|
From: Nick B. <ni...@bu...> - 2005-07-20 16:05:08
|
After doing a little digging I am still unable to figure out how to import a cert chain. Is this function possible in pyopenssl? I have a python based web application (using twisted.web and quixote) that uses pyopenssl and would like to use my cert and not have it present the warning (it is a comodo signed certificate). Any pointers appreciated. nb ------------------------------------- Nick Buraglio ni...@bu... GnuPG Key: 0x2E5B44F4 |
|
From: Dan W. <dc...@re...> - 2005-07-12 18:28:18
|
On Tue, 2005-07-12 at 10:57 -0400, Dan Williams wrote:
> Hi,
> However, even with that patch, python falls over fairly quickly on
> multi-cpu boxes with segfaults, while single-cpu boxes work 90% of the
> time and segfault after a while. Turning off SSL in the testcases
> results in success. Debug builds of python fail fairly quickly using
> SSL under test cases with this message:
>
> Fatal Python error: UNREF invalid object
> Abort
>
> So I've thought of a number of things here:
>
> 1) The pyOpenSSL locking patch I've applied isn't working correctly, or
> I've forgotten some bits
> 2) Maybe we need to grab python locks in the pyOpenSSL locking patch in
> addition to the local pthreads lock
> 3) Perhaps pyOpenSSL needs to lock calls into OpenSSL with python locks
> too
> 4) Incorrect reference counting in pyOpenSSL?
> 5) Incorrect reference counting in python itself?
>
> I'd be very grateful if anyone has tips on how to debug this sort of
> thing, or has insights/ideas about threading, python, OpenSSL, and
> pyOpenSSL. I'd be happy to provide more condensed testcases than just
> the CVSweb link above, if that would help.
In partial reply to myself, this patch seems to help somewhat, along
with the threading one earlier... I'm not sure why though.
--- pyOpenSSL-0.6/src/ssl/context.c.threadsafe 2004-08-06 06:24:38.000000000 -0400
+++ pyOpenSSL-0.6/src/ssl/context.c 2005-07-12 13:34:41.000000000 -0400
@@ -117,12 +117,15 @@
crypto_X509Obj *cert;
int errnum, errdepth, c_ret;
- cert = crypto_X509_New(X509_STORE_CTX_get_current_cert(x509_ctx), 0);
errnum = X509_STORE_CTX_get_error(x509_ctx);
errdepth = X509_STORE_CTX_get_error_depth(x509_ctx);
ssl = (SSL *)X509_STORE_CTX_get_app_data(x509_ctx);
conn = (ssl_ConnectionObj *)SSL_get_app_data(ssl);
+ MY_END_ALLOW_THREADS(conn->tstate);
+ cert = crypto_X509_New(X509_STORE_CTX_get_current_cert(x509_ctx), 0);
+ MY_BEGIN_ALLOW_THREADS(conn->tstate);
+
argv = Py_BuildValue("(OOiii)", (PyObject *)conn, (PyObject *)cert,
errnum, errdepth, ok);
Py_DECREF(cert);
|
|
From: Dan W. <dc...@re...> - 2005-07-12 14:57:22
|
Hi, I'm using pyOpenSSL for the Fedora Extras build system after discovering that m2crypto was (1) less stable and (2) more complicated. The stuff I've been developing is available here, and implements XMLRPC server + client and HTTP server + client with two-way client server certificate verification. http://cvs.fedora.redhat.com/viewcvs/extras-buildsys/?root=fedora Interesting stuff is probably in the 'common' directory, including AuthedXMLRPCServer.py, XMLRPCServerProxy.py, HTTPServer.py, and HTTPSURLOpener.py. It's inspired by, in part, pyOpenSSL examples, m2crypto's workarounds, RHN/up2date usage of pyOpenSSL, and some other random stuff. It does mostly work, feel free to look it over for bugs or as examples. So on the problem... Both the XMLRPC server/client and the HTTPS server/client have tests built in that make heavy use of threads. The pyOpenSSL package in Fedora Core is _not_ built with OpenSSL thread safety, the patch is attached to this email. However, even with that patch, python falls over fairly quickly on multi-cpu boxes with segfaults, while single-cpu boxes work 90% of the time and segfault after a while. Turning off SSL in the testcases results in success. Debug builds of python fail fairly quickly using SSL under test cases with this message: Fatal Python error: UNREF invalid object Abort So I've thought of a number of things here: 1) The pyOpenSSL locking patch I've applied isn't working correctly, or I've forgotten some bits 2) Maybe we need to grab python locks in the pyOpenSSL locking patch in addition to the local pthreads lock 3) Perhaps pyOpenSSL needs to lock calls into OpenSSL with python locks too 4) Incorrect reference counting in pyOpenSSL? 5) Incorrect reference counting in python itself? I'd be very grateful if anyone has tips on how to debug this sort of thing, or has insights/ideas about threading, python, OpenSSL, and pyOpenSSL. I'd be happy to provide more condensed testcases than just the CVSweb link above, if that would help. Thanks! Dan |
|
From: Ogz <com...@gm...> - 2005-07-02 20:13:16
|
Below is a sample code.=20 As i understood this is the client side part of the code. What else do i need to write its server part and should i use use_certificate_file or privatekey_file? If so how? Please show me with a samplke little code. #!/usr/bin/env python # OpenSSL example with verification - Chapter 15 - osslverify.py # # Command-line arguments -- root CA file, remote host import socket, sys from OpenSSL import SSL # Grab the command-line parameters #cafile, host =3D sys.argv[1:] # cafile =3D 'certfiles.crt' host =3D 'www.openssl.org' def printx509(x509): """Display an X.509 certificate""" fields =3D {'country_name': 'Country', 'SP': 'State/Province', 'L': 'Locality', 'O': 'Organization', 'OU': 'Organizational Unit', 'CN': 'Common Name', 'email': 'E-Mail'} for field, desc in fields.items(): try: print "%30s: %s" % (desc, getattr(x509, field)) except: pass # Whether or not the certificate name has been verified cnverified =3D 0 def verify(connection, certificate, errnum, depth, ok): """Verify a given certificate""" global cnverified print connection, certificate, errnum, depth, ok=09 subject =3D certificate.get_subject() issuer =3D certificate.get_issuer() print "Certificate from:" printx509(subject) print "\nIssued By:" printx509(issuer) if not ok: # OpenSSL could not verify the digital signature. print "Could not verify certificate." return 0 # Digital signature verified. Now make sure it's for the server # we connected to. if subject.CN =3D=3D None or subject.CN.lower() !=3D host.lower(): print "Connected to %s, but got cert for %s" % \ (host, subject.CN) else: cnverified =3D 1 if depth =3D=3D 0 and not cnverified: print "Could not verify server name; failing." return 0 print "-" * 70 return 1=20 =20 ctx =3D SSL.Context(SSL.SSLv23_METHOD) ctx.load_verify_locations(cafile) # Set up the verification. Notice we pass the verify function to # ctx.set_verify() ctx.set_verify(SSL.VERIFY_PEER | SSL.VERIFY_FAIL_IF_NO_PEER_CERT, verify) print "Creating socket...", s =3D socket.socket(socket.AF_INET, socket.SOCK_STREAM) print "done." ssl =3D SSL.Connection(ctx, s) print "Establishing SSL...", ssl.connect((host, 443)) print "done." print "Requesting document..." ssl.sendall("GET / HTTP/1.0\r\n\r\n") print "done." while 1: try: buf =3D ssl.recv(4096) except SSL.ZeroReturnError: break sys.stdout.write(buf) ssl.close() |
|
From: Ogz <com...@gm...> - 2005-07-02 13:49:34
|
Below is a sample code part:
ctx =3D SSL.Context(SSL.SSLv23_METHOD)
ctx.load_verify_locations(cafile)
ctx.set_verify(SSL.VERIFY_PEER | SSL.VERIFY_FAIL_IF_NO_PEER_CERT, verify)
s =3D socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ssl =3D SSL.Connection(ctx, s)
ssl.connect((host, 443))
ssl.sendall("GET / HTTP/1.0\r\n\r\n")
at this point, the verify call back works. and if it turned 0 somehow
the execution stops. I want to understand the work logic of
SSL.VERIFY_FAIL_IF_NO_PEER_CERT, verify)
And will be happy if someone send me a sample code for both client and
server side, client side will have a public key and server side will
have both public and private and will be able to check whether this
user is allowed
Just two sample that shows the main logic.
