Merge tls-thread-safety - make OpenSSL.SSL.Connection (and anything in pyOpenSSL which interacts with them) thread safe.
diff --git a/ChangeLog b/ChangeLog
index b6ce26a..d861220 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,18 @@
+2008-09-22 Jean-Paul Calderone <exarkun@twistedmatrix.com>
+
+ * tsafe.py: Deprecated the thread-safe Connection wrapper, since the
+ basic connection class should be thread-safe now.
+
+2008-09-21 Jean-Paul Calderone <exarkun@twistedmatrix.com>
+
+ * src/ssl/ssl.h, src/ssl/ssl.c: Add a thread-local storage key
+ which will be used to store and retrieve PyThreadState pointers
+ whenever it is necessary to release or re-acquire the GIL.
+
+ * src/ssl/context.c: Change global_verify_callback so that it
+ unconditionally manipulates the Python threadstate, rather than
+ checking the tstate field which is now always NULL.
+
2008-04-26 Jean-Paul Calderone <exarkun@twistedmatrix.com>
* src/ssl/context.c: Change global_passphrase_callback and
diff --git a/TODO b/TODO
index 0268ea0..cbcf642 100644
--- a/TODO
+++ b/TODO
@@ -3,7 +3,6 @@
* Think more carefully about the relation between X509 and X509_NAME
_set_{subject,issuer} dup the new name and free the old one.
* Consider Pyrex
-* Update tsafe.Connection and make sure the docs are correct
* Updated docs! (rpm, ...)
* _Somehow_ get makefile to work!
* httpslib, imapslib, ftpslib?
diff --git a/doc/html/building.html b/doc/html/building.html
index 8b4cb5d..5cf7429 100644
--- a/doc/html/building.html
+++ b/doc/html/building.html
@@ -62,9 +62,9 @@
<A NAME="CHILD_LINKS"><STRONG>Subsections</STRONG></A>
<UL CLASS="ChildLinks">
-<LI><A NAME="tex2html78"
+<LI><A NAME="tex2html77"
href="building-unix.html">2.1 Building the Module on a Unix System </A>
-<LI><A NAME="tex2html79"
+<LI><A NAME="tex2html78"
href="building-windows.html">2.2 Building the Module on a Windows System </A>
</UL>
<!--End of Table of Child-Links-->
diff --git a/doc/html/callbacks.html b/doc/html/callbacks.html
index 9a9aeaf..7e5494f 100644
--- a/doc/html/callbacks.html
+++ b/doc/html/callbacks.html
@@ -54,9 +54,9 @@
is needed. Another problem is thread support. A lot of the OpenSSL I/O
functions can block if the socket is in blocking mode, and then you want other
Python threads to be able to do other things. The real trouble is if you've
-released the thread lock to do a potentially blocking operation, and the
-operation calls a callback. Then we must take the thread lock back<A NAME="tex2html5"
- HREF="#foot972"><SUP>4</SUP></A>.
+released the global CPython interpreter lock to do a potentially blocking
+operation, and the operation calls a callback. Then we must take the GIL back,
+since calling Python APIs without holding it is not allowed.
<P>
There are two solutions to the first problem, both of which are necessary. The
@@ -71,27 +71,20 @@
easily find the Python callback.
<P>
-The other problem is also partially solved by app_data. Since we're associating
-our wrapper objects with the ''real'' objects, we can easily access data from
-the <tt class="class">Connection</tt> object. The solution then is to simply include a
-<tt class="ctype">PyThreadState</tt> variable in the <tt class="class">Connection</tt> declaration, and write
-macros similar to <tt class="cfunction">Py_BEGIN_ALLOW_THREADS</tt> and
-<tt class="cfunction">Py_END_ALLOW_THREADS</tt> that allows specifying of the
-<tt class="ctype">PyThreadState</tt> variable to use. Now we can simply ''begin allow
-threads'' before a potentially blocking operation, and ''end allow threads''
-before calling a callback.
+The other problem is solved using thread local variables. Whenever the GIL is
+released before calling into an OpenSSL API, the PyThreadState pointer returned
+by <tt class="cfunction">PyEval_SaveState</tt> is stored in a global thread local variable
+(using Python's own TLS API, <tt class="cfunction">PyThread_set_key_value</tt>). When it is
+necessary to re-acquire the GIL, either after the OpenSSL API returns or in a C
+callback invoked by that OpenSSL API, the value of the thread local variable is
+retrieved (<tt class="cfunction">PyThread_get_key_value</tt>) and used to re-acquire the GIL.
+This allows Python threads to execute while OpenSSL APIs are running and allows
+use of any particular pyOpenSSL object from any Python thread, since there is
+no per-thread state associated with any of these objects and since OpenSSL is
+threadsafe (as long as properly initialized, as pyOpenSSL initializes it).
<P>
-<BR><HR><H4>Footnotes</H4>
-<DL>
-<DT><A NAME="foot972">... back</A><A
- href="callbacks.html#tex2html5"><SUP>4</SUP></A></DT>
-<DD>I'm
-not sure why this is necessary, but otherwise I get a segmentation violation on
-<tt class="cfunction">PyEval_CallObject</tt>
-</DD>
-</DL>
<DIV CLASS="navigation">
<p><hr>
<table align="center" width="100%" cellpadding="0" cellspacing="2">
diff --git a/doc/html/contents.html b/doc/html/contents.html
index 155b183..2953069 100644
--- a/doc/html/contents.html
+++ b/doc/html/contents.html
@@ -46,36 +46,36 @@
<!--Table of Contents-->
<UL CLASS="TofC">
-<LI><A NAME="tex2html44"
+<LI><A NAME="tex2html43"
href="intro.html">1 Introduction </A>
-<LI><A NAME="tex2html45"
+<LI><A NAME="tex2html44"
href="building.html">2 Building and Installing </A>
<UL>
-<LI><A NAME="tex2html46"
+<LI><A NAME="tex2html45"
href="building-unix.html">2.1 Building the Module on a Unix System </A>
-<LI><A NAME="tex2html47"
+<LI><A NAME="tex2html46"
href="building-windows.html">2.2 Building the Module on a Windows System </A>
</UL>
<BR>
-<LI><A NAME="tex2html48"
+<LI><A NAME="tex2html47"
href="openssl.html">3 OpenSSL -- Python interface to OpenSSL </A>
<UL>
-<LI><A NAME="tex2html49"
+<LI><A NAME="tex2html48"
href="openssl-crypto.html">3.1 crypto -- Generic cryptographic module </A>
-<LI><A NAME="tex2html50"
+<LI><A NAME="tex2html49"
href="openssl-rand.html">3.2 rand -- An interface to the OpenSSL pseudo random number generator </A>
-<LI><A NAME="tex2html51"
+<LI><A NAME="tex2html50"
href="openssl-ssl.html">3.3 SSL -- An interface to the SSL-specific parts of OpenSSL </A>
</UL>
<BR>
-<LI><A NAME="tex2html52"
+<LI><A NAME="tex2html51"
href="internals.html">4 Internals </A>
<UL>
-<LI><A NAME="tex2html53"
+<LI><A NAME="tex2html52"
href="exceptions.html">4.1 Exceptions </A>
-<LI><A NAME="tex2html54"
+<LI><A NAME="tex2html53"
href="callbacks.html">4.2 Callbacks </A>
-<LI><A NAME="tex2html55"
+<LI><A NAME="tex2html54"
href="socket-methods.html">4.3 Acessing Socket Methods </A>
</UL></UL>
<!--End of Table of Contents-->
diff --git a/doc/html/index.html b/doc/html/index.html
index 9f1246c..15d0583 100644
--- a/doc/html/index.html
+++ b/doc/html/index.html
@@ -67,68 +67,68 @@
<UL CLASS="ChildLinks">
-<LI><A NAME="tex2html9"
+<LI><A NAME="tex2html8"
href="contents.html">Contents</A>
-<LI><A NAME="tex2html10"
+<LI><A NAME="tex2html9"
href="intro.html">1 Introduction </A>
-<LI><A NAME="tex2html11"
+<LI><A NAME="tex2html10"
href="building.html">2 Building and Installing </A>
<UL>
-<LI><A NAME="tex2html12"
+<LI><A NAME="tex2html11"
href="building-unix.html">2.1 Building the Module on a Unix System </A>
-<LI><A NAME="tex2html13"
+<LI><A NAME="tex2html12"
href="building-windows.html">2.2 Building the Module on a Windows System </A>
</UL>
<BR>
-<LI><A NAME="tex2html14"
+<LI><A NAME="tex2html13"
href="openssl.html">3 <tt class="module">OpenSSL</tt> -- Python interface to OpenSSL </A>
<UL>
-<LI><A NAME="tex2html15"
+<LI><A NAME="tex2html14"
href="openssl-crypto.html">3.1 <tt class="module">crypto</tt> -- Generic cryptographic module </A>
<UL>
-<LI><A NAME="tex2html16"
+<LI><A NAME="tex2html15"
href="openssl-x509.html">3.1.1 X509 objects </A>
-<LI><A NAME="tex2html17"
+<LI><A NAME="tex2html16"
href="openssl-x509name.html">3.1.2 X509Name objects </A>
-<LI><A NAME="tex2html18"
+<LI><A NAME="tex2html17"
href="openssl-x509req.html">3.1.3 X509Req objects </A>
-<LI><A NAME="tex2html19"
+<LI><A NAME="tex2html18"
href="openssl-x509store.html">3.1.4 X509Store objects </A>
-<LI><A NAME="tex2html20"
+<LI><A NAME="tex2html19"
href="openssl-pkey.html">3.1.5 PKey objects </A>
-<LI><A NAME="tex2html21"
+<LI><A NAME="tex2html20"
href="openssl-pkcs7.html">3.1.6 PKCS7 objects </A>
-<LI><A NAME="tex2html22"
+<LI><A NAME="tex2html21"
href="openssl-pkcs12.html">3.1.7 PKCS12 objects </A>
-<LI><A NAME="tex2html23"
+<LI><A NAME="tex2html22"
href="openssl-509ext.html">3.1.8 X509Extension objects </A>
-<LI><A NAME="tex2html24"
+<LI><A NAME="tex2html23"
href="openssl-netscape-spki.html">3.1.9 NetscapeSPKI objects </A>
</UL>
-<LI><A NAME="tex2html25"
+<LI><A NAME="tex2html24"
href="openssl-rand.html">3.2 <tt class="module">rand</tt> -- An interface to the OpenSSL pseudo random number generator </A>
-<LI><A NAME="tex2html26"
+<LI><A NAME="tex2html25"
href="openssl-ssl.html">3.3 <tt class="module">SSL</tt> -- An interface to the SSL-specific parts of OpenSSL </A>
<UL>
-<LI><A NAME="tex2html27"
+<LI><A NAME="tex2html26"
href="openssl-context.html">3.3.1 Context objects </A>
-<LI><A NAME="tex2html28"
+<LI><A NAME="tex2html27"
href="openssl-connection.html">3.3.2 Connection objects </A>
</UL>
</UL>
<BR>
-<LI><A NAME="tex2html29"
+<LI><A NAME="tex2html28"
href="internals.html">4 Internals </A>
<UL>
-<LI><A NAME="tex2html30"
+<LI><A NAME="tex2html29"
href="exceptions.html">4.1 Exceptions </A>
-<LI><A NAME="tex2html31"
+<LI><A NAME="tex2html30"
href="callbacks.html">4.2 Callbacks </A>
-<LI><A NAME="tex2html32"
+<LI><A NAME="tex2html31"
href="socket-methods.html">4.3 Acessing Socket Methods </A>
</UL>
<BR>
-<LI><A NAME="tex2html33"
+<LI><A NAME="tex2html32"
href="about.html">About this document ...</A>
</UL>
<!--End of Table of Child-Links-->
diff --git a/doc/html/internals.html b/doc/html/internals.html
index 79b9c1e..5b1526a 100644
--- a/doc/html/internals.html
+++ b/doc/html/internals.html
@@ -59,11 +59,11 @@
<A NAME="CHILD_LINKS"><STRONG>Subsections</STRONG></A>
<UL CLASS="ChildLinks">
-<LI><A NAME="tex2html295"
+<LI><A NAME="tex2html294"
href="exceptions.html">4.1 Exceptions </A>
-<LI><A NAME="tex2html296"
+<LI><A NAME="tex2html295"
href="callbacks.html">4.2 Callbacks </A>
-<LI><A NAME="tex2html297"
+<LI><A NAME="tex2html296"
href="socket-methods.html">4.3 Acessing Socket Methods </A>
</UL>
<!--End of Table of Child-Links-->
diff --git a/doc/html/intro.html b/doc/html/intro.html
index 9d2127b..c25a685 100644
--- a/doc/html/intro.html
+++ b/doc/html/intro.html
@@ -55,7 +55,7 @@
were also limited, though in different ways. Unfortunately, Python's standard
library SSL support has remained weak, although other packages (such as
M2Crypto<A NAME="tex2html1"
- HREF="#foot933"><SUP>1</SUP></A>)
+ HREF="#foot929"><SUP>1</SUP></A>)
have made great advances and now equal or exceed pyOpenSSL's functionality.
