Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Begin making examples Python 3 compatible #245

Merged
merged 14 commits into from
May 6, 2015
Merged

Begin making examples Python 3 compatible #245

merged 14 commits into from
May 6, 2015

Conversation

ihamburglar
Copy link
Contributor

This PR makes a few of the examples work under Python 3 in addition to Python 2. I ran some tests under 2.7.8 and 3.4.2.

I also found a couple of md5s being used during signing in certgen.py, I'm proposing that they be bumped up to SHA-256.

ihamburglar
ihamburglar reviewed Apr 29, 2015
View reviewed changes
examples/certgen.py
setattr(subj, key, value)

req.set_pubkey(pkey)
req.sign(pkey, digest)
return req

def createCertificate(req, (issuerCert, issuerKey), serial, (notBefore, notAfter), digest="md5"):
def createCertificate(req, issuerCertKey, serial, validityPeriod, digest="sha256"):
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

According to PEP 3113 tuple unpacking is deprecated.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it’s actually even removed in Python 3 (which kind of sucks when doing Twisted)

@coveralls
Copy link

Coverage Status

Coverage decreased (-2.86%) to 92.45% when pulling a6d16be on elitest:examplespython3 into f3fc99e on pyca:master.

@coveralls
Copy link

Coverage Status

Coverage remained the same at 95.31% when pulling 90a3117 on elitest:examplespython3 into f3fc99e on pyca:master.

alex
alex reviewed Apr 30, 2015
View reviewed changes
examples/simple/server.py
print 'Got certificate: %s' % cert.get_subject()
certsubject = crypto.X509Name(cert.get_subject())
commonname = certsubject.commonName
print(('Got certificate: ' + commonname))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are these changes needed, particularly the crypto.X509Name(...) bit?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I should have made a comment to clarify :).

This is what you get on master:
Got certificate: <X509Name object '/CN=Certificate Authority'>
Got certificate: <X509Name object '/CN=Simple Server'>

This is what you get with that:
Got certificate: Certificate Authority
Got certificate: Simple Server

I think that is the direction the orig author was going in when he said: "# This obviously has to be updated". I can remove the comment if you agree. I suppose there are less spoofable things that we could use to identify the certs in addition to the CN, like the fingerprint.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah please get rid of the comment. there’s nothing obvious about it.

@hynek hynek mentioned this pull request Apr 30, 2015
Closed
@coveralls
Copy link

Coverage Status

Coverage remained the same at 95.31% when pulling 677402f on elitest:examplespython3 into f3fc99e on pyca:master.

@ihamburglar
Copy link
Contributor Author

Thanks to @hynek's work in #253 this now passes. Cheers.

@hynek
Copy link
Contributor

hynek commented May 6, 2015

So, stupid question: is there currently an easy way to actually test the examples?

@ihamburglar
Copy link
Contributor Author

the 'easy' way I used to test them from the examples directory was:
run 'python mk_simple_certs.py'
run 'python simple/server.py 8443'
run 'python simple/client.py localhost 8443'

then type some text in, and server.py should echo it back to you, as well as tell you what certificate it received. It actually just gives the CN as opposed to something that couldn't be spoofed like a fingerprint. Then I ran the same against python3.

@hynek
Copy link
Contributor

hynek commented May 6, 2015

I see, thanks!

Please add examples/simple/*.cert and examples/simple/*.pkey to .gitignore then.

@coveralls
Copy link

Coverage Status

Coverage decreased (-0.01%) to 95.31% when pulling 75feb89 on elitest:examplespython3 into 8b71990 on pyca:master.

1 similar comment
@coveralls
Copy link

Coverage Status

Coverage decreased (-0.01%) to 95.31% when pulling 75feb89 on elitest:examplespython3 into 8b71990 on pyca:master.

@hynek
Copy link
Contributor

hynek commented May 6, 2015

Thanks!

hynek added a commit that referenced this pull request May 6, 2015
@hynek
Merge pull request #245 from elitest/examplespython3
568b5b9 
Begin making examples Python 3 compatible
@hynek hynek merged commit 568b5b9 into pyca:master May 6, 2015
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 22, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ihamburglar @coveralls @hynek @alex