I think it will be helpfull many other beginners like me.
|
|
From: Hendrik M. <Hen...@we...> - 2005-06-15 12:34:38
|
Hello, the attached patch fixes a problem when using socket.setdefaulttimeout(x) (new in Python 2.3) together with the SecureXMLRPCServer (from the examples directory). The patch wraps socket.recv(buffer, flag) and discards SSL.WantReadError Exceptions. This exception is raised if setdefaulttimeout is used. The exception is not handled in the socket module, because it did not know about such an Exception in this place. I do not know if this is the right way to do it. It is more a workaround. Hendrik |
|
From: Matthew R. D. s. <MKR...@lb...> - 2005-04-18 18:09:55
|
Adria Casajus wrote: > Hi, > > My name is Adrian and I'm working in grid related apps. For some > time we've been developing a secure python XMLRPC server using > pyOpenSSL. We found pyOpenSSL was a really nice platform to start > working but it missed some features. And had a little threads problem. > After some time working with it we've managed to add some features and > debug the memory problem it had. > > The major features added are: > > GSI proxy support added. > SSL Sessions added. > SSL thread-safe callbacks added. > > It's not a huge deal but we find them very useful. I'm sending you the > complete tar. > > > Cheers, > > Adri. > Thanks for submitting the tarball, Adrian. I've been working on adding features that help pyOpenssl work with GSI as well. FYI the newest development releases of openssl have proxy ceritificate support, and the globus toolkit out of cvs is now generating proxy certificates that are compliant to RFC 3820. It is possible to verify the proxy certificate chain using the verification function provided by the development version of openssl. For the older versions openssl and globus we need to use the verification callback that you have in your tarball. Thanks, Matt Rodriguez |
|
From: Adria C. <ad...@ec...> - 2005-04-15 09:56:02
|
Hi, My name is Adrian and I'm working in grid related apps. For some time we've been developing a secure python XMLRPC server using pyOpenSSL. We found pyOpenSSL was a really nice platform to start working but it missed some features. And had a little threads problem. After some time working with it we've managed to add some features and debug the memory problem it had. The major features added are: GSI proxy support added. SSL Sessions added. SSL thread-safe callbacks added. It's not a huge deal but we find them very useful. I'm sending you the complete tar. Cheers, Adri. |
|
From: Matthew R. D. s. <MKR...@lb...> - 2005-03-29 01:44:22
|
I would like to add another feature to pyopenssl. It would allow for a different certificate chain verification callback. The callback would give access to the X509_STORE_CTX structure. The current callback function globus_verify_callback is ok, but it doesn't do everything that our project needs. So I would like to add anther callback that would pass this data structure up to Python. That being said, I was wondering what the plans are for the next release of pyopenssl. I have submitted a patch that allows session resumption and now I want to add another feature to pyopenssl, but I also need to have these features be in a release in the near future, the last release was in August. I would be willing to spend time working on the release of pyopenssl, and even becoming a developer on the project. I've been pretty happy with the functionality that pyOpenSSL provides, and I would like to work on improving this software. What are people's thoughts on another release? Thanks Matt Rodriguez |
|
From: Matthew Z. <mz...@ag...> - 2005-03-09 21:45:30
|
Hello. The documentation for OpenSSL.crypto.X509Name makes no mention of the DC fields of the X509_NAME struct being accessible... however, I need to read the value for a project I'm currently working on. I decided to try accessing ".DC" on an X509Name instance anyway and noticed that it is in fact available. Problem is, I can only seem to access the first DC field. So, my question: is it possible to access multiple DC fields via pyopenssl, or did I just stumble upon an oddity that's best left alone until a future release? Thanks. btw - I am running pyopenssl 0.6, Python 2.3.3, RH Linux. |
|
From: Kototama <kot...@al...> - 2005-02-22 22:34:33
|
Hello,
I don't have the same behaviour with two codes who are quite the same,
one using SSL, the other not. I tested the programs with stunnel and
telnet , respectively.
Here are the first code :
------------------------------------------------------------------------------------------------------------------------------------------------
#!/usr/bin/python
from select import select
import socket
if __name__ == '__main__':
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind(('', 6001))
s.listen(5)
ready_read = {}
ready_send = {}
ready_read[s] = s
while True:
rs, ws, _ = select(ready_read.keys(), ready_send.keys(), [], 2)
print '.'
for r in rs:
if r == s:
(cli, addr) = s.accept()
ready_send[cli] = cli
ready_read[cli] = cli
else:
ret = r.recv(1000)
print 'ret =', ret
for w in ws:
w.send('you have to give up')
------------------------------------------------------------------------------------------------------------------------------------------------
The client receive the 'you have to give up' sentence every two seconds.