<P>
@@ -67,7 +67,7 @@
<P>
<BR><HR><H4>Footnotes</H4>
<DL>
-<DT><A NAME="foot933">...
+<DT><A NAME="foot929">...
M2Crypto</A><A
href="intro.html#tex2html1"><SUP>1</SUP></A></DT>
<DD>See <a class="url" href="http://chandlerproject.org/Projects/MeTooCrypto">http://chandlerproject.org/Projects/MeTooCrypto</a>
diff --git a/doc/html/openssl-crypto.html b/doc/html/openssl-crypto.html
index 6ab45a9..f55033c 100644
--- a/doc/html/openssl-crypto.html
+++ b/doc/html/openssl-crypto.html
@@ -235,23 +235,23 @@
<A NAME="CHILD_LINKS"><STRONG>Subsections</STRONG></A>
<UL CLASS="ChildLinks">
-<LI><A NAME="tex2html136"
+<LI><A NAME="tex2html135"
href="openssl-x509.html">3.1.1 X509 objects </A>
-<LI><A NAME="tex2html137"
+<LI><A NAME="tex2html136"
href="openssl-x509name.html">3.1.2 X509Name objects </A>
-<LI><A NAME="tex2html138"
+<LI><A NAME="tex2html137"
href="openssl-x509req.html">3.1.3 X509Req objects </A>
-<LI><A NAME="tex2html139"
+<LI><A NAME="tex2html138"
href="openssl-x509store.html">3.1.4 X509Store objects </A>
-<LI><A NAME="tex2html140"
+<LI><A NAME="tex2html139"
href="openssl-pkey.html">3.1.5 PKey objects </A>
-<LI><A NAME="tex2html141"
+<LI><A NAME="tex2html140"
href="openssl-pkcs7.html">3.1.6 PKCS7 objects </A>
-<LI><A NAME="tex2html142"
+<LI><A NAME="tex2html141"
href="openssl-pkcs12.html">3.1.7 PKCS12 objects </A>
-<LI><A NAME="tex2html143"
+<LI><A NAME="tex2html142"
href="openssl-509ext.html">3.1.8 X509Extension objects </A>
-<LI><A NAME="tex2html144"
+<LI><A NAME="tex2html143"
href="openssl-netscape-spki.html">3.1.9 NetscapeSPKI objects </A>
</UL>
<!--End of Table of Child-Links-->
diff --git a/doc/html/openssl-rand.html b/doc/html/openssl-rand.html
index 2b03886..a478390 100644
--- a/doc/html/openssl-rand.html
+++ b/doc/html/openssl-rand.html
@@ -60,7 +60,7 @@
<dd>
Mix bytes from <var>string</var> into the PRNG state. The <var>entropy</var> argument is
(the lower bound of) an estimate of how much randomness is contained in
-<var>string</var>, measured in bytes. For more information, see e.g. <a class="rfc" name="rfcref-1852"
+<var>string</var>, measured in bytes. For more information, see e.g. <a class="rfc" name="rfcref-1845"
href="http://www.ietf.org/rfc/rfc1750.txt">RFC 1750</a>.
</dl>
@@ -68,7 +68,7 @@
<dl><dt><b><a name='l2h-90'><tt class='function'>egd</tt></a></b>(<var>path</var><big>[</big><var>, bytes</var><big>]</big>)
<dd>
Query the Entropy Gathering Daemon<A NAME="tex2html2"
- HREF="#foot954"><SUP>2</SUP></A> on socket <var>path</var> for <var>bytes</var>
+ HREF="#foot950"><SUP>2</SUP></A> on socket <var>path</var> for <var>bytes</var>
bytes of random data and and uses <tt class="function">add</tt> to seed the PRNG. The default
value of <var>bytes</var> is 255.
</dl>
@@ -110,7 +110,7 @@
<P>
<BR><HR><H4>Footnotes</H4>
<DL>
-<DT><A NAME="foot954">... Daemon</A><A
+<DT><A NAME="foot950">... Daemon</A><A
href="openssl-rand.html#tex2html2"><SUP>2</SUP></A></DT>
<DD>See
<a class="url" href="http://www.lothar.com/tech/crypto/">http://www.lothar.com/tech/crypto/</a>
diff --git a/doc/html/openssl-ssl.html b/doc/html/openssl-ssl.html
index 2e2a545..39fbb9e 100644
--- a/doc/html/openssl-ssl.html
+++ b/doc/html/openssl-ssl.html
@@ -121,7 +121,7 @@
<dd>
Factory fucnction that creates a new Connection object given an SSL context and
a socket <A NAME="tex2html4"
- HREF="#foot957"><SUP>3</SUP></A> object.
+ HREF="#foot953"><SUP>3</SUP></A> object.
