From 5d85fcaa34131f9003c79f6fadd7c5f543af1a9f Mon Sep 17 00:00:00 2001 From: "Richard J. Moore" Date: Sun, 11 Jan 2015 17:04:43 +0000 Subject: [PATCH 01/18] Add support for querying the negotiated TLS version. --- OpenSSL/SSL.py | 11 +++++++++++ OpenSSL/test/test_ssl.py | 14 ++++++++++++++ setup.py | 36 ++++++++++++++++++++++++++++++++++++ 3 files changed, 61 insertions(+) diff --git a/OpenSSL/SSL.py b/OpenSSL/SSL.py index e67bd13db..2ee0512d3 100644 --- a/OpenSSL/SSL.py +++ b/OpenSSL/SSL.py @@ -1938,6 +1938,17 @@ def get_alpn_proto_negotiated(self): return _ffi.buffer(data[0], data_len[0])[:] + def get_protocol_version(self): + """ + Obtain the protocol version of the current connection. + + :returns: The TLS version of the current connection, for example + the value for TLS 1.2 would be 0x303. + :rtype: :py:class:`int` + """ + version = _lib.SSL_version(self._ssl) + return version + ConnectionType = Connection diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py index 1f231c9c0..7605dc0bc 100644 --- a/OpenSSL/test/test_ssl.py +++ b/OpenSSL/test/test_ssl.py @@ -2745,6 +2745,20 @@ def test_get_cipher_bits(self): self.assertEqual(server_cipher_bits, client_cipher_bits) + def test_get_protocol_version(self): + """ + :py:obj:`Connection.get_protocol_version` returns a :py:class:`int` + giving the protocol version of the current connection. + """ + server, client = self._loopback() + server_protocol_version, client_protocol_version = \ + server.get_protocol_version(), client.get_protocol_version() + + self.assertIsInstance(server_protocol_version, int) + self.assertIsInstance(client_protocol_version, int) + + self.assertEqual(server_protocol_version, client_protocol_version) + class ConnectionGetCipherListTests(TestCase): """ diff --git a/setup.py b/setup.py index f742c1ed0..c43a1d9b7 100755 --- a/setup.py +++ b/setup.py @@ -46,6 +46,7 @@ def find_meta(meta): raise RuntimeError("Unable to find __{meta}__ string.".format(meta=meta)) +<<<<<<< HEAD class PyTest(TestCommand): user_options = [("pytest-args=", "a", "Arguments to pass to py.test")] @@ -78,6 +79,41 @@ def run_tests(self): url=find_meta("uri"), license=find_meta("license"), classifiers=[ +======= +# XXX Deduplicate this +__version__ = '0.14' + +setup(name='pyOpenSSL', version=__version__, + packages = ['OpenSSL'], + package_dir = {'OpenSSL': 'OpenSSL'}, + py_modules = ['OpenSSL.__init__', + 'OpenSSL.tsafe', + 'OpenSSL.rand', + 'OpenSSL.crypto', + 'OpenSSL.SSL', + 'OpenSSL.version', + 'OpenSSL.test.__init__', + 'OpenSSL.test.util', + 'OpenSSL.test.test_crypto', + 'OpenSSL.test.test_rand', + 'OpenSSL.test.test_ssl'], + description = 'Python wrapper module around the OpenSSL library', + author = 'Jean-Paul Calderone', + author_email = 'exarkun@twistedmatrix.com', + maintainer = 'Jean-Paul Calderone', + maintainer_email = 'exarkun@twistedmatrix.com', + url = 'https://github.com/pyca/pyopenssl', + license = 'APL2', + install_requires=["cryptography>=0.7.2", "six>=1.5.2"], + long_description = """\ +High-level wrapper around a subset of the OpenSSL library, includes + * SSL.Connection objects, wrapping the methods of Python's portable + sockets + * Callbacks written in Python + * Extensive error-handling mechanism, mirroring OpenSSL's error codes +... and much more ;)""", + classifiers = [ +>>>>>>> Add support for querying the negotiated TLS version. 