The second code is :
------------------------------------------------------------------------------------------------------------------------------------------------
#!/usr/bin/python
from select import select
import socket
from OpenSSL import SSL
import os
def verify_cb():
return ok
if __name__ == '__main__':
dir = ''
ctx = SSL.Context(SSL.SSLv23_METHOD)
ctx.set_options(SSL.OP_NO_SSLv2)
ctx.set_verify(SSL.VERIFY_NONE, verify_cb)
ctx.use_privatekey_file (os.path.join(dir, 'server.pkey'))
ctx.use_certificate_file(os.path.join(dir, 'server.cert'))
ctx.load_verify_locations(os.path.join(dir, 'CA.cert'))
s = SSL.Connection(ctx, socket.socket(socket.AF_INET,
socket.SOCK_STREAM))
#s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind(('', 6000))
s.listen(5)
s.setblocking(0)
ready_read = {}
ready_send = {}
ready_read[s] = s
while True:
rs, ws, _ = select(ready_read.keys(), ready_send.keys(), [], 2)
print '.'
for r in rs:
if r == s:
(cli, addr) = s.accept()
ready_send[cli] = cli
ready_read[cli] = cli
else:
ret = r.recv(1000)
print 'ret =', ret
for w in ws:
w.send('you have to give up')
------------------------------------------------------------------------------------------------------------------------------------------------
The server blocks on recv here.
In both case I don't send anything with the client. (Perhaps stunnel
send something that I don't see ?)
Why does the server block ?
Kototama
|
|
From: Michael F. <mi...@pc...> - 2005-02-16 15:43:07
|
Sorry - resend - I garbled the last message a bit. My apologies. Attempting to build for windows - take 2. If I copy the '.a' and '.def' files to the 'C:\mingw32\lib' directory and the include files to 'C:\mingw32\includes' - I get a very different error message. D:\Downloads\pyOpenSSL-0.6>setup.py build_ext -cmingw32 running build_ext building 'OpenSSL.crypto' extension creating build creating build\temp.win32-2.3 creating build\temp.win32-2.3\Release creating build\temp.win32-2.3\Release\src creating build\temp.win32-2.3\Release\src\crypto C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/crypto.c -o build\temp.win32-2.3\Release\src\crypto\crypto. o src/crypto/crypto.c:20: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/pkey.c -o build\temp.win32-2.3\Release\src\crypto\pkey.o src/crypto/pkey.c:14: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/netscape_spki.c -o build\temp.win32-2.3\Release\src\crypto\ netscape_spki.o src/crypto/netscape_spki.c:12: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509req.c -o build\temp.win32-2.3\Release\src\crypto\x509re q.o src/crypto/x509req.c:13: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/pkcs12.c -o build\temp.win32-2.3\Release\src\crypto\pkcs12. o src/crypto/pkcs12.c:17: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/util.c -o build\temp.win32-2.3\Release\src\util.o src/util.c:14: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509.c -o build\temp.win32-2.3\Release\src\crypto\x509.o src/crypto/x509.c:15: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/pkcs7.c -o build\temp.win32-2.3\Release\src\crypto\pkcs7.o src/crypto/pkcs7.c:14: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509store.c -o build\temp.win32-2.3\Release\src\crypto\x509 store.o src/crypto/x509store.c:13: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509ext.c -o build\temp.win32-2.3\Release\src\crypto\x509ex t.o src/crypto/x509ext.c:14: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509name.c -o build\temp.win32-2.3\Release\src\crypto\x509n ame.o src/crypto/x509name.c:15: warning: 'CVSid' defined but not used writing build\temp.win32-2.3\Release\src\crypto\crypto.def creating build\lib.win32-2.3 creating build\lib.win32-2.3\OpenSSL C:\MinGW\bin\gcc.exe -mno-cygwin -shared -s build\temp.win32-2.3\Release\src\cry pto\crypto.o build\temp.win32-2.3\Release\src\crypto\x509.o build\temp.win32-2.3 \Release\src\crypto\x509name.o build\temp.win32-2.3\Release\src\crypto\pkey.o bu ild\temp.win32-2.3\Release\src\crypto\x509store.o build\temp.win32-2.3\Release\s rc\crypto\x509req.o build\temp.win32-2.3\Release\src\crypto\x509ext.o build\temp .win32-2.3\Release\src\crypto\pkcs7.o build\temp.win32-2.3\Release\src\crypto\pk cs12.o build\temp.win32-2.3\Release\src\crypto\netscape_spki.o build\temp.win32- 2.3\Release\src\util.o build\temp.win32-2.3\Release\src\crypto\crypto.def -LC:\P ython23\libs -LC:\Python23\PCBuild -llibeay32 -lssleay32 -lWs2_32 -lpython23 -o build\lib.win32-2.3\OpenSSL\crypto.pyd C:\MinGW\bin\..\lib\gcc\mingw32\3.4.2\..\..\..\..\mingw32\bin\ld.exe: cannot fin d -llibeay32 collect2: ld returned 1 exit status error: command 'gcc' failed with exit status 1 Any clues ? Regards, Fuzzy http://www.voidspace.org.uk/python/index.shtml |
|
From: Michael F. <Mic...@tb...> - 2005-02-16 15:38:29
|
Sorry - resend - I garbled the last message a bit. My apologies. Attempting to build for windows - take 2. If I copy the '.a' and '.def' files to the 'C:\mingw32\lib' directory and the include files to 'C:\mingw32\includes' - I get a very different error message. D:\Downloads\pyOpenSSL-0.6>setup.py build_ext -cmingw32 running build_ext building 'OpenSSL.crypto' extension creating build creating build\temp.win32-2.3 creating build\temp.win32-2.3\Release creating build\temp.win32-2.3\Release\src creating build\temp.win32-2.3\Release\src\crypto C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/crypto.c -o build\temp.win32-2.3\Release\src\crypto\crypto. o src/crypto/crypto.c:20: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/pkey.c -o build\temp.win32-2.3\Release\src\crypto\pkey.o src/crypto/pkey.c:14: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/netscape_spki.c -o build\temp.win32-2.3\Release\src\crypto\ netscape_spki.o src/crypto/netscape_spki.c:12: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509req.c -o build\temp.win32-2.3\Release\src\crypto\x509re q.o src/crypto/x509req.c:13: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/pkcs12.c -o build\temp.win32-2.3\Release\src\crypto\pkcs12. o src/crypto/pkcs12.c:17: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/util.c -o build\temp.win32-2.3\Release\src\util.o src/util.c:14: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509.c -o build\temp.win32-2.3\Release\src\crypto\x509.o