</dl>
<P>
@@ -188,7 +188,7 @@
<P>
<BR><HR><H4>Footnotes</H4>
<DL>
-<DT><A NAME="foot957">... socket</A><A
+<DT><A NAME="foot953">... socket</A><A
href="openssl-ssl.html#tex2html4"><SUP>3</SUP></A></DT>
<DD>Actually, all that is required is an object that
<i>behaves</i> like a socket, you could even use files, even though it'd be
@@ -202,9 +202,9 @@
<A NAME="CHILD_LINKS"><STRONG>Subsections</STRONG></A>
<UL CLASS="ChildLinks">
-<LI><A NAME="tex2html262"
+<LI><A NAME="tex2html261"
href="openssl-context.html">3.3.1 Context objects </A>
-<LI><A NAME="tex2html263"
+<LI><A NAME="tex2html262"
href="openssl-connection.html">3.3.2 Connection objects </A>
</UL>
<!--End of Table of Child-Links-->
diff --git a/doc/html/openssl.html b/doc/html/openssl.html
index 112bdb7..67a6fe7 100644
--- a/doc/html/openssl.html
+++ b/doc/html/openssl.html
@@ -80,37 +80,37 @@
<A NAME="CHILD_LINKS"><STRONG>Subsections</STRONG></A>
<UL CLASS="ChildLinks">
-<LI><A NAME="tex2html111"
+<LI><A NAME="tex2html110"
href="openssl-crypto.html">3.1 <tt class="module">crypto</tt> -- Generic cryptographic module </A>
<UL>
-<LI><A NAME="tex2html112"
+<LI><A NAME="tex2html111"
href="openssl-x509.html">3.1.1 X509 objects </A>
-<LI><A NAME="tex2html113"
+<LI><A NAME="tex2html112"
href="openssl-x509name.html">3.1.2 X509Name objects </A>
-<LI><A NAME="tex2html114"
+<LI><A NAME="tex2html113"
href="openssl-x509req.html">3.1.3 X509Req objects </A>
-<LI><A NAME="tex2html115"
+<LI><A NAME="tex2html114"
href="openssl-x509store.html">3.1.4 X509Store objects </A>
-<LI><A NAME="tex2html116"
+<LI><A NAME="tex2html115"
href="openssl-pkey.html">3.1.5 PKey objects </A>
-<LI><A NAME="tex2html117"
+<LI><A NAME="tex2html116"
href="openssl-pkcs7.html">3.1.6 PKCS7 objects </A>
-<LI><A NAME="tex2html118"
+<LI><A NAME="tex2html117"
href="openssl-pkcs12.html">3.1.7 PKCS12 objects </A>
-<LI><A NAME="tex2html119"
+<LI><A NAME="tex2html118"
href="openssl-509ext.html">3.1.8 X509Extension objects </A>
-<LI><A NAME="tex2html120"
+<LI><A NAME="tex2html119"
href="openssl-netscape-spki.html">3.1.9 NetscapeSPKI objects </A>
</UL>
<BR>
-<LI><A NAME="tex2html121"
+<LI><A NAME="tex2html120"
href="openssl-rand.html">3.2 <tt class="module">rand</tt> -- An interface to the OpenSSL pseudo random number generator </A>
-<LI><A NAME="tex2html122"
+<LI><A NAME="tex2html121"
href="openssl-ssl.html">3.3 <tt class="module">SSL</tt> -- An interface to the SSL-specific parts of OpenSSL </A>
<UL>
-<LI><A NAME="tex2html123"
+<LI><A NAME="tex2html122"
href="openssl-context.html">3.3.1 Context objects </A>
-<LI><A NAME="tex2html124"
+<LI><A NAME="tex2html123"
href="openssl-connection.html">3.3.2 Connection objects </A>
</UL></UL>
<!--End of Table of Child-Links-->
diff --git a/doc/html/pyOpenSSL.how b/doc/html/pyOpenSSL.how
index 2464192..303be0d 100644
--- a/doc/html/pyOpenSSL.how
+++ b/doc/html/pyOpenSSL.how
@@ -1 +1 @@
-+++ perl /home/exarkun/Projects/pyOpenSSL/trunk/doc/tools/node2label.pl *.html
++++ perl /home/exarkun/Projects/pyOpenSSL/branches/tls-thread-safety/doc/tools/node2label.pl *.html
diff --git a/doc/html/pyOpenSSL.html b/doc/html/pyOpenSSL.html
index 9f1246c..15d0583 100644
--- a/doc/html/pyOpenSSL.html
+++ b/doc/html/pyOpenSSL.html
@@ -67,68 +67,68 @@
<UL CLASS="ChildLinks">
-<LI><A NAME="tex2html9"
+<LI><A NAME="tex2html8"
href="contents.html">Contents</A>
-<LI><A NAME="tex2html10"
+<LI><A NAME="tex2html9"
href="intro.html">1 Introduction </A>
-<LI><A NAME="tex2html11"
+<LI><A NAME="tex2html10"
href="building.html">2 Building and Installing </A>
<UL>
-<LI><A NAME="tex2html12"
+<LI><A NAME="tex2html11"
href="building-unix.html">2.1 Building the Module on a Unix System </A>
-<LI><A NAME="tex2html13"
+<LI><A NAME="tex2html12"
href="building-windows.html">2.2 Building the Module on a Windows System </A>
</UL>
<BR>
-<LI><A NAME="tex2html14"
+<LI><A NAME="tex2html13"
href="openssl.html">3 <tt class="module">OpenSSL</tt> -- Python interface to OpenSSL </A>
<UL>
-<LI><A NAME="tex2html15"
+<LI><A NAME="tex2html14"
href="openssl-crypto.html">3.1 <tt class="module">crypto</tt> -- Generic cryptographic module </A>
<UL>
-<LI><A NAME="tex2html16"
+<LI><A NAME="tex2html15"
href="openssl-x509.html">3.1.1 X509 objects </A>
-<LI><A NAME="tex2html17"
+<LI><A NAME="tex2html16"
href="openssl-x509name.html">3.1.2 X509Name objects </A>
-<LI><A NAME="tex2html18"
+<LI><A NAME="tex2html17"
href="openssl-x509req.html">3.1.3 X509Req objects </A>
-<LI><A NAME="tex2html19"
+<LI><A NAME="tex2html18"
href="openssl-x509store.html">3.1.4 X509Store objects </A>
-<LI><A NAME="tex2html20"
+<LI><A NAME="tex2html19"
href="openssl-pkey.html">3.1.5 PKey objects </A>
-<LI><A NAME="tex2html21"
+<LI><A NAME="tex2html20"
href="openssl-pkcs7.html">3.1.6 PKCS7 objects </A>
-<LI><A NAME="tex2html22"
+<LI><A NAME="tex2html21"
href="openssl-pkcs12.html">3.1.7 PKCS12 objects </A>
-<LI><A NAME="tex2html23"
+<LI><A NAME="tex2html22"
href="openssl-509ext.html">3.1.8 X509Extension objects </A>
-<LI><A NAME="tex2html24"
+<LI><A NAME="tex2html23"
href="openssl-netscape-spki.html">3.1.9 NetscapeSPKI objects </A>
</UL>
-<LI><A NAME="tex2html25"
+<LI><A NAME="tex2html24"
href="openssl-rand.html">3.2 <tt class="module">rand</tt> -- An interface to the OpenSSL pseudo random number generator </A>
-<LI><A NAME="tex2html26"
+<LI><A NAME="tex2html25"
href="openssl-ssl.html">3.3 <tt class="module">SSL</tt> -- An interface to the SSL-specific parts of OpenSSL </A>
<UL>
-<LI><A NAME="tex2html27"
+<LI><A NAME="tex2html26"
href="openssl-context.html">3.3.1 Context objects </A>
-<LI><A NAME="tex2html28"
+<LI><A NAME="tex2html27"
href="openssl-connection.html">3.3.2 Connection objects </A>
</UL>
</UL>
<BR>
-<LI><A NAME="tex2html29"
+<LI><A NAME="tex2html28"
href="internals.html">4 Internals </A>
<UL>
-<LI><A NAME="tex2html30"
+<LI><A NAME="tex2html29"
href="exceptions.html">4.1 Exceptions </A>
-<LI><A NAME="tex2html31"
+<LI><A NAME="tex2html30"
href="callbacks.html">4.2 Callbacks </A>
-<LI><A NAME="tex2html32"
+<LI><A NAME="tex2html31"
href="socket-methods.html">4.3 Acessing Socket Methods </A>
</UL>
<BR>
-<LI><A NAME="tex2html33"
+<LI><A NAME="tex2html32"
href="about.html">About this document ...</A>
</UL>
<!--End of Table of Child-Links-->
diff --git a/doc/pyOpenSSL.ps b/doc/pyOpenSSL.ps
index dcd109a..d2e4a59 100644
--- a/doc/pyOpenSSL.ps
+++ b/doc/pyOpenSSL.ps
@@ -1,7 +1,7 @@
%!PS-Adobe-2.0
%%Creator: dvips(k) 5.96.1 Copyright 2007 Radical Eye Software
%%Title: pyOpenSSL.dvi
-%%CreationDate: Mon Sep 1 12:05:06 2008
+%%CreationDate: Sun Sep 21 18:58:03 2008
%%Pages: 15
%%PageOrder: Ascend
%%BoundingBox: 0 0 596 842
@@ -10,7 +10,7 @@
%DVIPSWebPage: (www.radicaleye.com)
%DVIPSCommandLine: dvips -N0 -o pyOpenSSL.ps pyOpenSSL
%DVIPSParameters: dpi=600
-%DVIPSSource: TeX output 2008.09.01:1205
+%DVIPSSource: TeX output 2008.09.21:1858
%%BeginProcSet: tex.pro 0 0
%!
/TeXDict 300 dict def TeXDict begin/N{def}def/B{bind def}N/S{exch}N/X{S
@@ -59,69 +59,8 @@
%%EndProcSet
TeXDict begin 39158280 55380996 1000 600 600 (pyOpenSSL.dvi)
@start
-%DVIPSBitmapFont: Fa ectt0800 8 14
-/Fa 14 122 df<000FE0E0003FF9F000FFFDF001FFFFF003FFFFF007FC3FF00FF00FF01F
-C007F01FC007F03F8003F03F0003F07F0001F07E0001F07E0001F07C0000E0FC000000FC
-000000F8000000F8000000F8000000F8000000F8000000F8000000F8000000F8000000F8