'Development Status :: 6 - Mature', 'Intended Audience :: Developers', 'License :: OSI Approved :: Apache Software License', From ba65e66b844d0c343ffaf7e67e853ad5218c5cfd Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Sun, 26 Apr 2015 12:23:40 -0400 Subject: [PATCH 02/18] switch to SSL_get_version. --- OpenSSL/SSL.py | 12 ++++++++++ OpenSSL/test/test_ssl.py | 6 ++--- setup.py | 48 ++++++++++------------------------------ 3 files changed, 27 insertions(+), 39 deletions(-) diff --git a/OpenSSL/SSL.py b/OpenSSL/SSL.py index 2ee0512d3..28e519941 100644 --- a/OpenSSL/SSL.py +++ b/OpenSSL/SSL.py @@ -1883,6 +1883,18 @@ def get_cipher_version(self): return version.decode("utf-8") + def get_protocol_version(self): + """ + Obtain the protocol version of the current connection. + + :returns: The TLS version of the current connection, for example + the value for TLS 1.2 would be 0x303. + :rtype: :py:class:`int` + """ + version = _lib.SSL_get_version(self._ssl) + return version + + @_requires_npn def get_next_proto_negotiated(self): """ diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py index 7605dc0bc..83d9896a9 100644 --- a/OpenSSL/test/test_ssl.py +++ b/OpenSSL/test/test_ssl.py @@ -2747,15 +2747,15 @@ def test_get_cipher_bits(self): def test_get_protocol_version(self): """ - :py:obj:`Connection.get_protocol_version` returns a :py:class:`int` + :py:obj:`Connection.get_protocol_version` returns a string giving the protocol version of the current connection. """ server, client = self._loopback() server_protocol_version, client_protocol_version = \ server.get_protocol_version(), client.get_protocol_version() - self.assertIsInstance(server_protocol_version, int) - self.assertIsInstance(client_protocol_version, int) + self.assertIsInstance(server_protocol_version, text_type) + self.assertIsInstance(client_protocol_version, text_type) self.assertEqual(server_protocol_version, client_protocol_version) diff --git a/setup.py b/setup.py index c43a1d9b7..3f1dbf2ea 100755 --- a/setup.py +++ b/setup.py @@ -46,7 +46,6 @@ def find_meta(meta): raise RuntimeError("Unable to find __{meta}__ string.".format(meta=meta)) -<<<<<<< HEAD class PyTest(TestCommand): user_options = [("pytest-args=", "a", "Arguments to pass to py.test")] @@ -79,41 +78,6 @@ def run_tests(self): url=find_meta("uri"), license=find_meta("license"), classifiers=[ -======= -# XXX Deduplicate this -__version__ = '0.14' - -setup(name='pyOpenSSL', version=__version__, - packages = ['OpenSSL'], - package_dir = {'OpenSSL': 'OpenSSL'}, - py_modules = ['OpenSSL.__init__', - 'OpenSSL.tsafe', - 'OpenSSL.rand', - 'OpenSSL.crypto', - 'OpenSSL.SSL', - 'OpenSSL.version', - 'OpenSSL.test.__init__', - 'OpenSSL.test.util', - 'OpenSSL.test.test_crypto', - 'OpenSSL.test.test_rand', - 'OpenSSL.test.test_ssl'], - description = 'Python wrapper module around the OpenSSL library', - author = 'Jean-Paul Calderone', - author_email = 'exarkun@twistedmatrix.com', - maintainer = 'Jean-Paul Calderone', - maintainer_email = 'exarkun@twistedmatrix.com', - url = 'https://github.com/pyca/pyopenssl', - license = 'APL2', - install_requires=["cryptography>=0.7.2", "six>=1.5.2"], - long_description = """\ -High-level wrapper around a subset of the OpenSSL library, includes - * SSL.Connection objects, wrapping the methods of Python's portable - sockets - * Callbacks written in Python - * Extensive error-handling mechanism, mirroring OpenSSL's error codes -... and much more ;)""", - classifiers = [ ->>>>>>> Add support for querying the negotiated TLS version. 