src/crypto/x509.c:15: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/pkcs7.c -o build\temp.win32-2.3\Release\src\crypto\pkcs7.o src/crypto/pkcs7.c:14: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509store.c -o build\temp.win32-2.3\Release\src\crypto\x509 store.o src/crypto/x509store.c:13: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509ext.c -o build\temp.win32-2.3\Release\src\crypto\x509ex t.o src/crypto/x509ext.c:14: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509name.c -o build\temp.win32-2.3\Release\src\crypto\x509n ame.o src/crypto/x509name.c:15: warning: 'CVSid' defined but not used writing build\temp.win32-2.3\Release\src\crypto\crypto.def creating build\lib.win32-2.3 creating build\lib.win32-2.3\OpenSSL C:\MinGW\bin\gcc.exe -mno-cygwin -shared -s build\temp.win32-2.3\Release\src\cry pto\crypto.o build\temp.win32-2.3\Release\src\crypto\x509.o build\temp.win32-2.3 \Release\src\crypto\x509name.o build\temp.win32-2.3\Release\src\crypto\pkey.o bu ild\temp.win32-2.3\Release\src\crypto\x509store.o build\temp.win32-2.3\Release\s rc\crypto\x509req.o build\temp.win32-2.3\Release\src\crypto\x509ext.o build\temp .win32-2.3\Release\src\crypto\pkcs7.o build\temp.win32-2.3\Release\src\crypto\pk cs12.o build\temp.win32-2.3\Release\src\crypto\netscape_spki.o build\temp.win32- 2.3\Release\src\util.o build\temp.win32-2.3\Release\src\crypto\crypto.def -LC:\P ython23\libs -LC:\Python23\PCBuild -llibeay32 -lssleay32 -lWs2_32 -lpython23 -o build\lib.win32-2.3\OpenSSL\crypto.pyd C:\MinGW\bin\..\lib\gcc\mingw32\3.4.2\..\..\..\..\mingw32\bin\ld.exe: cannot fin d -llibeay32 collect2: ld returned 1 exit status error: command 'gcc' failed with exit status 1 Any clues ? Regards, Fuzzy http://www.voidspace.org.uk/python/index.shtml |
|
From: Michael F. <mi...@pc...> - 2005-02-16 14:22:37
|
directory and the include files to Attempting to build for windows - take 2. If I copy the '.a' and '.def' files to the 'C:\mingw32\lib''C:\mingw32\includes' - I get a very different error message. D:\Downloads\pyOpenSSL-0.6>setup.py build_ext -cmingw32 running build_ext building 'OpenSSL.crypto' extension creating build creating build\temp.win32-2.3 creating build\temp.win32-2.3\Release creating build\temp.win32-2.3\Release\src creating build\temp.win32-2.3\Release\src\crypto C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/crypto.c -o build\temp.win32-2.3\Release\src\crypto\crypto. o src/crypto/crypto.c:20: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/pkey.c -o build\temp.win32-2.3\Release\src\crypto\pkey.o src/crypto/pkey.c:14: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/netscape_spki.c -o build\temp.win32-2.3\Release\src\crypto\ netscape_spki.o src/crypto/netscape_spki.c:12: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509req.c -o build\temp.win32-2.3\Release\src\crypto\x509re q.o src/crypto/x509req.c:13: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/pkcs12.c -o build\temp.win32-2.3\Release\src\crypto\pkcs12. o src/crypto/pkcs12.c:17: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/util.c -o build\temp.win32-2.3\Release\src\util.o src/util.c:14: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509.c -o build\temp.win32-2.3\Release\src\crypto\x509.o src/crypto/x509.c:15: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/pkcs7.c -o build\temp.win32-2.3\Release\src\crypto\pkcs7.o src/crypto/pkcs7.c:14: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509store.c -o build\temp.win32-2.3\Release\src\crypto\x509 store.o src/crypto/x509store.c:13: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509ext.c -o build\temp.win32-2.3\Release\src\crypto\x509ex t.o src/crypto/x509ext.c:14: warning: 'CVSid' defined but not used C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall -IC:\Python23\include -IC:\Pytho n23\PC -c src/crypto/x509name.c -o build\temp.win32-2.3\Release\src\crypto\x509n ame.o src/crypto/x509name.c:15: warning: 'CVSid' defined but not used writing build\temp.win32-2.3\Release\src\crypto\crypto.def creating build\lib.win32-2.3 creating build\lib.win32-2.3\OpenSSL C:\MinGW\bin\gcc.exe -mno-cygwin -shared -s build\temp.win32-2.3\Release\src\cry pto\crypto.o build\temp.win32-2.3\Release\src\crypto\x509.o build\temp.win32-2.3 \Release\src\crypto\x509name.o build\temp.win32-2.3\Release\src\crypto\pkey.o bu ild\temp.win32-2.3\Release\src\crypto\x509store.o build\temp.win32-2.3\Release\s rc\crypto\x509req.o build\temp.win32-2.3\Release\src\crypto\x509ext.o build\temp .win32-2.3\Release\src\crypto\pkcs7.o build\temp.win32-2.3\Release\src\crypto\pk cs12.o build\temp.win32-2.3\Release\src\crypto\netscape_spki.o build\temp.win32- 2.3\Release\src\util.o build\temp.win32-2.3\Release\src\crypto\crypto.def -LC:\P ython23\libs -LC:\Python23\PCBuild -llibeay32 -lssleay32 -lWs2_32 -lpython23 -o build\lib.win32-2.3\OpenSSL\crypto.pyd C:\MinGW\bin\..\lib\gcc\mingw32\3.4.2\..\..\..\..\mingw32\bin\ld.exe: cannot fin d -llibeay32 collect2: ld returned 1 exit status error: command 'gcc' failed with exit status 1 Any clues ? Regards, Fuzzy http://www.voidspace.org.uk/python/index.shtml |
|
From: Michael F. <mi...@pc...> - 2005-02-16 14:03:21
|
Hello,
I'm attempting to build PyOpenSSL for windows.
I'm currently attempting with mingw32 and Python2.3 - although I'd also
like to do it with Python 2.4 and the windows optimising compiler. (Both
windows XP)
I'm currently struggling !
Using 'pyOpenSSL-0.6' source from Sourceforge and the windows prebuilt
binaries for OpenSSL 0.9.7e.
The 'install' file with pyOpenSSL says :
Building the library:
setup.py build_ext -I ...\openssl\inc32 -L ...\openssl\out32dll
setup.py build
(to which I had -cmingw32 to make distutils use gcc from mingw32)
My opensssl installation has neither an inc32 directory, nor an out32dll
file/directory.
There is an `C:\OpenSSL\include\openssl` directory - with all the '.h'
and '.c' files. There is also a directory 'C:\OpenSSL\lib\MinGW' with
all the '.a' and '.def' files.
I guessed at the following command line order - which failed with the
following messages. Does anyone have any clues (or can point me to
resources/prebuilt binaries) ? It fails with a 'no such file' error as
the first error, yet that file exists in the openssl directory. I guess
the rest of the errors relate to it not finding the include file.