-000000FC000000FC0000007C0000007E0000E07E0001F07F0001F03F0001F03F8003F01F
-C003F01FC007E00FF00FE007FC1FC003FFFF8001FFFF0000FFFE00003FF800000FE0001C
-2B7DA923>67 D<FFFFFFF0FFFFFFF8FFFFFFF8FFFFFFF8FFFFFFF80F8000F80F8000F80F
-8000F80F8000F80F8000F80F8000700F8000000F8000000F8038000F807C000F807C000F
-807C000FFFFC000FFFFC000FFFFC000FFFFC000FFFFC000F807C000F807C000F807C000F
-8038000F8000000F8000000F8000000F80001C0F80003E0F80003E0F80003E0F80003E0F
-80003E0F80003EFFFFFFFEFFFFFFFEFFFFFFFEFFFFFFFEFFFFFFFC1F297EA823>69
-D<03FFF0000FFFFC001FFFFE003FFFFF003FFFFF007F807F807E001F807C000F807C000F
-80FC000FC0F80007C0F80007C0F80007C0F80007C0F80007C0F80007C0F80007C0F80007
-C0F80007C0F80007C0F80007C0F80007C0F80007C0F80007C0F80007C0F80007C0F80007
-C0F80007C0F80007C0F80007C0F80007C0F80007C0FC000FC0FC000FC07C000F807C000F
-807E001F807F807F803FFFFF003FFFFF001FFFFE000FFFFC0003FFF0001A2B7CA923>79
-D<FFFFF000FFFFFE00FFFFFF00FFFFFF80FFFFFFC00F801FE00F8007F00F8003F00F8001
-F00F8001F80F8000F80F8000F80F8000F80F8000F80F8000F80F8001F80F8001F00F8003
-F00F8007F00F801FE00FFFFFC00FFFFF800FFFFF000FFFFE000FFFF0000F8000000F8000
-000F8000000F8000000F8000000F8000000F8000000F8000000F8000000F8000000F8000
-00FFF80000FFFC0000FFFC0000FFFC0000FFF800001D297EA823>I<7FFFFF80FFFFFFC0
-FFFFFFC0FFFFFFC0FFFFFFC07FFFFF801A067C7E23>95 D<03FF80000FFFE0001FFFF800
-3FFFFC003FFFFE003F80FF003F803F801F001F8000001F8000000F800000FF80007FFF80
-03FFFF800FFFFF801FFFFF807FF00F807F000F80FC000F80FC000F80F8000F80F8001F80
-FC001F80FE003F807F81FF807FFFFFFC3FFFFFFE1FFFFFFE07FFC7FE01FE01FC1F1D7D9C
-23>97 D<FF800000FFC00000FFC00000FFC00000FFC0000007C0000007C0000007C00000
-07C0000007C0000007C0000007C0000007C1FC0007C7FF0007DFFFC007FFFFE007FFFFF0
-07FE0FF807F803F807F001FC07E000FC07E000FC07C0007E07C0007E07C0003E07C0003E
-07C0003E07C0003E07C0003E07C0007E07E0007E07E000FC07F000FC07F001FC07F803F8
-07FE0FF007FFFFF007FFFFE007DFFF8007CFFF000383F8001F297FA823>I<003FF00000
-FFFC0003FFFF0007FFFF000FFFFF001FE07F003F807F007F003E007E0000007E000000FC
-000000FC000000F8000000F8000000F8000000F8000000F8000000FC000000FC0000007E
-0007007F000F807F001F803FC01F801FF07F000FFFFF0007FFFE0003FFFC0000FFF00000
-3FC000191D7B9C23>I<003FC00000FFF80003FFFC0007FFFF000FFFFF801FF07F803F80
-1FC03F000FC07E0007C07E0007E0FC0007E0FFFFFFE0FFFFFFE0FFFFFFE0FFFFFFE0FFFF
-FFC0F8000000FC000000FC0000007E0001C07F0003E03F8007E03FE007E01FF81FC00FFF
-FFC007FFFF8001FFFE00007FFC00001FE0001B1D7D9C23>101 D<0000E00003F80003F8
-0003F80003F80003F80000E000000000000000000000000000000000000003FFF007FFF8
-07FFF807FFF803FFF80000F80000F80000F80000F80000F80000F80000F80000F80000F8
-0000F80000F80000F80000F80000F80000F80000F80000F80000F80000F80000F80000F8
-0000F80000F80000F80000F80000F80000F80000F80000F80001F83801F87C03F0FE03F0
-FE0FE0FFFFE0FFFFC07FFF003FFE000FF80015397DA923>106 D<7FFE0000FFFF0000FF
-FF0000FFFF00007FFF0000001F0000001F0000001F0000001F0000001F0000001F000000
-1F0000001F0000001F0000001F0000001F0000001F0000001F0000001F0000001F000000
-1F0000001F0000001F0000001F0000001F0000001F0000001F0000001F0000001F000000
-1F0000001F0000001F0000001F0000001F0000001F0000001F00007FFFFFC0FFFFFFE0FF
-FFFFE0FFFFFFE07FFFFFC01B297CA823>108 D<0070000000F8000000F8000000F80000
-00F8000000F8000000F8000000F800007FFFFF80FFFFFFC0FFFFFFC0FFFFFFC07FFFFF80
-00F8000000F8000000F8000000F8000000F8000000F8000000F8000000F8000000F80000
-00F8000000F8000000F8000000F801C000F803E000F803E000F803E000FC07E000FC0FE0
-00FE1FC0007FFFC0007FFF80003FFE00000FFC000007F0001B257EA423>116
-D<FFF03FFCFFF03FFCFFF03FFCFFF03FFCFFF03FFC0F8007C0078007800780078007C00F
-8003C00F0003C00F0003E01F0001E01E0001E01E0001F03E0000F03C0000F03C0000F87C
-000078780000787800007CF800003CF000003CF000003FF000001FE000001FE000001FE0
-00000FC000000780001E1D7E9C23>118 D<FFF03FFCFFF03FFCFFF03FFCFFF03FFCFFF0
-3FFC078007C00780078007C0078003C00F8003C00F0001E00F0001E01F0001F01E0000F0
-1E0000F01E0000F83C0000783C0000783C00003C7800003C7800003C7800001E7000001E
-F000000EF000000FE000000FE0000007E0000007C0000007C0000007C000000780000007
-8000000F8000000F0000000F00003E1F00007F1E00007F3E00007CFC00007FFC00007FF8
-00003FF000001FE000000F8000001E2C7E9C23>121 D E
-%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fb ecti0800 8 6
-/Fb 6 119 df<0007C000001FF000007C39C000F81FC001F01FC003E00FC007C00FC00F
+%DVIPSBitmapFont: Fa ecti0800 8 6
+/Fa 6 119 df<0007C000001FF000007C39C000F81FC001F01FC003E00FC007C00FC00F
C00FC01F800F801F800F803F000F803F001F807F001F007E001F007E001F007E003F00FE
003E00FC003E00FC003E00FC007E18FC007C38F8007C38F8007C38F800FC387801FC787C
03F8707C03F8703C0F78E01E1E3DE00FF81FC003E00F001D1F799D24>97
@@ -147,8 +86,8 @@
0F801C0007801C0007C0380003C0700003E0E00000FFC000003F00001C1F7A9D21>118
D E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fc ecrm1440 14.4 2
-/Fc 2 94 df<FFFFC0FFFFC0FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000
+%DVIPSBitmapFont: Fb ecrm1440 14.4 2
+/Fb 2 94 df<FFFFC0FFFFC0FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000
FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000
FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000
FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000FE0000
@@ -170,8 +109,8 @@
1FC0001FC0001FC0001FC0001FC0001FC0001FC0001FC0001FC0001FC0001FC0001FC000
1FC0001FC0001FC0FFFFC0FFFFC012787ED920>93 D E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fd ecti1000 10 47
-/Fd 47 123 df<00000000FF0003F000000003FFE00FFC0000000FC0F01F1E0000003F00
+%DVIPSBitmapFont: Fc ecti1000 10 47
+/Fc 47 123 df<00000000FF0003F000000003FFE00FFC0000000FC0F01F1E0000003F00
783E0F0000007E01F87C3F0000007C03F8FC7F000000FC03F8F87F000001F803F9F87F00
0001F803F1F87E000001F801E1F83C000003F00003F000000003F00003F000000003F000
03F000000007F00003F000000007E00007F000000007E00007E000000007E00007E00000
@@ -575,8 +514,8 @@
01F0001FFF07E0003E1FFFE0003C0FFFC000780FFF80007007FF0000F003FC0000E000F0
000021267BA422>I E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fe ectt1200 12 11
-/Fe 11 122 df<7FFFF8000000FFFFFC000000FFFFFE000000FFFFFE000000FFFFFC0000
+%DVIPSBitmapFont: Fd ectt1200 12 11
+/Fd 11 122 df<7FFFF8000000FFFFFC000000FFFFFE000000FFFFFE000000FFFFFC0000
007FFFF800000001FC0000000001FC0000000001FC0000000001FC0000000001FC000000
0001FC0000000001FC0000000001FC0000000001FC0000000001FC0000000001FC000000
0001FC0000000001FC0000000001FC0000000001FC0000000001FC0000000001FC000000
@@ -676,8 +615,8 @@
9FF00000007FFFE00000003FFFC00000003FFF800000001FFF000000000FFC0000000003
F0000000002D427DAA33>121 D E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Ff ectt1440 14.4 6
-/Ff 6 113 df<7FFFFF00000000FFFFFF80000000FFFFFFC0000000FFFFFFC0000000FF
+%DVIPSBitmapFont: Fe ectt1440 14.4 6
+/Fe 6 113 df<7FFFFF00000000FFFFFF80000000FFFFFFC0000000FFFFFFC0000000FF
FFFFC0000000FFFFFF800000007FFFFF0000000000FE000000000000FE000000000000FE
000000000000FE000000000000FE000000000000FE000000000000FE000000000000FE00
0000000000FE000000000000FE000000000000FE000000000000FE000000000000FE0000
@@ -754,8 +693,8 @@
000000FFFFFF80000000FFFFFF80000000FFFFFF80000000FFFFFF800000007FFFFF0000
0000344F7DB33D>112 D E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fg ecss1000 10 54
-/Fg 54 122 df<FFFFFFFFFFFFFFFFFFFFC0FFFFFFFFFFFFFFFFFFFFC0FFFFFFFFFFFFFF
+%DVIPSBitmapFont: Ff ecss1000 10 54
