Merge branch 'master' into autodoc
diff --git a/doc/api/crypto.rst b/doc/api/crypto.rst
index 237c7ae..43860ea 100644
--- a/doc/api/crypto.rst
+++ b/doc/api/crypto.rst
@@ -6,6 +6,117 @@
.. py:module:: OpenSSL.crypto
:synopsis: Generic cryptographic module
+
+.. py:data:: X509Type
+
+ See :py:class:`X509`.
+
+
+.. py:class:: X509()
+
+ A class representing X.509 certificates.
+
+
+.. py:data:: X509NameType
+
+ See :py:class:`X509Name`.
+
+
+.. py:class:: X509Name(x509name)
+
+ A class representing X.509 Distinguished Names.
+
+ This constructor creates a copy of *x509name* which should be an
+ instance of :py:class:`X509Name`.
+
+
+.. py:data:: X509ReqType
+
+ See :py:class:`X509Req`.
+
+
+.. py:class:: X509Req()
+
+ A class representing X.509 certificate requests.
+
+
+.. py:data:: X509StoreType
+
+ See :py:class:`X509Store`
+
+
+.. py:data:: X509Store
+
+ A class representing the X.509 store.
+
+
+.. py:data:: X509StoreContext
+
+ A class representing the X.509 store context.
+
+
+.. py:data:: PKeyType
+
+ See :py:class:`PKey`.
+
+
+.. py:class:: PKey()
+
+ A class representing DSA or RSA keys.
+
+.. py:data:: PKCS7Type
+
+ A Python type object representing the PKCS7 object type.
+
+
+.. py:data:: PKCS12Type
+
+ A Python type object representing the PKCS12 object type.
+
+
+.. py:data:: X509ExtensionType
+
+ See :py:class:`X509Extension`.
+
+
+.. py:class:: X509Extension(typename, critical, value[, subject][, issuer])
+
+ A class representing an X.509 v3 certificate extensions. See
+ http://openssl.org/docs/apps/x509v3_config.html#STANDARD_EXTENSIONS for
+ *typename* strings and their options. Optional parameters *subject* and
+ *issuer* must be X509 objects.
+
+
+.. py:data:: NetscapeSPKIType
+
+ See :py:class:`NetscapeSPKI`.
+
+
+.. py:class:: NetscapeSPKI([enc])
+
+ A class representing Netscape SPKI objects.
+
+ If the *enc* argument is present, it should be a base64-encoded string
+ representing a NetscapeSPKI object, as returned by the :py:meth:`b64_encode`
+ method.
+
+
+.. py:class:: CRL()
+
+ A class representing Certifcate Revocation List objects.
+
+
+.. py:class:: Revoked()
+
+ A class representing Revocation objects of CRL.
+
+
+.. py:data:: FILETYPE_PEM
+ FILETYPE_ASN1
+
+ File type constants.
+
+
.. py:data:: TYPE_RSA
TYPE_DSA
@@ -182,6 +293,35 @@
.. autoclass:: X509Store
:members:
+X509StoreContextError objects
+-----------------------------
+
+The X509StoreContextError is an exception raised from
+`X509StoreContext.verify_certificate` in circumstances where a certificate
+cannot be verified in a provided context.
+
+The certificate for which the verification error was detected is given by the
+``certificate`` attribute of the exception instance as a :class:`X509`
+instance.
+
+Details about the verification error are given in the exception's ``args`` attribute.
+
+
+X509StoreContext objects
+------------------------
+
+The X509StoreContext object is used for verifying a certificate against a set
+of trusted certificates.
+
+
+.. py:method:: X509StoreContext.verify_certificate()
+
+ Verify a certificate in the context of this initialized `X509StoreContext`.
+ On error, raises `X509StoreContextError`, otherwise does nothing.
+
+ .. versionadded:: 0.15
+
+
.. _openssl-pkey:
PKey objects
diff --git a/doc/api/ssl.rst b/doc/api/ssl.rst
index a75af1f..2929305 100644
--- a/doc/api/ssl.rst
+++ b/doc/api/ssl.rst
@@ -472,6 +472,53 @@
.. versionadded:: 0.13
+.. py:method:: Context.set_npn_advertise_callback(callback)
+
+ Specify a callback function that will be called when offering `Next
+ Protocol Negotiation
+ <https://technotes.googlecode.com/git/nextprotoneg.html>`_ as a server.