D:\Downloads\pyOpenSSL-0.6>setup.py build_ext -I
C:\OpenSSL\include\openssl -L C
:\OpenSSL\lib\MinGW -cmingw32
running build_ext
building 'OpenSSL.crypto' extension
creating build
creating build\temp.win32-2.3
creating build\temp.win32-2.3\Release
creating build\temp.win32-2.3\Release\src
creating build\temp.win32-2.3\Release\src\crypto
C:\MinGW\bin\gcc.exe -mno-cygwin -mdll -O -Wall
-IC:\OpenSSL\include\openssl -IC
:\Python23\include -IC:\Python23\PC -c src/crypto/crypto.c -o
build\temp.win32-2
.3\Release\src\crypto\crypto.o
In file included from src/crypto/crypto.h:17,
from src/crypto/crypto.c:13:
src/crypto/x509.h:17:25: openssl/ssl.h: No such file or directory
In file included from src/crypto/crypto.h:17,
from src/crypto/crypto.c:13:
src/crypto/x509.h:27: error: syntax error before "X509"
src/crypto/x509.h:27: warning: no semicolon at end of struct or union
src/crypto/x509.h:29: error: syntax error before '}' token
src/crypto/x509.h:29: warning: type defaults to `int' in declaration of
`crypto_
X509Obj'
src/crypto/x509.h:29: warning: data definition has no type or storage class
In file included from src/crypto/crypto.h:18,
from src/crypto/crypto.c:13:
src/crypto/x509name.h:27: error: syntax error before "X509_NAME"
src/crypto/x509name.h:27: warning: no semicolon at end of struct or union
src/crypto/x509name.h:30: error: syntax error before '}' token
src/crypto/x509name.h:30: warning: type defaults to `int' in declaration
of `cry
pto_X509NameObj'
src/crypto/x509name.h:30: warning: data definition has no type or
storage class
In file included from src/crypto/crypto.h:19,
from src/crypto/crypto.c:13:
src/crypto/netscape_spki.h:24: error: syntax error before "NETSCAPE_SPKI"
src/crypto/netscape_spki.h:24: warning: no semicolon at end of struct or
union
src/crypto/netscape_spki.h:26: error: syntax error before '}' token
src/crypto/netscape_spki.h:26: warning: type defaults to `int' in
declaration of
`crypto_NetscapeSPKIObj'
src/crypto/netscape_spki.h:26: warning: data definition has no type or
storage c
lass
In file included from src/crypto/crypto.h:20,
from src/crypto/crypto.c:13:
src/crypto/x509store.h:25: error: syntax error before "X509_STORE"
src/crypto/x509store.h:25: warning: no semicolon at end of struct or union
src/crypto/x509store.h:27: error: syntax error before '}' token
src/crypto/x509store.h:27: warning: type defaults to `int' in
declaration of `cr
ypto_X509StoreObj'
src/crypto/x509store.h:27: warning: data definition has no type or
storage class
In file included from src/crypto/crypto.h:21,
from src/crypto/crypto.c:13:
src/crypto/x509req.h:25: error: syntax error before "X509_REQ"
src/crypto/x509req.h:25: warning: no semicolon at end of struct or union
src/crypto/x509req.h:27: error: syntax error before '}' token
src/crypto/x509req.h:27: warning: type defaults to `int' in declaration
of `cryp
to_X509ReqObj'
src/crypto/x509req.h:27: warning: data definition has no type or storage
class
In file included from src/crypto/crypto.h:22,
from src/crypto/crypto.c:13:
src/crypto/pkey.h:22: error: syntax error before "EVP_PKEY"
src/crypto/pkey.h:22: warning: no semicolon at end of struct or union
src/crypto/pkey.h:24: error: syntax error before '}' token
src/crypto/pkey.h:24: warning: type defaults to `int' in declaration of
`crypto_
PKeyObj'
src/crypto/pkey.h:24: warning: data definition has no type or storage class
In file included from src/crypto/crypto.h:23,
from src/crypto/crypto.c:13:
src/crypto/x509ext.h:16:28: openssl/x509v3.h: No such file or directory
In file included from src/crypto/crypto.h:23,
from src/crypto/crypto.c:13:
src/crypto/x509ext.h:27: error: syntax error before "X509_EXTENSION"
src/crypto/x509ext.h:27: warning: no semicolon at end of struct or union
src/crypto/x509ext.h:29: error: syntax error before '}' token
src/crypto/x509ext.h:29: warning: type defaults to `int' in declaration
of `cryp
to_X509ExtensionObj'
src/crypto/x509ext.h:29: warning: data definition has no type or storage
class
In file included from src/crypto/crypto.h:24,
from src/crypto/crypto.c:13:
src/crypto/pkcs7.h:15:27: openssl/pkcs7.h: No such file or directory
In file included from src/crypto/crypto.h:24,
from src/crypto/crypto.c:13:
src/crypto/pkcs7.h:25: error: syntax error before "PKCS7"
src/crypto/pkcs7.h:25: warning: no semicolon at end of struct or union
src/crypto/pkcs7.h:27: error: syntax error before '}' token
src/crypto/pkcs7.h:27: warning: type defaults to `int' in declaration of
`crypto
_PKCS7Obj'
src/crypto/pkcs7.h:27: warning: data definition has no type or storage class
In file included from src/crypto/crypto.h:25,
from src/crypto/crypto.c:13:
src/crypto/pkcs12.h:14:28: openssl/pkcs12.h: No such file or directory
src/crypto/pkcs12.h:15:26: openssl/asn1.h: No such file or directory
In file included from src/crypto/crypto.h:26,
from src/crypto/crypto.c:13:
src/crypto/../util.h:17:25: openssl/err.h: No such file or directory
In file included from src/crypto/crypto.c:13:
src/crypto/crypto.h:75: error: syntax error before '*' token
src/crypto/crypto.h:75: error: syntax error before '*' token
src/crypto/crypto.h:75: warning: type defaults to `int' in declaration
of `crypt
o_X509_New'
src/crypto/crypto.h:75: warning: data definition has no type or storage
class
src/crypto/crypto.h:76: error: syntax error before '*' token
src/crypto/crypto.h:76: error: syntax error before '*' token
src/crypto/crypto.h:76: warning: type defaults to `int' in declaration
of `crypt
o_X509Name_New'
src/crypto/crypto.h:76: warning: data definition has no type or storage
class
src/crypto/crypto.h:77: error: syntax error before '*' token
src/crypto/crypto.h:77: error: syntax error before '*' token
src/crypto/crypto.h:77: warning: type defaults to `int' in declaration
of `crypt
o_X509Req_New'
src/crypto/crypto.h:77: warning: data definition has no type or storage
class
src/crypto/crypto.h:78: error: syntax error before '*' token
src/crypto/crypto.h:78: error: syntax error before '*' token
src/crypto/crypto.h:78: warning: type defaults to `int' in declaration
of `crypt
o_X509Store_New'
src/crypto/crypto.h:78: warning: data definition has no type or storage
class
src/crypto/crypto.h:79: error: syntax error before '*' token
src/crypto/crypto.h:79: error: syntax error before '*' token
src/crypto/crypto.h:79: warning: type defaults to `int' in declaration
of `crypt
o_PKey_New'
src/crypto/crypto.h:79: warning: data definition has no type or storage
class
src/crypto/crypto.h:80: error: syntax error before '*' token
src/crypto/crypto.h:80: warning: type defaults to `int' in declaration
of `crypt
o_X509Extension_New'
src/crypto/crypto.h:80: warning: data definition has no type or storage
class
src/crypto/crypto.h:81: error: syntax error before '*' token
src/crypto/crypto.h:81: error: syntax error before '*' token
src/crypto/crypto.h:81: warning: type defaults to `int' in declaration
of `crypt
o_PKCS7_New'
src/crypto/crypto.h:81: warning: data definition has no type or storage
class
src/crypto/crypto.h:82: error: syntax error before '*' token
src/crypto/crypto.h:82: error: syntax error before '*' token
src/crypto/crypto.h:82: warning: type defaults to `int' in declaration
of `crypt
o_NetscapeSPKI_New'
src/crypto/crypto.h:82: warning: data definition has no type or storage
class
src/crypto/crypto.c: In function `crypto_load_privatekey':
src/crypto/crypto.c:66: error: `EVP_PKEY' undeclared (first use in this
function
)
src/crypto/crypto.c:66: error: (Each undeclared identifier is reported
only once
src/crypto/crypto.c:66: error: for each function it appears in.)