+/Ff 54 122 df<FFFFFFFFFFFFFFFFFFFFC0FFFFFFFFFFFFFFFFFFFFC0FFFFFFFFFFFFFF
FFFFFFC0FFFFFFFFFFFFFFFFFFFFC0FFFFFFFFFFFFFFFFFFFFC05205809853>22
D<0001F807F00007FE07F0000FFE07F0001FFE07F0003FFE07F0007F0E07F0007E0207F0
00FE00000000FC00000000FC00000001FC00000001FC00000001FC00000001FC00000001
@@ -1152,8 +1091,8 @@
00383F0000003FFE0000003FFE0000003FFC0000003FF80000000FE000000023367FA426
>I E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fh ecrm0800 8 29
-/Fh 29 122 df<0000FF00000007FFE000001F80F000003E003800007C007C0000F800FC
+%DVIPSBitmapFont: Fg ecrm0800 8 26
+/Fg 26 122 df<0000FF00000007FFE000001F80F000003E003800007C007C0000F800FC
0001F000FC0003F000FC0003E000780003E000300003E000000003E000000003E0000000
03E000000003E000000003E000000003E000000003E0007C00FFFFFFFC00FFFFFFFC0003
E000FC0003E0007C0003E0007C0003E0007C0003E0007C0003E0007C0003E0007C0003E0
@@ -1172,16 +1111,12 @@
07E000000C0003F000000C0003F000001FFFFFF800001FFFFFF80000180001F800003000
00FC0000300000FC0000300000FC00006000007E00006000007E0000E000007F0000C000
003F0000C000003F0001C000001F8003C000001F8007C000001FC00FF000003FE0FFFC00
-03FFFFFFFC0003FFFF302F7EAE35>65 D<FFFFF0FFFFF003FC0001F80001F80001F80001
-F80001F80001F80001F80001F80001F80001F80001F80001F80001F80001F80001F80001
-F80001F80001F80001F80001F80001F80001F80001F80001F80001F80001F80001F80001
-F80001F80001F80001F80001F80001F80001F80001F80001F80001F80001F80001F80003
-FC00FFFFF0FFFFF0142D7EAC19>73 D<003F803001FFF07007C07C700F000EF01E0007F0
-3C0003F0780001F0780000F0700000F0F0000070F0000070F0000070F0000030F8000030
-F8000030FC0000007E0000007F0000003FE000003FFE00001FFFE0000FFFFC0007FFFF00
-01FFFF80003FFFE00003FFE000003FF0000007F8000001F8000000F8000000FC0000007C
-C000007CC000003CC000003CC000003CE000003CE000003CE0000078F0000078F8000070
-FC0000F0FE0001E0F78003C0E3F00F00E07FFE00C00FF0001E2F7CAD27>83
+03FFFFFFFC0003FFFF302F7EAE35>65 D<003F803001FFF07007C07C700F000EF01E0007
+F03C0003F0780001F0780000F0700000F0F0000070F0000070F0000070F0000030F80000
+30F8000030FC0000007E0000007F0000003FE000003FFE00001FFFE0000FFFFC0007FFFF
+0001FFFF80003FFFE00003FFE000003FF0000007F8000001F8000000F8000000FC000000
+7CC000007CC000003CC000003CC000003CE000003CE000003CE0000078F0000078F80000
+70FC0000F0FE0001E0F78003C0E3F00F00E07FFE00C00FF0001E2F7CAD27>83
D<00FF000007FFC0000F01F0001C00F8003F007C003F003E003F003E003F003F001E001F
0000001F0000001F0000001F0000001F000007FF00007FFF0001FE1F0007F01F001FC01F
003F801F007F001F007E001F00FE001F06FC001F06FC001F06FC001F06FC003F06FE003F
@@ -1236,60 +1171,49 @@
FFFE07FF80212E7EAD25>I<07C0FFC0FFC00FC007C007C007C007C007C007C007C007C0
07C007C007C007C007C007C007C007C007C007C007C007C007C007C007C007C007C007C0
07C007C007C007C007C007C007C007C007C007C007C007C007C00FE0FFFEFFFE0F2E7EAD
-14>I<07C07F0007F000FFC3FFC03FFC00FFC783F0783F000FCE01F8E01F8007DC00F9C0
-0F8007F800FF800FC007F0007F0007C007E0007E0007C007E0007E0007C007C0007C0007
-C007C0007C0007C007C0007C0007C007C0007C0007C007C0007C0007C007C0007C0007C0
-07C0007C0007C007C0007C0007C007C0007C0007C007C0007C0007C007C0007C0007C007
-C0007C0007C007C0007C0007C007C0007C0007C007C0007C0007C007C0007C0007C007C0
-007C0007C007C0007C0007C00FE000FE000FE0FFFE0FFFE0FFFEFFFE0FFFE0FFFE371E7E
-9D3C>I<07C0FE0000FFC3FF8000FFC703E0000FDE01F00007F801F00007F000F80007F0
-00F80007E000F80007E000F80007C000F80007C000F80007C000F80007C000F80007C000
-F80007C000F80007C000F80007C000F80007C000F80007C000F80007C000F80007C000F8
-0007C000F80007C000F80007C000F80007C000F80007C000F80007C000F8000FE001FC00
-FFFE1FFFC0FFFE1FFFC0221E7E9D27>I<001FE000007FF80001F03E0003C00F00078007
-800F0003C01F0003E03E0001F03E0001F07C0000F87C0000F87C0000F8FC0000FCFC0000
-FCFC0000FCFC0000FCFC0000FCFC0000FCFC0000FCFC0000FCFC0000FC7C0000F87C0000
-F83E0001F03E0001F01F0003E01F0003E00F8007C007C00F8001F03E00007FF800001FE0
-001E207E9E23>I<000FE01800007FF8380001F81C380003E00E780007C00778000F8003
-F8001F8001F8003F0001F8003F0001F8007E0000F8007E0000F800FE0000F800FC0000F8
-00FC0000F800FC0000F800FC0000F800FC0000F800FC0000F800FC0000F800FC0000F800
-7E0000F8007E0000F8007E0000F8003F0001F8001F0001F8001F8003F8000FC007F80003
-E00EF80001F03CF800007FF0F800001FC0F800000000F800000000F800000000F8000000
-00F800000000F800000000F800000000F800000000F800000000F800000001FC0000001F
-FFC000001FFFC0222B7E9D25>113 D<0781F0FF87FCFF9E7E0F987E07B87E07B07E07F0
-3C07E00007E00007E00007C00007C00007C00007C00007C00007C00007C00007C00007C0
-0007C00007C00007C00007C00007C00007C00007C00007C0000FE000FFFF00FFFF00171E
-7E9D1B>I<01FE1807FFB81E01F83C00F8780078F00038F00038F00018F00018F80018FC
-0018FF00007FF0003FFF001FFFC00FFFF001FFF8001FFC0001FCC0007EC0003EC0003EE0
-001EE0001EF0001EF0001EF8003CF8003CFC0078FF01F0E3FFC0C0FF0017207E9E1C>I<
-00600000600000600000600000E00000E00000E00001E00003E00003E00007E0001FE000
-FFFFF0FFFFF003E00003E00003E00003E00003E00003E00003E00003E00003E00003E000
-03E00003E00003E00003E00003E00003E01803E01803E01803E01803E01803E01803E018
-03E03801F03001F07000F860003FE0000F80152A7FA81B>I<07C000F800FFC01FF800FF
-C01FF8000FC001F80007C000F80007C000F80007C000F80007C000F80007C000F80007C0
-00F80007C000F80007C000F80007C000F80007C000F80007C000F80007C000F80007C000
-F80007C000F80007C000F80007C000F80007C000F80007C000F80007C001F80007C001F8
-0007C001F80007C003F80003E007F80003E00EFC0001F81CFFC0007FF8FFC0001FE0F800
-221F7E9D27>I<FFFC01FFC0FFFC01FFC00FE0007E0007E0007C0007E000380003E00030
-0003E000700001F000600001F000600000F800C00000F800C00000F800C000007C018000
-007C018000003E030000003E030000003F070000001F060000001F060000000F8C000000
-0F8C0000000FDC00000007D800000007D800000003F000000003F000000003F000000001
-E000000001E000000000C00000221E7F9C25>I<FFFC3FFE07FFFFFC3FFE07FF0FE003F0
-01F80FC003E000F007C001E000E007C001F000E003E003F000C003E003F000C003E007F8
-01C001F00678018001F00678018001F80E7C038000F80C3C030000F80C3C0300007C181E
-0600007C181E0600007C181F0600003E300F0C00003E300F0C00003E300F8C00001F6007
-9800001F60079800001F6007D800000FC003F000000FC003F000000FC003F00000078001
-E00000078001E00000078001E00000030000C000301E7F9C33>I<FFFC01FFC0FFFC01FF
-C00FE0007E0007E0007C0007E000380003E000300003F000700001F000600001F0006000
-00F800C00000F800C00000FC01C000007C018000007E038000003E030000003E03000000
-1F060000001F060000001F8E0000000F8C0000000F8C00000007D800000007D800000003
-F000000003F000000003F000000001E000000001E000000000C000000000C00000000180
-00000001800000000380000000030000007803000000FC06000000FC06000000FC0C0000
-00FC1C000000783800000070700000003FE00000000F80000000222B7F9C25>121
+14>I<07C0FE0000FFC3FF8000FFC703E0000FDE01F00007F801F00007F000F80007F000
+F80007E000F80007E000F80007C000F80007C000F80007C000F80007C000F80007C000F8
+0007C000F80007C000F80007C000F80007C000F80007C000F80007C000F80007C000F800
+07C000F80007C000F80007C000F80007C000F80007C000F80007C000F8000FE001FC00FF
+FE1FFFC0FFFE1FFFC0221E7E9D27>110 D<001FE000007FF80001F03E0003C00F000780
+07800F0003C01F0003E03E0001F03E0001F07C0000F87C0000F87C0000F8FC0000FCFC00
+00FCFC0000FCFC0000FCFC0000FCFC0000FCFC0000FCFC0000FCFC0000FC7C0000F87C00
+00F83E0001F03E0001F01F0003E01F0003E00F8007C007C00F8001F03E00007FF800001F
+E0001E207E9E23>I<000FE01800007FF8380001F81C380003E00E780007C00778000F80
+03F8001F8001F8003F0001F8003F0001F8007E0000F8007E0000F800FE0000F800FC0000
+F800FC0000F800FC0000F800FC0000F800FC0000F800FC0000F800FC0000F800FC0000F8