'Development Status :: 6 - Mature', 'Intended Audience :: Developers', 'License :: OSI Approved :: Apache Software License', @@ -132,6 +96,7 @@ def run_tests(self): 'Topic :: Security :: Cryptography', 'Topic :: Software Development :: Libraries :: Python Modules', 'Topic :: System :: Networking', +<<<<<<< HEAD ], packages=['OpenSSL'], @@ -161,3 +126,14 @@ def run_tests(self): "test": PyTest, } ) +======= + ], + test_suite="OpenSSL", + tests_require=[ + "pytest", + ], + cmdclass={ + "test": PyTest, + }) + +>>>>>>> switch to SSL_get_version. From b296792a182e8897d40dacff4c512eb21d956a6b Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Sun, 26 Apr 2015 23:58:52 -0400 Subject: [PATCH 03/18] modified ssl_version ->ssl_get_version and modified test, docs --- OpenSSL/SSL.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/OpenSSL/SSL.py b/OpenSSL/SSL.py index 28e519941..8fefd8f80 100644 --- a/OpenSSL/SSL.py +++ b/OpenSSL/SSL.py @@ -1889,11 +1889,11 @@ def get_protocol_version(self): :returns: The TLS version of the current connection, for example the value for TLS 1.2 would be 0x303. - :rtype: :py:class:`int` + :rtype: :py:class:`unicode` """ - version = _lib.SSL_get_version(self._ssl) - return version - + version = _ffi.string(_lib.SSL_get_version(self._ssl)) + return version.decode("utf-8") + @_requires_npn def get_next_proto_negotiated(self): From 06bbba1ee28935c0e644e6ff4150264c210ce038 Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Mon, 27 Apr 2015 00:07:54 -0400 Subject: [PATCH 04/18] Type a removing space from merge --- setup.py | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/setup.py b/setup.py index 3f1dbf2ea..74efee9e6 100755 --- a/setup.py +++ b/setup.py @@ -1,3 +1,4 @@ + #!/usr/bin/env python # -*- coding: utf-8 -*- # @@ -96,7 +97,6 @@ def run_tests(self): 'Topic :: Security :: Cryptography', 'Topic :: Software Development :: Libraries :: Python Modules', 'Topic :: System :: Networking', -<<<<<<< HEAD ], packages=['OpenSSL'], @@ -126,14 +126,3 @@ def run_tests(self): "test": PyTest, } ) -======= - ], - test_suite="OpenSSL", - tests_require=[ - "pytest", - ], - cmdclass={ - "test": PyTest, - }) - ->>>>>>> switch to SSL_get_version. From 380507ebe282c8b04c39a3d2cb1aedf064c71cf1 Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Mon, 27 Apr 2015 00:18:24 -0400 Subject: [PATCH 05/18] Added changelog, entry fixed brackets --- ChangeLog | 6 ++++++ OpenSSL/test/test_ssl.py | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index ae02ef3e8..86fa5e20b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -5,6 +5,12 @@ dependency of pyOpenSSL (cryptography). Affected users should upgrade to Python 3.3+. +2015-04-15 Paul Kehrer + + * OpenSSL/SSL.py, : Add ``get_protocol_version()`` to Connection + Based on work from Rich Moore + * OpenSSL/test/test_crypto.py: tests for ``get_protocol_version`` + 2015-04-15 Paul Kehrer * OpenSSL/crypto.py, OpenSSL/test/test_crypto.py: Switch to utf8string diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py index 83d9896a9..d92d70fb2 100644 --- a/OpenSSL/test/test_ssl.py +++ b/OpenSSL/test/test_ssl.py @@ -2747,7 +2747,7 @@ def test_get_cipher_bits(self): def test_get_protocol_version(self): """ - :py:obj:`Connection.get_protocol_version` returns a string + :py:obj:`Connection.get_protocol_version()` returns a string giving the protocol version of the current connection. """ server, client = self._loopback() From 2637c3b753c1807b55accb7d8fc2e99a9e9bb926 Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Mon, 27 Apr 2015 00:35:09 -0400 Subject: [PATCH 06/18] added docs to doc/api --- doc/api/ssl.rst | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/doc/api/ssl.rst b/doc/api/ssl.rst index 292930506..ecafbef67 100644 --- a/doc/api/ssl.rst +++ b/doc/api/ssl.rst @@ -598,6 +598,11 @@ Connection objects have the following methods: but not it returns the entire list in one go. +.. py:method:: Connection.get_protocol_version() + + Retrieve the version of the SSL or TLS protocol used by the Connection + + .. py:method:: Connection.get_client_ca_list() Retrieve the list of preferred client certificate issuers sent by the server From 3cd0e672f930ff34b76cbf35893ca1d9a0b70f9d Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Mon, 27 Apr 2015 00:48:25 -0400 Subject: [PATCH 07/18] Added example and cleanup to doc/api --- doc/api/ssl.rst | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/doc/api/ssl.rst b/doc/api/ssl.rst index ecafbef67..2ab29fd64 100644 --- a/doc/api/ssl.rst +++ b/doc/api/ssl.rst @@ -600,7 +600,9 @@ Connection objects have the following methods: .. py:method:: Connection.get_protocol_version() - Retrieve the version of the SSL or TLS protocol used by the Connection + Retrieve the version of the SSL or TLS protocol used by the Connection. For + example, it will return ``TLSv1`` for connections made over TLS version 1, or + ``Unknown`` for connections that were not successfully established. .. py:method:: Connection.get_client_ca_list() From 85a4dff2618874657a4d8eae4aa0ebef4cfbadef Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Mon, 27 Apr 2015 17:42:46 -0400 Subject: [PATCH 08/18] Make variable assignment in tests more readable --- OpenSSL/test/test_ssl.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py index d92d70fb2..e118c1544 100644 --- a/OpenSSL/test/test_ssl.py +++ b/OpenSSL/test/test_ssl.py @@ -2751,8 +2751,8 @@ def test_get_protocol_version(self): giving the protocol version of the current connection. """ server, client = self._loopback() - server_protocol_version, client_protocol_version = \ - server.get_protocol_version(), client.get_protocol_version() + client_protocol_version = client.get_protocol_version() + server_protocol_version = server.get_protocol_version() self.assertIsInstance(server_protocol_version, text_type) self.assertIsInstance(client_protocol_version, text_type) From 5230dad843d1f78ac2305fcde2973ae5cce3e048 Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Tue, 28 Apr 2015 09:03:34 -0400 Subject: [PATCH 09/18] Fix docstring in SSL.py --- OpenSSL/SSL.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OpenSSL/SSL.py b/OpenSSL/SSL.py index 8fefd8f80..aaaea87c1 100644 --- a/OpenSSL/SSL.py +++ b/OpenSSL/SSL.py @@ -1888,7 +1888,7 @@ def get_protocol_version(self): Obtain the protocol version of the current connection. :returns: The TLS version of the current connection, for example - the value for TLS 1.2 would be 0x303. + the value for TLS 1.2 would be ``TLSv1.2``. :rtype: :py:class:`unicode` """ version = _ffi.string(_lib.SSL_get_version(self._ssl)) From f00513f42509c868756ece9d71cc1dbc5727060d Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Tue, 26 May 2015 23:15:47 -0400 Subject: [PATCH 10/18] Remove extra line break --- setup.py | 1 - 1 file changed, 1 deletion(-) diff --git a/setup.py b/setup.py index 74efee9e6..f742c1ed0 100755 --- a/setup.py +++ b/setup.py @@ -1,4 +1,3 @@ - #!