src/crypto/crypto.c:66: error: syntax error before ',' token
src/crypto/crypto.c:70: error: `pem_password_cb' undeclared (first use
in this f
unction)
src/crypto/crypto.c:70: error: `cb' undeclared (first use in this function)
src/crypto/crypto.c:72: error: `BIO' undeclared (first use in this function)
src/crypto/crypto.c:72: error: `bio' undeclared (first use in this function)
src/crypto/crypto.c:73: error: `pkey' undeclared (first use in this
function)
src/crypto/crypto.c:97: warning: implicit declaration of function
`BIO_new_mem_b
uf'
src/crypto/crypto.c:100: error: `X509_FILETYPE_PEM' undeclared (first
use in thi
s function)
src/crypto/crypto.c:101: warning: implicit declaration of function
`PEM_read_bio
_PrivateKey'
src/crypto/crypto.c:104: error: `X509_FILETYPE_ASN1' undeclared (first
use in th
is function)
src/crypto/crypto.c:105: warning: implicit declaration of function
`d2i_PrivateK
ey_bio'
src/crypto/crypto.c:110: warning: implicit declaration of function
`BIO_free'
src/crypto/crypto.c: In function `crypto_dump_privatekey':
src/crypto/crypto.c:146: error: syntax error before '*' token
src/crypto/crypto.c:148: error: `pem_password_cb' undeclared (first use
in this
function)
src/crypto/crypto.c:148: error: `cb' undeclared (first use in this function)
src/crypto/crypto.c:150: error: `BIO' undeclared (first use in this
function)
src/crypto/crypto.c:150: error: `bio' undeclared (first use in this
function)
src/crypto/crypto.c:151: error: `pkey' undeclared (first use in this
function)
src/crypto/crypto.c:164: error: `cipher' undeclared (first use in this
function)
src/crypto/crypto.c:164: warning: implicit declaration of function
`EVP_get_ciph
erbyname'
src/crypto/crypto.c:187: warning: implicit declaration of function `BIO_new'
src/crypto/crypto.c:187: warning: implicit declaration of function
`BIO_s_mem'
src/crypto/crypto.c:190: error: `X509_FILETYPE_PEM' undeclared (first
use in thi
s function)
src/crypto/crypto.c:191: warning: implicit declaration of function
`PEM_write_bi
o_PrivateKey'
src/crypto/crypto.c:199: error: `X509_FILETYPE_ASN1' undeclared (first
use in th
is function)
src/crypto/crypto.c:200: warning: implicit declaration of function
`i2d_PrivateK
ey_bio'
src/crypto/crypto.c:216: warning: implicit declaration of function
`BIO_get_mem_
data'
src/crypto/crypto.c: In function `crypto_load_certificate':
src/crypto/crypto.c:236: error: `X509' undeclared (first use in this
function)
src/crypto/crypto.c:236: error: syntax error before ',' token
src/crypto/crypto.c:239: error: `BIO' undeclared (first use in this
function)
src/crypto/crypto.c:239: error: `bio' undeclared (first use in this
function)
src/crypto/crypto.c:240: error: `cert' undeclared (first use in this
function)
src/crypto/crypto.c:248: error: `X509_FILETYPE_PEM' undeclared (first
use in thi
s function)
src/crypto/crypto.c:249: warning: implicit declaration of function
`PEM_read_bio
_X509'
src/crypto/crypto.c:252: error: `X509_FILETYPE_ASN1' undeclared (first
use in th
is function)
src/crypto/crypto.c:253: warning: implicit declaration of function
`d2i_X509_bio
'
src/crypto/crypto.c: In function `crypto_dump_certificate':
src/crypto/crypto.c:288: error: `BIO' undeclared (first use in this
function)
src/crypto/crypto.c:288: error: `bio' undeclared (first use in this
function)
src/crypto/crypto.c:289: error: `cert' undeclared (first use in this
function)
src/crypto/crypto.c:298: error: `X509_FILETYPE_PEM' undeclared (first
use in thi
s function)
src/crypto/crypto.c:299: warning: implicit declaration of function
`PEM_write_bi
o_X509'
src/crypto/crypto.c:302: error: `X509_FILETYPE_ASN1' undeclared (first
use in th
is function)
src/crypto/crypto.c:303: warning: implicit declaration of function
`i2d_X509_bio
'
src/crypto/crypto.c: In function `crypto_load_certificate_request':
src/crypto/crypto.c:339: error: `X509_REQ' undeclared (first use in this
functio
n)
src/crypto/crypto.c:339: error: syntax error before ',' token
src/crypto/crypto.c:342: error: `BIO' undeclared (first use in this
function)
src/crypto/crypto.c:342: error: `bio' undeclared (first use in this
function)
src/crypto/crypto.c:343: error: `req' undeclared (first use in this
function)
src/crypto/crypto.c:351: error: `X509_FILETYPE_PEM' undeclared (first
use in thi
s function)
src/crypto/crypto.c:352: warning: implicit declaration of function
`PEM_read_bio
_X509_REQ'
src/crypto/crypto.c:355: error: `X509_FILETYPE_ASN1' undeclared (first
use in th
is function)
src/crypto/crypto.c:356: warning: implicit declaration of function
`d2i_X509_REQ
_bio'
src/crypto/crypto.c: In function `crypto_dump_certificate_request':
src/crypto/crypto.c:391: error: `BIO' undeclared (first use in this
function)
src/crypto/crypto.c:391: error: `bio' undeclared (first use in this
function)
src/crypto/crypto.c:392: error: `req' undeclared (first use in this
function)
src/crypto/crypto.c:401: error: `X509_FILETYPE_PEM' undeclared (first
use in thi
s function)
src/crypto/crypto.c:402: warning: implicit declaration of function
`PEM_write_bi
o_X509_REQ'
src/crypto/crypto.c:405: error: `X509_FILETYPE_ASN1' undeclared (first
use in th
is function)
src/crypto/crypto.c:406: warning: implicit declaration of function
`i2d_X509_REQ
_bio'
src/crypto/crypto.c: In function `crypto_load_pkcs7_data':
src/crypto/crypto.c:444: error: `BIO' undeclared (first use in this