+
+ *callback* should be the callback function. It will be invoked with one
+ argument, the :py:class:`Connection` instance. It should return a list of
+ bytestrings representing the advertised protocols, like
+ ``[b'http/1.1', b'spdy/2']``.
+
+ .. versionadded:: 0.15
+
+
+.. py:method:: Context.set_npn_select_callback(callback):
+
+ Specify a callback function that will be called when a server offers Next
+ Protocol Negotiation options.
+
+ *callback* should be the callback function. It will be invoked with two
+ arguments: the :py:class:`Connection`, and a list of offered protocols as
+ bytestrings, e.g. ``[b'http/1.1', b'spdy/2']``. It should return one of
+ those bytestrings, the chosen protocol.
+
+ .. versionadded:: 0.15
+
+.. py:method:: Context.set_alpn_protos(protos)
+
+ Specify the protocols that the client is prepared to speak after the TLS
+ connection has been negotiated using Application Layer Protocol
+ Negotiation.
+
+ *protos* should be a list of protocols that the client is offering, each
+ as a bytestring. For example, ``[b'http/1.1', b'spdy/2']``.
+
+
+.. py:method:: Context.set_alpn_select_callback(callback)
+
+ Specify a callback function that will be called on the server when a client
+ offers protocols using Application Layer Protocol Negotiation.
+
+ *callback* should be the callback function. It will be invoked with two
+ arguments: the :py:class:`Connection` and a list of offered protocols as
+ bytestrings, e.g. ``[b'http/1.1', b'spdy/2']``. It should return one of
+ these bytestrings, the chosen protocol.
+
+
.. _openssl-session:
Session objects
@@ -614,6 +661,14 @@
by *bufsize*.
+.. py:method:: Connection.recv_into(buffer[, nbytes[, flags]])
+
+ Receive data from the Connection and copy it directly into the provided
+ buffer. The return value is the number of bytes read from the connection.
+ The maximum amount of data to be received at once is specified by *nbytes*.
+ *flags* is accepted for compatibility with ``socket.recv_into`` but its
+ value is ignored.
+
.. py:method:: Connection.bio_write(bytes)
If the Connection was created with a memory BIO, this method can be used to add
@@ -806,6 +861,31 @@
.. versionadded:: 0.15
+.. py:method:: Connection.get_next_proto_negotiated():
+
+ Get the protocol that was negotiated by Next Protocol Negotiation. Returns
+ a bytestring of the protocol name. If no protocol has been negotiated yet,
+ returns an empty string.
+
+ .. versionadded:: 0.15
+
+.. py:method:: Connection.set_alpn_protos(protos)
+
+ Specify the protocols that the client is prepared to speak after the TLS
+ connection has been negotiated using Application Layer Protocol
+ Negotiation.
+
+ *protos* should be a list of protocols that the client is offering, each
+ as a bytestring. For example, ``[b'http/1.1', b'spdy/2']``.
+
+
+.. py:method:: Connection.get_alpn_proto_negotiated()
+
+ Get the protocol that was negotiated by Application Layer Protocol
+ Negotiation. Returns a bytestring of the protocol name. If no protocol has
+ been negotiated yet, returns an empty string.
+
+
.. Rubric:: Footnotes
.. [#connection-context-socket] Actually, all that is required is an object that
diff --git a/doc/conf.py b/doc/conf.py
index 5dc2bd9..5a1940b 100644
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -51,9 +51,9 @@
# built documents.
#
# The short X.Y version.
-version = '0.14'
+version = '0.15.1'
# The full version, including alpha/beta/rc tags.
-release = '0.14'
+release = version
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
@@ -123,7 +123,7 @@
# Add any paths that contain custom static files (such as style sheets) here,
# relative to this directory. They are copied after the builtin static files,
# so a file named "default.css" will overwrite the builtin "default.css".
-html_static_path = ['_static']
+# html_static_path = ['_static']
# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
# using the given strftime format.