+007E0000F8007E0000F8007E0000F8003F0001F8001F0001F8001F8003F8000FC007F800
+03E00EF80001F03CF800007FF0F800001FC0F800000000F800000000F800000000F80000
+0000F800000000F800000000F800000000F800000000F800000000F800000001FC000000
+1FFFC000001FFFC0222B7E9D25>113 D<0781F0FF87FCFF9E7E0F987E07B87E07B07E07
+F03C07E00007E00007E00007C00007C00007C00007C00007C00007C00007C00007C00007
+C00007C00007C00007C00007C00007C00007C00007C00007C0000FE000FFFF00FFFF0017
+1E7E9D1B>I<01FE1807FFB81E01F83C00F8780078F00038F00038F00018F00018F80018
+FC0018FF00007FF0003FFF001FFFC00FFFF001FFF8001FFC0001FCC0007EC0003EC0003E
+E0001EE0001EF0001EF0001EF8003CF8003CFC0078FF01F0E3FFC0C0FF0017207E9E1C>
+I<00600000600000600000600000E00000E00000E00001E00003E00003E00007E0001FE0
+00FFFFF0FFFFF003E00003E00003E00003E00003E00003E00003E00003E00003E00003E0
+0003E00003E00003E00003E00003E00003E01803E01803E01803E01803E01803E01803E0
+1803E03801F03001F07000F860003FE0000F80152A7FA81B>I<07C000F800FFC01FF800
+FFC01FF8000FC001F80007C000F80007C000F80007C000F80007C000F80007C000F80007
+C000F80007C000F80007C000F80007C000F80007C000F80007C000F80007C000F80007C0
+00F80007C000F80007C000F80007C000F80007C000F80007C000F80007C001F80007C001
+F80007C001F80007C003F80003E007F80003E00EFC0001F81CFFC0007FF8FFC0001FE0F8
+00221F7E9D27>I<FFFC01FFC0FFFC01FFC00FE0007E0007E0007C0007E000380003E000
+300003E000700001F000600001F000600000F800C00000F800C00000F800C000007C0180
+00007C018000003E030000003E030000003F070000001F060000001F060000000F8C0000
+000F8C0000000FDC00000007D800000007D800000003F000000003F000000003F0000000
+01E000000001E000000000C00000221E7F9C25>I<FFFC01FFC0FFFC01FFC00FE0007E00
+07E0007C0007E000380003E000300003F000700001F000600001F000600000F800C00000
+F800C00000FC01C000007C018000007E038000003E030000003E030000001F060000001F
+060000001F8E0000000F8C0000000F8C00000007D800000007D800000003F000000003F0
+00000003F000000001E000000001E000000000C000000000C00000000180000000018000
+00000380000000030000007803000000FC06000000FC06000000FC0C000000FC1C000000
+783800000070700000003FE00000000F80000000222B7F9C25>121
D E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fi ecrm0600 6 4
-/Fi 4 53 df<00E00001E00007E000FFE000F9E00001E00001E00001E00001E00001E000
+%DVIPSBitmapFont: Fh ecrm0600 6 3
+/Fh 3 52 df<00E00001E00007E000FFE000F9E00001E00001E00001E00001E00001E000
01E00001E00001E00001E00001E00001E00001E00001E00001E00001E00001E00001E000
01E00001E00001E00001E00001E00001E00001E00001E00003F000FFFFC0FFFFC012217A
A01E>49 D<01FC0007FF801C0FC03003E06001F06000F8F800F8FC00FCFC00FCFC007C78
@@ -1298,13 +1222,10 @@
1E>I<00FF0003FFC00F03E01C00F01C00F83E00FC3E007C3E007C1E00FC0C00FC0000F8
0000F80001F00003E0000FC001FF0001FF000003E00000F000007800007C00003E00003F
30003F78003FFC003FFC003FFC003EF8007E60007C3800F81E03F00FFFC001FF0018227D
-A01E>I<0000E00001E00001E00003E00007E00007E0000DE0001DE00039E00031E00061
-E000E1E000C1E00181E00381E00701E00601E00C01E01C01E01801E03001E07001E0E001
-E0FFFFFFFFFFFF0001E00001E00001E00001E00001E00001E00003F0003FFF003FFF1822
-7DA11E>I E
+A01E>I E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fj ectt0900 9 32
-/Fj 32 122 df<0001C0000003E0000003E0000003E0000003E0000003E0000003E00000
+%DVIPSBitmapFont: Fi ectt0900 9 32
+/Fi 32 122 df<0001C0000003E0000003E0000003E0000003E0000003E0000003E00000
03E0000003E0000003E0000003E0000003E0000003E0000003E0003FFFFFFCFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFF0003E0000003E0000003E0000003E0000003E0000003E00000
03E0000003E0000003E0000003E0000003E0000003E0000003E0000003E0000001C00020
@@ -1467,8 +1388,8 @@
07C000003E0FC000007F0F8000007F1F8000007E7F0000007FFE0000003FFC0000003FF8
0000001FF000000007C000000022317E9F27>I E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fk ecss1200 12 41
-/Fk 41 122 df<FFFFFFFFFFFFFFFFFFFFFFFF80FFFFFFFFFFFFFFFFFFFFFFFF80FFFFFF
+%DVIPSBitmapFont: Fj ecss1200 12 41
+/Fj 41 122 df<FFFFFFFFFFFFFFFFFFFFFFFF80FFFFFFFFFFFFFFFFFFFFFFFF80FFFFFF
FFFFFFFFFFFFFFFFFF80FFFFFFFFFFFFFFFFFFFFFFFF80FFFFFFFFFFFFFFFFFFFFFFFF80
FFFFFFFFFFFFFFFFFFFFFFFF806106809D62>22 D<00007F003FC00001FFC03FC00003FF
C03FC0000FFFC03FC0000FFFC03FC0001FFFC03FC0003FC1C03FC0003F80403FC0007F00
@@ -1858,8 +1779,8 @@
400FE00000781FC000007FFFC000007FFF8000007FFF0000007FFE0000007FFC0000000F
F000000028407EAB2D>I E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fl ecrm0700 7 4
-/Fl 4 53 df<00380000780001F8001FF800FEF800E0F80000F80000F80000F80000F800
+%DVIPSBitmapFont: Fk ecrm0700 7 3
+/Fk 3 52 df<00380000780001F8001FF800FEF800E0F80000F80000F80000F80000F800
00F80000F80000F80000F80000F80000F80000F80000F80000F80000F80000F80000F800
00F80000F80000F80000F80000F80000F80000F80000F80000F80000F80000F80000F800
00F80001FC00FFFFF8FFFFF815267BA521>49 D<00FF000003FFE0000E03F0001800F800
@@ -1871,15 +1792,10 @@
003F003C003F0000003E0000007E0000007C000000F8000001F0000007E00001FF800001
FF00000001E0000000F00000007C0000003E0000003F0000001F0000001F8000001F8038
001F807C001F80FE001F80FE001F80FE001F00FC003F0078003E0070007C003800F8001F
-01F00007FFC00000FF000019277DA521>I<0000380000003800000078000000F8000001
-F8000001F8000003F8000007F8000006F800000CF800001CF8000018F8000030F8000070
-F8000060F80000C0F80001C0F8000180F8000300F8000700F8000E00F8000C00F8001C00
-F8003800F8003000F8006000F800E000F800FFFFFFE0FFFFFFE00000F8000000F8000000
-F8000000F8000000F8000000F8000000F8000001FC00003FFFE0003FFFE01B277EA621>
-I E
+01F00007FFC00000FF000019277DA521>I E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fm ectt1000 10 68
-/Fm 68 123 df<0000380000FC0001FC0003FC0007F8000FF0001FC0003F80007F0000FE
+%DVIPSBitmapFont: Fl ectt1000 10 68
+/Fl 68 123 df<0000380000FC0001FC0003FC0007F8000FF0001FC0003F80007F0000FE
0001FC0003F80003F00007F00007E0000FE0000FC0001F80001F80003F80003F00003F00
007F00007E00007E00007E0000FE0000FC0000FC0000FC0000FC0000FC0000FC0000FC00
00FC0000FC0000FC0000FC0000FC0000FE00007E00007E00007E00007F00003F00003F00
@@ -2334,8 +2250,8 @@
FFFFFFF0FFFFFFFFF0FFFFFFFFF0FFFFFFFFF07FFFFFFFE024247DA32C>I
E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fn ecbx1000 10 29
-/Fn 29 122 df<FFFFFFFFFFFFFFFFFFFFFFFCFFFFFFFFFFFFFFFFFFFFFFFCFFFFFFFFFF
+%DVIPSBitmapFont: Fm ecbx1000 10 29
+/Fm 29 122 df<FFFFFFFFFFFFFFFFFFFFFFFCFFFFFFFFFFFFFFFFFFFFFFFCFFFFFFFFFF
FFFFFFFFFFFFFC5E0380975F>22 D<00001E000000003E00000000FE00000007FE000000
7FFE0000FFFFFE0000FFFFFE0000FFFFFE0000FF8FFE0000000FFE0000000FFE0000000F
FE0000000FFE0000000FFE0000000FFE0000000FFE0000000FFE0000000FFE0000000FFE
@@ -2560,8 +2476,8 @@
0000FFC1F0000000FFC3E00000007F87C00000007D1F800000003FFF000000001FFC0000
000007F0000000002D357EA432>I E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fo ecrm0900 9 30
-/Fo 30 122 df<0000C00001C0000380000F00000E00001C00003C0000780000F00000F0
+%DVIPSBitmapFont: Fn ecrm0900 9 30
+/Fn 30 122 df<0000C00001C0000380000F00000E00001C00003C0000780000F00000F0
0001E00003C00003C00007C0000780000F80000F00001F00001F00001E00003E00003E00
003E00003C00007C00007C00007C00007C00007C0000F80000F80000F80000F80000F800
00F80000F80000F80000F80000F80000F80000F80000F80000F80000F80000F800007C00
@@ -2748,8 +2664,8 @@
FC06000000FC0E000000701C00000078380000001FF00000000FC000000025307F9F29>
121 D E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fp ecbx0900 9 7
-/Fp 7 117 df<0000001F800000000000001F800000000000003FC00000000000003FC0
+%DVIPSBitmapFont: Fo ecbx0900 9 7