function)
src/crypto/crypto.c:444: error: `bio' undeclared (first use in this
function)
src/crypto/crypto.c:445: error: `PKCS7' undeclared (first use in this
function)
src/crypto/crypto.c:445: error: `pkcs7' undeclared (first use in this
function)
src/crypto/crypto.c:456: error: `X509_FILETYPE_PEM' undeclared (first
use in thi
s function)
src/crypto/crypto.c:457: warning: implicit declaration of function
`PEM_read_bio
_PKCS7'
src/crypto/crypto.c:460: error: `X509_FILETYPE_ASN1' undeclared (first
use in th
is function)
src/crypto/crypto.c:461: warning: implicit declaration of function
`d2i_PKCS7_bi
o'
src/crypto/crypto.c: In function `crypto_load_pkcs12':
src/crypto/crypto.c:496: error: syntax error before '*' token
src/crypto/crypto.c:499: error: `BIO' undeclared (first use in this
function)
src/crypto/crypto.c:499: error: `bio' undeclared (first use in this
function)
src/crypto/crypto.c:500: error: `PKCS12' undeclared (first use in this
function)
src/crypto/crypto.c:500: error: `p12' undeclared (first use in this
function)
src/crypto/crypto.c:506: warning: implicit declaration of function
`d2i_PKCS12_b
io'
src/crypto/crypto.c: In function `crypto_X509':
src/crypto/crypto.c:533: warning: implicit declaration of function
`X509_new'
src/crypto/crypto.c: In function `crypto_X509Name':
src/crypto/crypto.c:549: error: `name' undeclared (first use in this
function)
src/crypto/crypto.c:554: warning: implicit declaration of function
`X509_NAME_du
p'
src/crypto/crypto.c: In function `crypto_X509Req':
src/crypto/crypto.c:572: warning: implicit declaration of function
`X509_REQ_new
'
src/crypto/crypto.c: In function `crypto_PKey':
src/crypto/crypto.c:590: warning: implicit declaration of function
`EVP_PKEY_new
'
src/crypto/crypto.c: In function `crypto_NetscapeSPKI':
src/crypto/crypto.c:633: error: `NETSCAPE_SPKI' undeclared (first use in
this fu
nction)
src/crypto/crypto.c:633: error: `spki' undeclared (first use in this
function)
src/crypto/crypto.c:639: warning: implicit declaration of function
`NETSCAPE_SPK
I_b64_decode'
src/crypto/crypto.c:641: warning: implicit declaration of function
`NETSCAPE_SPK
I_new'
src/crypto/crypto.c: In function `initcrypto':
src/crypto/crypto.c:684: warning: implicit declaration of function
`ERR_load_cry
pto_strings'
src/crypto/crypto.c:685: warning: implicit declaration of function
`OpenSSL_add_
all_algorithms'
src/crypto/crypto.c:709: error: `X509_FILETYPE_PEM' undeclared (first
use in thi
s function)
src/crypto/crypto.c:710: error: `X509_FILETYPE_ASN1' undeclared (first
use in th
is function)
src/crypto/crypto.c:712: error: `EVP_PKEY_RSA' undeclared (first use in
this fun
ction)
src/crypto/crypto.c:713: error: `EVP_PKEY_DSA' undeclared (first use in
this fun
ction)
src/crypto/crypto.c: At top level:
src/crypto/crypto.c:20: warning: 'CVSid' defined but not used
error: command 'gcc' failed with exit status 1
Many Thanks
Fuzzyman
http://www.voidspace.org.uk/python/index.shtml
|
|
From: Itamar Shtull-T. <it...@it...> - 2005-02-13 20:33:40
|
On Sun, 2005-02-13 at 20:38 +0100, Kototama wrote: > the following code (just taken on the example) blocks on recv unless I > decomment the 'send' function. I tested it with stunnel. Select seems to > tell that there is something to read whereas there is nothing. Moreover > why does it block since I am in non blocking mode ? Possibly it's because you're not handling the WantReadError/WantWriteError errors the right way. Check out how Twisted uses pyOpenSSL (or better yet, just use Twisted ;). |
|
From: Kototama <kot...@al...> - 2005-02-13 19:38:15
|
Hi,
the following code (just taken on the example) blocks on recv unless I
decomment the 'send' function. I tested it with stunnel. Select seems to
tell that there is something to read whereas there is nothing. Moreover
why does it block since I am in non blocking mode ?
-----
from OpenSSL import SSL
import sys, os, select, socket
def verify_cb(conn, cert, errnum, depth, ok):
# This obviously has to be updated
print 'Got certificate: %s' % cert.get_subject()
return ok
if len(sys.argv) < 2:
print 'Usage: python[2] server.py PORT'
sys.exit(1)
dir = os.path.dirname(sys.argv[0])
if dir == '':
dir = os.curdir
# Initialize context
ctx = SSL.Context(SSL.SSLv23_METHOD)
ctx.set_options(SSL.OP_NO_SSLv2)
ctx.set_verify(SSL.VERIFY_NONE, verify_cb) # Demand a certificate
ctx.use_privatekey_file (os.path.join(dir, 'cert/server.pkey'))
ctx.use_certificate_file(os.path.join(dir, 'cert/server.cert'))
ctx.load_verify_locations(os.path.join(dir, 'cert/CA.cert'))
# Set up server
server = SSL.Connection(ctx, socket.socket(socket.AF_INET,
socket.SOCK_STREAM))
server.bind(('', int(sys.argv[1])))
server.listen(3)
server.setblocking(0)
clients = {}
writers = {}
def dropClient(cli, errors=None):
if errors:
print 'Client %s left unexpectedly:' % (clients[cli],)
print ' ', errors
else:
print 'Client %s left politely' % (clients[cli],)
del clients[cli]
if writers.has_key(cli):
del writers[cli]
if not errors:
cli.shutdown()
cli.close()
__cli = None
while 1:
print 'select'
try:
r,w,_ = select.select([server]+clients.keys(), writers.keys(),
[], 1) except:
break
print '[ OK ]'
for cli in r:
if cli == server:
cli,addr = server.accept()
__cli = cli
print 'Connection from %s' % (addr,)
clients[cli] = addr
else:
try:
print 'recv...'