/usr/bin/env python # -*- coding: utf-8 -*- # From abff188a6bfda1e624d49d33a3e109904c440a38 Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Wed, 27 May 2015 09:15:55 -0400 Subject: [PATCH 11/18] differentiated the two functions. Updated docs, and tests --- ChangeLog | 6 ++++-- OpenSSL/SSL.py | 8 ++++---- OpenSSL/test/test_ssl.py | 21 ++++++++++++++++++--- doc/api/ssl.rst | 15 ++++++++++++--- 4 files changed, 38 insertions(+), 12 deletions(-) diff --git a/ChangeLog b/ChangeLog index 86fa5e20b..13f67bd9e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -7,9 +7,11 @@ 2015-04-15 Paul Kehrer - * OpenSSL/SSL.py, : Add ``get_protocol_version()`` to Connection + * OpenSSL/SSL.py, : Add ``get_protocol_version()`` and + ``get_protocol_version_name()`` to Connection Based on work from Rich Moore - * OpenSSL/test/test_crypto.py: tests for ``get_protocol_version`` + * OpenSSL/test/test_crypto.py: tests for ``get_protocol_version()`` + and ``get_protocol_version_name()`` 2015-04-15 Paul Kehrer diff --git a/OpenSSL/SSL.py b/OpenSSL/SSL.py index aaaea87c1..85cf976df 100644 --- a/OpenSSL/SSL.py +++ b/OpenSSL/SSL.py @@ -1883,16 +1883,16 @@ def get_cipher_version(self): return version.decode("utf-8") - def get_protocol_version(self): + def get_protocol_version_name(self): """ Obtain the protocol version of the current connection. :returns: The TLS version of the current connection, for example - the value for TLS 1.2 would be ``TLSv1.2``. + the value for TLS 1.2 would be ``b'TLSv1.2'``. :rtype: :py:class:`unicode` """ - version = _ffi.string(_lib.SSL_get_version(self._ssl)) - return version.decode("utf-8") + version = _lib.SSL_get_version(self._ssl) + return version @_requires_npn diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py index e118c1544..01a76c1e2 100644 --- a/OpenSSL/test/test_ssl.py +++ b/OpenSSL/test/test_ssl.py @@ -2745,17 +2745,32 @@ def test_get_cipher_bits(self): self.assertEqual(server_cipher_bits, client_cipher_bits) + def test_get_protocol_version_name(self): + """ + :py:obj:`Connection.get_protocol_version_name()` returns a string + giving the protocol version of the current connection. + """ + server, client = self._loopback() + client_protocol_version_name = client.get_protocol_version_name() + server_protocol_version_name = server.get_protocol_version_name() + + self.assertIsInstance(server_protocol_version_name, bytes) + self.assertIsInstance(client_protocol_version_name, bytes) + + self.assertEqual(server_protocol_version_name, client_protocol_version_name) + + def test_get_protocol_version(self): """ - :py:obj:`Connection.get_protocol_version()` returns a string + :py:obj:`Connection.get_protocol_version()` returns an integer giving the protocol version of the current connection. """ server, client = self._loopback() client_protocol_version = client.get_protocol_version() server_protocol_version = server.get_protocol_version() - self.assertIsInstance(server_protocol_version, text_type) - self.assertIsInstance(client_protocol_version, text_type) + self.assertIsInstance(server_protocol_version, int) + self.assertIsInstance(client_protocol_version, int) self.assertEqual(server_protocol_version, client_protocol_version) diff --git a/doc/api/ssl.rst b/doc/api/ssl.rst index 2ab29fd64..38f0d331b 100644 --- a/doc/api/ssl.rst +++ b/doc/api/ssl.rst @@ -600,9 +600,18 @@ Connection objects have the following methods: .. py:method:: Connection.get_protocol_version() - Retrieve the version of the SSL or TLS protocol used by the Connection. For - example, it will return ``TLSv1`` for connections made over TLS version 1, or - ``Unknown`` for connections that were not successfully established. + Retrieve the version of the SSL or TLS protocol used by the Connection. + For example, it will return ``0x303`` for connections made over TLS + version 1.2, or ``Unknown`` for connections that were not successfully + established. + + +.. py:method:: Connection.get_protocol_version_name() + + Retrieve