+/Fo 7 117 df<0000001F800000000000001F800000000000003FC00000000000003FC0
0000000000007FE00000000000007FE00000000000007FE0000000000000FFF000000000
0000FFF0000000000001FFF8000000000001FFF8000000000001FFF8000000000003FFFC
000000000003FFFC000000000007FFFE000000000007CFFE000000000007CFFE00000000
@@ -2795,8 +2711,8 @@
07FE078003FE078001FF0F0000FFFE00003FFC00000FF0001A2F7EAE22>I
E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fq ecss0900 9 28
-/Fq 28 122 df<FEFEFEFEFEFEFE0707798615>46 D<00000070000000F8000000F80000
+%DVIPSBitmapFont: Fp ecss0900 9 28
+/Fp 28 122 df<FEFEFEFEFEFEFE0707798615>46 D<00000070000000F8000000F80000
01F8000001F0000001F0000003F0000003E0000003E0000007E0000007C0000007C00000
0FC000000F8000000F8000001F8000001F0000001F0000003F0000003E0000003E000000
7E0000007C0000007C000000FC000000F8000000F8000001F8000001F0000001F0000003
@@ -2949,8 +2865,8 @@
203E0000387C00003FFC00003FF800003FF800003FF000000FC0000020317FA023>121
D E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fr ecrm1000 10 83
-/Fr 83 184 df<01800060038000E0070001C00E0003801C0007001800060038000E0030
+%DVIPSBitmapFont: Fq ecrm1000 10 83
+/Fq 83 184 df<01800060038000E0070001C00E0003801C0007001800060038000E0030
000C0070001C006000180060001800E0003800C0003000C0003000C0003000C0003000CE
003380FF803FE0FFC03FF0FFC03FF0FFC03FF07FC01FF07FC01FF03F800FE00E0003801C
1981B91C>16 D<1C0007007F001FC0FF803FE0FF803FE0FFC03FF0FFC03FF0FFC03FF07F
@@ -3605,8 +3521,8 @@
F8003FE00000F80077F80000FC00E7FF80003F03C7FF80001FFF87FF800003FC07E00029
387EB62E>183 D E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fs ecss1440 14.4 32
-/Fs 32 247 df<FFFFFFFFFFFFFFFFFFFFFFFFFFFF80FFFFFFFFFFFFFFFFFFFFFFFFFFFF
+%DVIPSBitmapFont: Fr ecss1440 14.4 32
+/Fr 32 247 df<FFFFFFFFFFFFFFFFFFFFFFFFFFFF80FFFFFFFFFFFFFFFFFFFFFFFFFFFF
80FFFFFFFFFFFFFFFFFFFFFFFFFFFF80FFFFFFFFFFFFFFFFFFFFFFFFFFFF80FFFFFFFFFF
FFFFFFFFFFFFFFFFFF80FFFFFFFFFFFFFFFFFFFFFFFFFFFF80710680A272>22
D<000006000000000E000000003E000000007E00000001FE00000007FE0000003FFE0000
@@ -3986,8 +3902,8 @@
00000FFFFFF0000003FFFFC0000000FFFF000000001FF80000304C7CCA39>246
D E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Ft ecsi1200 12 8
-/Ft 8 116 df<3FC07F807F807F807F807F80FF00FF000A0877871B>46
+%DVIPSBitmapFont: Fs ecsi1200 12 8
+/Fs 8 116 df<3FC07F807F807F807F807F80FF00FF000A0877871B>46
D<0000007F8000000003FFF00000000FFFFC0000003FFFFE0000007FFFFF000000FFFFFF
800003FF81FF800007FC007FC00007F8003FC0000FE0001FE0001FC0000FE0003F80000F
E0003F80000FE0007F000007F0007E000007F000FE000007F000FC000007F001FC000007
@@ -4055,8 +3971,8 @@
7FE01FF800FFFFFFF000FFFFFFE0007FFFFFC0001FFFFF800007FFFE0000007FE0000025
2F7CAD25>115 D E
%EndDVIPSBitmapFont
-%DVIPSBitmapFont: Fu ecss2488 24.88 15
-/Fu 15 122 df[<FFE00000000000000000FFE00000000000000000FFE0000000000000
+%DVIPSBitmapFont: Ft ecss2488 24.88 15
+/Ft 15 122 df[<FFE00000000000000000FFE00000000000000000FFE0000000000000
0000FFE00000000000000000FFE00000000000000000FFE00000000000000000FFE00000
000000000000FFE00000000000000000FFE00000000000000000FFE00000000000000000
FFE00000000000000000FFE00000000000000000FFE00000000000000000FFE000000000
@@ -4566,27 +4482,27 @@
end
%%EndSetup
%%Page: 1 1
-TeXDict begin 1 0 bop 0 83 3901 9 v 1890 451 a Fu(Python)64
-b(Op)5 b(enSSL)64 b(Manual)3443 619 y Ft(Release)33 b(0.7)3189
-974 y Fs(Ma)m(rtin)k(Sj\366gren)3231 1328 y Fr(Septem)n(b)r(er)28
-b(1,)f(2008)3301 1475 y Fq(ma)n(rtin@strakt.com)1781
-1697 y Fp(Abstract)208 1841 y Fo(This)32 b(mo)r(dule)f(is)h(a)g(rather)
+TeXDict begin 1 0 bop 0 83 3901 9 v 1890 451 a Ft(Python)64
+b(Op)5 b(enSSL)64 b(Manual)3443 619 y Fs(Release)33 b(0.7)3189
+974 y Fr(Ma)m(rtin)k(Sj\366gren)3190 1328 y Fq(Septem)n(b)r(er)27
+b(21,)g(2008)3301 1475 y Fp(ma)n(rtin@strakt.com)1781
+1697 y Fo(Abstract)208 1841 y Fn(This)32 b(mo)r(dule)f(is)h(a)g(rather)
g(thin)f(wrapp)r(er)h(around)g(\(a)g(subset)f(of)6 b(\))32
b(the)g(Op)r(enSSL)e(library)-6 b(.)52 b(With)32 b(thin)f(wrapp)r(er)
208 1932 y(I)d(mean)h(that)f(a)i(lot)f(of)h(the)f(ob)t(ject)h(metho)r
(ds)e(do)h(nothing)g(more)g(than)g(calling)h(a)g(corresp)r(onding)g
(function)f(in)g(the)208 2024 y(Op)r(enSSL)24 b(library)-6
-b(.)0 2298 y Fs(Contents)0 2481 y Fn(1)77 b(In)m(tro)s(duction)3201
+b(.)0 2298 y Fr(Contents)0 2481 y Fm(1)77 b(In)m(tro)s(duction)3201
b(2)0 2663 y(2)77 b(Building)30 b(and)i(Installing)2765
-b(2)125 2763 y Fr(2.1)83 b(Building)28 b(the)g(Mo)r(dule)g(on)f(a)g
+b(2)125 2763 y Fq(2.1)83 b(Building)28 b(the)g(Mo)r(dule)g(on)f(a)g
(Unix)h(System)87 b(.)41 b(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f
(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)
134 b(2)125 2863 y(2.2)83 b(Building)28 b(the)g(Mo)r(dule)g(on)f(a)g
(Windo)n(ws)g(System)59 b(.)41 b(.)h(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)
h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)134
-b(3)0 3045 y Fn(3)77 b Fm(OpenSSL)28 b Fn(\026)33 b(Python)f(in)m
-(terface)h(to)e(Op)s(enSSL)2030 b(3)125 3145 y Fr(3.1)83
-b Fm(crypto)26 b Fr(\026)h(Generic)g(cryptographic)f(mo)r(dule)79
+b(3)0 3045 y Fm(3)77 b Fl(OpenSSL)28 b Fm(\026)33 b(Python)f(in)m
+(terface)h(to)e(Op)s(enSSL)2030 b(3)125 3145 y Fq(3.1)83
+b Fl(crypto)26 b Fq(\026)h(Generic)g(cryptographic)f(mo)r(dule)79
b(.)42 b(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)f(.)
h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)134 b(3)315
3244 y(X509)27 b(ob)5 b(jects)73 b(.)42 b(.)f(.)h(.)f(.)h(.)g(.)f(.)h
@@ -4619,11 +4535,11 @@
b(8)315 4041 y(Netscap)r(eSPKI)28 b(ob)5 b(jects)58 b(.)42
b(.)f(.)h(.)f(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)g(.)f
(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)
-f(.)h(.)f(.)h(.)134 b(8)125 4141 y(3.2)83 b Fm(rand)26
-b Fr(\026)i(An)g(in)n(terface)f(to)g(the)h(Op)r(enSSL)g(pseudo)f
+f(.)h(.)f(.)h(.)134 b(8)125 4141 y(3.2)83 b Fl(rand)26
+b Fq(\026)i(An)g(in)n(terface)f(to)g(the)h(Op)r(enSSL)g(pseudo)f
(random)g(n)n(um)n(b)r(er)g(generator)50 b(.)41 b(.)h(.)f(.)h(.)g(.)f
-(.)h(.)f(.)h(.)f(.)h(.)134 b(8)125 4241 y(3.3)83 b Fm(SSL)27
-b Fr(\026)g(An)i(in)n(terface)d(to)i(the)g(SSL-sp)r(eci\034c)f(parts)g
+(.)h(.)f(.)h(.)f(.)h(.)134 b(8)125 4241 y(3.3)83 b Fl(SSL)27
+b Fq(\026)g(An)i(in)n(terface)d(to)i(the)g(SSL-sp)r(eci\034c)f(parts)g
(of)h(Op)r(enSSL)64 b(.)42 b(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)f(.)
h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)134 b(9)315 4340 y(Con)n(text)28
b(ob)5 b(jects)98 b(.)42 b(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)f(.)h
@@ -4632,8 +4548,8 @@
b(10)315 4440 y(Connection)27 b(ob)5 b(jects)108 b(.)42
b(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)g
(.)f(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)
-h(.)f(.)h(.)f(.)h(.)93 b(12)0 4623 y Fn(4)77 b(In)m(ternals)3310
-b(14)125 4722 y Fr(4.1)83 b(Exceptions)i(.)41 b(.)h(.)f(.)h(.)f(.)h(.)g
+h(.)f(.)h(.)f(.)h(.)93 b(12)0 4623 y Fm(4)77 b(In)m(ternals)3310
+b(14)125 4722 y Fq(4.1)83 b(Exceptions)i(.)41 b(.)h(.)f(.)h(.)f(.)h(.)g
(.)f(.)h(.)f(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)
h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)f
(.)h(.)f(.)h(.)93 b(14)125 4822 y(4.2)83 b(Callbac)n(ks)68
@@ -4645,8 +4561,8 @@
(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)f(.)h(.)f(.)h(.)f(.)h(.)g(.)f(.)h(.)