######## we block here ###########
ret = cli.recv(1024)
print '[ OK ]'
except (SSL.WantReadError, SSL.WantWriteError,
SSL.WantX509LookupError):
pass
except SSL.ZeroReturnError:
dropClient(cli)
except SSL.Error, errors:
dropClient(cli, errors)
else:
if not writers.has_key(cli):
writers[cli] = ''
writers[cli] = writers[cli] + ret
# if we decomment this it is ok
###if __cli:
###print 'send'
###__cli.send('test\n') ###print '[ OK ]'
for cli in w:
try:
ret = cli.send(writers[cli])
except (SSL.WantReadError, SSL.WantWriteError,
SSL.WantX509LookupError):
pass
except SSL.ZeroReturnError:
dropClient(cli)
except SSL.Error, errors:
dropClient(cli, errors)
else:
writers[cli] = writers[cli][ret:]
if writers[cli] == '':
del writers[cli]
for cli in clients.keys():
cli.close()
server.close()
|
|
From: Howson, M. <mar...@nt...> - 2005-01-26 16:29:05
|
Hi list, I've posted a build of pyOpenSSL 0.6 for Python 2.4 at http://nights.doc.ntu.ac.uk/pyOpenSSL-0.6.win32-py2.4.exe It's statically linked against openssl-0.9.7e so it should just 'work'. Mark Howson DISCLAIMER: This email is intended solely for the addressee. It may contain private = and confidential information. If you are not the intended addressee, = please take no action based on it nor show a copy to anyone. In this = case, please reply to this email to highlight the error. Opinions and = information in this email that do not relate to the official business of = Nottingham Trent University shall be understood as neither given nor = endorsed by the University. Nottingham Trent University has taken steps to ensure that this email = and any attachments are virus-free, but we do advise that the recipient = should check that the email and its attachments are actually virus free. = This is in keeping with good computing practice. |
|
From: Jos V. <jo...@xo...> - 2004-12-20 15:23:23
|
On Mon, Dec 20, 2004 at 03:05:43PM +0100, Niklas Saers wrote: > I'm using SecureXMLRPCServer to do my XMLRPC communication via SSL. For > this I have a server.pkey and a server.cert, and when running the > application I get: "Enter PEM pass phrase:" I want this to be a daemon > that runs on a server and starts thus I would like to set the password > without keyboard interaction. I've been unsuccessful at piping the > password in, and I was wondering if I could set a variable or if there > are other options available to me? You have to change the private key part for that, as follows: openssl rsa -in server.pkey -out server2.pkey And then use server2.pkey i.s.o. server.pkey from now on. -- -- Jos Vos <jo...@xo...> -- X/OS Experts in Open Systems BV | Phone: +31 20 6938364 -- Amsterdam, The Netherlands | Fax: +31 20 6948204 |
|
From: Niklas S. <ni...@re...> - 2004-12-20 14:05:46
|
Hi everyone, I'm using SecureXMLRPCServer to do my XMLRPC communication via SSL. For this I have a server.pkey and a server.cert, and when running the application I get: "Enter PEM pass phrase:" I want this to be a daemon that runs on a server and starts thus I would like to set the password without keyboard interaction. I've been unsuccessful at piping the password in, and I was wondering if I could set a variable or if there are other options available to me? Sincerely yours Niklas Saers |
|
From: Frederic P. <fp...@de...> - 2004-12-19 12:21:31
|
Emmanuel Raviart wrote:
> So, I would like to transpose the following C code into Python:
> SSL_set_verify(ssl,SSL_VERIFY_PEER |
> SSL_VERIFY_FAIL_IF_NO_PEER_CERT,0);
>
> /* Stop the client from just resuming the
> un-authenticated session */
> SSL_set_session_id_context(ssl,
> (void *)&s_server_auth_session_id_context,
> sizeof(s_server_auth_session_id_context));
>
> SSL_renegotiate(ssl);
> SSL_do_handshake(ssl);
> ssl->state=SSL_ST_ACCEPT;
> SSL_do_handshake(ssl);
I wrote a patch for this; it adds bindings for SSL_set_verify,
SSL_set_verify_depth, SSL_get_verify_mode, SSL_get_verify_depth
and SSL_set_session_id_context. It also adds to new methods,
set_state and get_state to SSL objects and the SSL state constants
(SSL_ST_*).
It has *not* been extensively tested and I'm not sure at all wrt
the global_verify_callback function I copied/pasted from context.c
What are the odds for this to be included in pyOpenSSL ?
Regards,
Frederic
|
|
From: Emmanuel R. <era...@en...> - 2004-12-19 08:55:53
|
Hello, I'm using PyOpenSSL to develop a free software implementation of Liberty Alliance single sign-on protocol. http://lasso.entrouvert.org/souk It works very well, but to improve client authentication, I need to renegotiate client verify mode after the SSL connection is established. So, I would like to transpose the following C code into Python: SSL_set_verify(ssl,SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,0); /* Stop the client from just resuming the un-authenticated session */ SSL_set_session_id_context(ssl, (void *)&s_server_auth_session_id_context, sizeof(s_server_auth_session_id_context)); SSL_renegotiate(ssl); SSL_do_handshake(ssl); ssl->state=SSL_ST_ACCEPT; SSL_do_handshake(ssl); [This code fragment is taken from wserver2.c sample code by Eric Rescoria <http://www.rtfm.com/openssl-examples/>] But I didn't find in PyOpenSSL a way to: - call SSL_set_verify - change ssl->state without using SSL_set_accept_state Is this a missing feature of PyOpenSSL? Is there another way to implement client authentication renegotiation? Regards, Emmanuel Raviart -- Lasso (Liberty Alliance Single Sign-On) -- http://lasso.entrouvert.org Entr'ouvert -- www.entrouvert.com |
|
From: <gee...@ut...> - 2004-11-03 22:58:44
|
Hi,
I'm trying to use the OpenSSL module in order to get
the subject distinguished name from a certificate:
Is there any change to get this as a string and not as an X509Name object
(I see that there is eg a countryName method, but this doesn't give me the
full DN)
What about a DN with domain components...
Thanks,
Geert
from OpenSSL.crypto import *;
def MyDump():
FileName = "C:\\brol\\sign.crt"
CertFile = open(FileName, "rb")
Cert = CertFile.read()
CertFile.close()
n = load_certificate(FILETYPE_ASN1, Cert)
s = n.get_subject() |
5 messages has been excluded from this view by a project administrator.