the version of the SSL or TLS protocol used by the Connection. + For example, it will return ``TLSv1`` in bytes for connections made over + TLS version 1, or ``Unknown`` for connections that were not successfully + established. .. py:method:: Connection.get_client_ca_list() From d382d6db0cca022ce79c124fa51c77a81037763d Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Wed, 27 May 2015 17:43:40 -0400 Subject: [PATCH 12/18] modified Changelog to reflect new additions --- ChangeLog | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/ChangeLog b/ChangeLog index 13f67bd9e..074d30ca2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,11 +1,4 @@ -2015-05-02 Jim Shaver - - * .travis.yml, setup.py, tox.ini: Removed support for Python 3.2. - This version is rarely used and is now deprecated by a major - dependency of pyOpenSSL (cryptography). Affected users should upgrade - to Python 3.3+. - -2015-04-15 Paul Kehrer +2015-05-27 Jim Shaver * OpenSSL/SSL.py, : Add ``get_protocol_version()`` and ``get_protocol_version_name()`` to Connection @@ -13,6 +6,13 @@ * OpenSSL/test/test_crypto.py: tests for ``get_protocol_version()`` and ``get_protocol_version_name()`` +2015-05-02 Jim Shaver + + * .travis.yml, setup.py, tox.ini: Removed support for Python 3.2. + This version is rarely used and is now deprecated by a major + dependency of pyOpenSSL (cryptography). Affected users should upgrade + to Python 3.3+. + 2015-04-15 Paul Kehrer * OpenSSL/crypto.py, OpenSSL/test/test_crypto.py: Switch to utf8string From d1c896e0282f3bc0e80e9fd14a306ac68265a4d1 Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Wed, 27 May 2015 17:50:21 -0400 Subject: [PATCH 13/18] Added string() to get_protocol_version_name --- OpenSSL/SSL.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OpenSSL/SSL.py b/OpenSSL/SSL.py index 85cf976df..af1931f33 100644 --- a/OpenSSL/SSL.py +++ b/OpenSSL/SSL.py @@ -1891,7 +1891,7 @@ def get_protocol_version_name(self): the value for TLS 1.2 would be ``b'TLSv1.2'``. :rtype: :py:class:`unicode` """ - version = _lib.SSL_get_version(self._ssl) + version = _ffi.string(_lib.SSL_get_version(self._ssl)) return version From a923e93d5d92f5ba0c84f5c93ad6d18bad1098f0 Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Thu, 28 May 2015 08:59:47 -0400 Subject: [PATCH 14/18] update Changelog as tests are assumed --- ChangeLog | 2 -- 1 file changed, 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 074d30ca2..cd84be7c1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,8 +3,6 @@ * OpenSSL/SSL.py, : Add ``get_protocol_version()`` and ``get_protocol_version_name()`` to Connection Based on work from Rich Moore - * OpenSSL/test/test_crypto.py: tests for ``get_protocol_version()`` - and ``get_protocol_version_name()`` 2015-05-02 Jim Shaver From 208438c9a8c9e2aea7d9a266bf6a8012a0939d7c Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Thu, 28 May 2015 09:52:38 -0400 Subject: [PATCH 15/18] Fixing the truth in Changelog SSL.py and test_ssl.py --- ChangeLog | 4 ++-- OpenSSL/SSL.py | 25 +++++++++++++------------ OpenSSL/test/test_ssl.py | 1 + doc/api/ssl.rst | 5 ++--- 4 files changed, 18 insertions(+), 17 deletions(-) diff --git a/ChangeLog b/ChangeLog index cd84be7c1..b5b392272 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,8 +1,8 @@ 2015-05-27 Jim Shaver * OpenSSL/SSL.py, : Add ``get_protocol_version()`` and - ``get_protocol_version_name()`` to Connection - Based on work from Rich Moore + ``get_protocol_version_name()`` to ``Connection``. + Based on work from Rich Moore. 2015-05-02 Jim Shaver diff --git a/OpenSSL/SSL.py b/OpenSSL/SSL.py index af1931f33..ec032418d 100644 --- a/OpenSSL/SSL.py +++ b/OpenSSL/SSL.py @@ -1889,12 +1889,24 @@ def get_protocol_version_name(self): :returns: The TLS version of the current connection, for example the value for TLS 1.2 would be ``b'TLSv1.2'``. - :rtype: :py:class:`unicode` + :rtype: :py:class:`bytes` """ version = _ffi.string(_lib.SSL_get_version(self._ssl)) return version + def get_protocol_version(self): + """ + Obtain the protocol version of the current connection. + + :returns: The TLS version of the current connection, for example + the value for TLS 1 would be 0x769. + :rtype: :py:class:`int` + """ + version = _lib.SSL_version(self._ssl) + return version + + @_requires_npn def get_next_proto_negotiated(self): """ @@ -1950,17 +1962,6 @@ def get_alpn_proto_negotiated(self): return _ffi.buffer(data[0], data_len[0])[:] - def get_protocol_version(self): - """ - Obtain the protocol version of the current connection. - - :returns: The TLS version of the current connection, for example - the value for TLS 1.2 would be 0x303. - :rtype: :py:class:`int` - """ - version = _lib.SSL_version(self._ssl) - return version - ConnectionType = Connection diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py index 01a76c1e2..91f115cf6 100644 --- a/OpenSSL/test/test_ssl.py +++ b/OpenSSL/test/test_ssl.py @@ -2775,6 +2775,7 @@ def test_get_protocol_version(self): self.assertEqual(server_protocol_version, client_protocol_version) + class ConnectionGetCipherListTests(TestCase): """ Tests for :py:obj:`Connection.get_cipher_list`. diff --git a/doc/api/ssl.rst b/doc/api/ssl.rst index 38f0d331b..3315580a2 100644 --- a/doc/api/ssl.rst +++ b/doc/api/ssl.rst @@ -601,9 +601,8 @@ Connection objects have the following methods: .. py:method:: Connection.get_protocol_version() Retrieve the version of the SSL or TLS protocol used by the Connection. - For example, it will return ``0x303`` for connections made over TLS - version 1.2, or ``Unknown`` for connections that were not successfully - established. + For example, it will return ``0x769`` for connections made over TLS + version 1. .. py:method:: Connection.get_protocol_version_name() From 58d257327d3cee9ef8dcd03a3e47973d791ed94b Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Thu, 28 May 2015 11:52:32 -0400 Subject: [PATCH 16/18] Switch get_protocol_version_name back to unicode. --- OpenSSL/SSL.py | 7 ++++--- OpenSSL/test/test_ssl.py | 4 ++-- doc/api/ssl.rst | 5 ++--- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/OpenSSL/SSL.py b/OpenSSL/SSL.py index ec032418d..4c221d087 100644 --- a/OpenSSL/SSL.py +++ b/OpenSSL/SSL.py @@ -1888,11 +1888,12 @@ def get_protocol_version_name(self): Obtain the protocol version of the current connection. :returns: The TLS version of the current connection, for example - the value for TLS 1.2 would be ``b'TLSv1.2'``. - :rtype: :py:class:`bytes` + the value for TLS 1.2 would be ``TLSv1.2``or ``Unknown`` + for connections that were not successfully. + :rtype: :py:class:`unicode` """ version = _ffi.string(_lib.SSL_get_version(self._ssl)) - return version + return version.decode("utf-8") def get_protocol_version(self): diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py index 91f115cf6..e586537f9 100644 --- a/OpenSSL/test/test_ssl.py +++ b/OpenSSL/test/test_ssl.py @@ -2754,8 +2754,8 @@ def test_get_protocol_version_name(self): client_protocol_version_name = client.get_protocol_version_name() server_protocol_version_name = server.get_protocol_version_name() - self.assertIsInstance(server_protocol_version_name, bytes) - self.assertIsInstance(client_protocol_version_name, bytes) + self.assertIsInstance(server_protocol_version_name, text_type) + self.assertIsInstance(client_protocol_version_name, text_type) self.assertEqual(server_protocol_version_name, client_protocol_version_name) diff --git a/doc/api/ssl.rst b/doc/api/ssl.rst index 3315580a2..bea6e251d 100644 --- a/doc/api/ssl.rst +++ b/doc/api/ssl.rst @@ -608,9 +608,8 @@ Connection objects have the following methods: .. py:method:: Connection.get_protocol_version_name() Retrieve the version of the SSL or TLS protocol used by the Connection. - For example, it will return ``TLSv1`` in bytes for connections made over - TLS version 1, or ``Unknown`` for connections that were not successfully - established. + For example, it will return ``TLSv1`` for connections made over TLS version + 1, or ``Unknown`` for connections that were not successfully established. .. py:method:: Connection.get_client_ca_list() From b5b6b0e1924880f0d3ebbfe4cffff1671ca83cb8 Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Thu, 28 May 2015 16:47:36 -0400 Subject: [PATCH 17/18] fix grammar and english in SSL.py and ssl.rst --- OpenSSL/SSL.py | 2 +- OpenSSL/test/test_ssl.py | 2 +- doc/api/ssl.rst | 7 ++++--- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/OpenSSL/SSL.py b/OpenSSL/SSL.py index 4c221d087..8c87c349b 100644 --- a/OpenSSL/SSL.py +++ b/OpenSSL/SSL.py @@ -1889,7 +1889,7 @@ def get_protocol_version_name(self): :returns: The TLS version of the current connection, for example the value for TLS 1.2 would be ``TLSv1.2``or ``Unknown`` - for connections that were not successfully. + for connections that were not successfully established. :rtype: :py:class:`unicode` """ version = _ffi.string(_lib.SSL_get_version(self._ssl)) diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py index e586537f9..ead25038c 100644 --- a/OpenSSL/test/test_ssl.py +++ b/OpenSSL/test/test_ssl.py @@ -142,7 +142,7 @@ def socket_pair(): # Most of our callers want non-blocking sockets, make it easy for them. server.setblocking(False) client.setblocking(False) - + port.close() return (server, client) diff --git a/doc/api/ssl.rst b/doc/api/ssl.rst index bea6e251d..89ae6a1c2 100644 --- a/doc/api/ssl.rst +++ b/doc/api/ssl.rst @@ -607,9 +607,10 @@ Connection objects have the following methods: .. py:method:: Connection.get_protocol_version_name() - Retrieve the version of the SSL or TLS protocol used by the Connection. - For example, it will return ``TLSv1`` for connections made over TLS version - 1, or ``Unknown`` for connections that were not successfully established. + Retrieve the version of the SSL or TLS protocol used by the Connection as + a unicode string. For example, it will return ``TLSv1`` for connections + made over TLS version 1, or ``Unknown`` for connections that were not + successfully established. .. py:method:: Connection.get_client_ca_list() From 46f28913101d68549a5bc8efc47f0f27b7b3925d Mon Sep 17 00:00:00 2001 From: Jim Shaver Date: Fri, 29 May 2015 19:32:16 -0400 Subject: [PATCH 18/18] Fixed test_ssl.py. Branches got mixed. --- OpenSSL/test/test_ssl.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py index ead25038c..e586537f9 100644 --- a/OpenSSL/test/test_ssl.py +++ b/OpenSSL/test/test_ssl.py @@ -142,7 +142,7 @@ def socket_pair(): # Most of our callers want non-blocking sockets, make it easy for them. server.setblocking(False) client.setblocking(False) - port.close() + return (server, client)