f(.)h(.)f(.)h(.)93 b(15)p 0 5068 V eop end
%%Page: 2 2
-TeXDict begin 2 1 bop 0 85 a Fs(1)114 b(Intro)s(duction)0
-314 y Fr(The)41 b(reason)e(p)n(yOp)r(enSSL)i(w)n(as)e(created)h(is)h
+TeXDict begin 2 1 bop 0 85 a Fr(1)114 b(Intro)s(duction)0
+314 y Fq(The)41 b(reason)e(p)n(yOp)r(enSSL)i(w)n(as)e(created)h(is)h
(that)g(the)g(SSL)g(supp)r(ort)g(in)g(the)g(so)r(c)n(k)n(et)f(mo)r
(dule)h(in)g(Python)g(2.1)f(\(the)0 414 y(con)n(temp)r(orary)d(v)n
(ersion)g(of)h(Python)h(when)g(the)g(p)n(yOp)r(enSSL)g(pro)5
@@ -4656,7 +4572,7 @@
(w)n(a)n(ys.)71 b(Unfortunately)-7 b(,)0 613 y(Python's)31
b(standard)f(library)g(SSL)h(supp)r(ort)g(has)g(remained)f(w)n(eak,)h
(although)g(other)f(pac)n(k)-5 b(ages)29 b(\(suc)n(h)i(as)g(M2Crypto)
-3832 583 y Fl(1)3868 613 y Fr(\))0 713 y(ha)n(v)n(e)26
+3832 583 y Fk(1)3868 613 y Fq(\))0 713 y(ha)n(v)n(e)26
b(made)i(great)e(adv)-5 b(ances)27 b(and)g(no)n(w)g(equal)g(or)g
(exceed)g(p)n(yOp)r(enSSL's)g(functionalit)n(y)-7 b(.)0
860 y(The)22 b(reason)f(p)n(yOp)r(enSSL)h(con)n(tin)n(ues)g(to)g(b)r(e)
@@ -4665,446 +4581,446 @@
g(amoun)n(t)h(of)g(soft)n(w)n(are)f(whic)n(h)h(dep)r(ends)g(on)g(it.)37
b(It)27 b(is)f(a)g(great)f(b)r(ene\034t)i(to)f(man)n(y)f(p)r(eople)i
(for)e(p)n(yOp)r(enSSL)0 1059 y(to)i(con)n(tin)n(ue)g(to)h(exist)f(and)
-h(adv)-5 b(ance.)0 1381 y Fs(2)114 b(Building)38 b(and)f(Installing)0
-1610 y Fr(These)27 b(instructions)g(can)g(also)g(b)r(e)h(found)g(in)g
-(the)g(\034le)f Fm(INSTALL)p Fr(.)0 1757 y(I)j(ha)n(v)n(e)f(tested)h
+h(adv)-5 b(ance.)0 1381 y Fr(2)114 b(Building)38 b(and)f(Installing)0
+1610 y Fq(These)27 b(instructions)g(can)g(also)g(b)r(e)h(found)g(in)g
+(the)g(\034le)f Fl(INSTALL)p Fq(.)0 1757 y(I)j(ha)n(v)n(e)f(tested)h
(this)h(on)f(Debian)g(Lin)n(ux)g(systems)f(\(w)n(o)r(o)r(dy)h(and)g
(sid\),)h(Solaris)e(2.6)g(and)h(2.7.)43 b(Others)30 b(ha)n(v)n(e)f
(successfully)0 1856 y(compiled)e(it)h(on)g(Windo)n(ws)f(and)g(NT.)0
-2136 y Fk(2.1)97 b(Building)32 b(the)h(Mo)s(dule)f(on)g(a)h(Unix)f
-(System)0 2336 y Fr(p)n(yOp)r(enSSL)27 b(uses)h(distutils,)g(so)f
+2136 y Fj(2.1)97 b(Building)32 b(the)h(Mo)s(dule)f(on)g(a)h(Unix)f
+(System)0 2336 y Fq(p)n(yOp)r(enSSL)27 b(uses)h(distutils,)g(so)f
(there)g(really)f(shouldn't)i(b)r(e)g(an)n(y)f(problems.)36
-b(T)-7 b(o)27 b(build)h(the)g(library:)236 2575 y Fj(python)41
-b(setup.py)g(build)0 2862 y Fr(If)30 b(y)n(our)f(Op)r(enSSL)h(header)f
-(\034les)h(aren't)f(in)h Fm(/usr/include)p Fr(,)c(y)n(ou)j(ma)n(y)g
-(need)h(to)g(supply)g(the)g Fm(-I)f Fr(\035ag)h(to)f(let)i(the)f(setup)
+b(T)-7 b(o)27 b(build)h(the)g(library:)236 2575 y Fi(python)41
+b(setup.py)g(build)0 2862 y Fq(If)30 b(y)n(our)f(Op)r(enSSL)h(header)f
+(\034les)h(aren't)f(in)h Fl(/usr/include)p Fq(,)c(y)n(ou)j(ma)n(y)g
+(need)h(to)g(supply)g(the)g Fl(-I)f Fq(\035ag)h(to)f(let)i(the)f(setup)
0 2962 y(script)25 b(kno)n(w)g(where)f(to)i(lo)r(ok.)35
b(The)25 b(same)g(go)r(es)g(for)f(the)i(libraries)e(of)h(course,)g(use)
-g(the)h Fm(-L)f Fr(\035ag.)35 b(Note)25 b(that)h Fm(build)d
-Fr(w)n(on't)0 3061 y(accept)k(these)h(\035ags,)e(so)h(y)n(ou)g(ha)n(v)n
-(e)f(to)i(run)f(\034rst)h Fm(build_ext)23 b Fr(and)28
-b(then)g Fm(build)p Fr(!)35 b(Example:)236 3300 y Fj(python)41
+g(the)h Fl(-L)f Fq(\035ag.)35 b(Note)25 b(that)h Fl(build)d
+Fq(w)n(on't)0 3061 y(accept)k(these)h(\035ags,)e(so)h(y)n(ou)g(ha)n(v)n
+(e)f(to)i(run)f(\034rst)h Fl(build_ext)23 b Fq(and)28
+b(then)g Fl(build)p Fq(!)35 b(Example:)236 3300 y Fi(python)41
b(setup.py)g(build_ext)g(-I/usr/local/ssl/include)j
(-L/usr/local/ssl/lib)236 3391 y(python)d(setup.py)g(build)0
-3678 y Fr(No)n(w)27 b(y)n(ou)f(should)h(ha)n(v)n(e)f(a)h(directory)f
-(called)h Fm(OpenSSL)d Fr(that)k(con)n(tains)e(e.g.)36
-b Fm(SSL.so)25 b Fr(and)i Fm(__init__.py)c Fr(somewhere)j(in)0
+3678 y Fq(No)n(w)27 b(y)n(ou)f(should)h(ha)n(v)n(e)f(a)h(directory)f
+(called)h Fl(OpenSSL)d Fq(that)k(con)n(tains)e(e.g.)36
+b Fl(SSL.so)25 b Fq(and)i Fl(__init__.py)c Fq(somewhere)j(in)0
3778 y(the)i(build)g(dicrectory)-7 b(,)26 b(so)h(just:)236
-4016 y Fj(python)41 b(setup.py)g(install)0 4303 y Fr(If)32
+4016 y Fi(python)41 b(setup.py)g(install)0 4303 y Fq(If)32
b(y)n(ou,)f(for)g(some)f(arcane)g(reason,)g(don't)i(w)n(an)n(t)e(the)i
-(mo)r(dule)f(to)g(app)r(ear)f(in)i(the)f Fm(site-packages)26
-b Fr(directory)-7 b(,)31 b(use)g(the)0 4402 y Fm(--prefix)24
-b Fr(option.)0 4549 y(Y)-7 b(ou)28 b(can,)f(of)g(course,)g(do)236
-4787 y Fj(python)41 b(setup.py)g(--help)0 5075 y Fr(to)27
+(mo)r(dule)f(to)g(app)r(ear)f(in)i(the)f Fl(site-packages)26
+b Fq(directory)-7 b(,)31 b(use)g(the)0 4402 y Fl(--prefix)24
+b Fq(option.)0 4549 y(Y)-7 b(ou)28 b(can,)f(of)g(course,)g(do)236
+4787 y Fi(python)41 b(setup.py)g(--help)0 5075 y Fq(to)27
b(\034nd)h(out)g(more)f(ab)r(out)g(ho)n(w)g(to)h(use)f(the)h(script.)p
-0 5144 1560 4 v 92 5198 a Fi(1)127 5221 y Fh(See)c Fq(http://chandlerp)
+0 5144 1560 4 v 92 5198 a Fh(1)127 5221 y Fg(See)c Fp(http://chandlerp)
n(roject.o)n(rg/Projects/MeT)-6 b(o)r(oCrypto)p 0 5549
-3901 4 v 0 5649 a Fg(2)2928 b(2)83 b(Building)27 b(and)g(Installing)p
+3901 4 v 0 5649 a Ff(2)2928 b(2)83 b(Building)27 b(and)g(Installing)p
eop end
%%Page: 3 3
-TeXDict begin 3 2 bop 0 83 a Fk(2.2)97 b(Building)32
+TeXDict begin 3 2 bop 0 83 a Fj(2.2)97 b(Building)32
b(the)h(Mo)s(dule)f(on)g(a)h(Windo)m(ws)f(System)0 283
-y Fr(Big)26 b(thanks)g(to)h(Itamar)e(Sh)n(tull-T)-7 b(rauring)25
+y Fq(Big)26 b(thanks)g(to)h(Itamar)e(Sh)n(tull-T)-7 b(rauring)25
b(and)i(Oleg)e(Orlo)n(v)g(for)h(their)g(help)h(with)g(Windo)n(ws)f
(build)h(instructions.)36 b(Same)0 383 y(as)27 b(for)g(Unix)h(systems,)
-f(w)n(e)g(ha)n(v)n(e)f(to)i(separate)e(the)i Fm(build_ext)c
-Fr(and)j(the)h Fm(build)p Fr(.)0 530 y(Building)f(the)h(library:)236
-768 y Fj(setup.py)41 b(build_ext)g(-I)f(...\\openssl\\inc32)j(-L)d
+f(w)n(e)g(ha)n(v)n(e)f(to)i(separate)e(the)i Fl(build_ext)c
+Fq(and)j(the)h Fl(build)p Fq(.)0 530 y(Building)f(the)h(library:)236
+768 y Fi(setup.py)41 b(build_ext)g(-I)f(...\\openssl\\inc32)j(-L)d
(...\\openssl\\out32dll)236 860 y(setup.py)h(build)0
-1147 y Fr(Where)27 b Fm(...\\openssl)c Fr(is)28 b(of)f(course)g(the)h
+1147 y Fq(Where)27 b Fl(...\\openssl)c Fq(is)28 b(of)f(course)g(the)h
(lo)r(cation)e(of)i(y)n(our)e(Op)r(enSSL)i(installation.)0
1294 y(Installation)f(is)g(the)h(same)f(as)g(for)g(Unix)h(systems:)236
-1532 y Fj(setup.py)41 b(install)0 1819 y Fr(And)28 b(similarily)-7
-b(,)27 b(y)n(ou)g(can)g(do)236 2057 y Fj(setup.py)41
-b(--help)0 2344 y Fr(to)27 b(get)h(more)f(information.)0
-2666 y Fs(3)114 b Ff(OpenSSL)36 b Fs(\026)h(Python)h(interface)f(to)h
-(Op)s(enSSL)0 2895 y Fr(This)25 b(pac)n(k)-5 b(age)24
+1532 y Fi(setup.py)41 b(install)0 1819 y Fq(And)28 b(similarily)-7
+b(,)27 b(y)n(ou)g(can)g(do)236 2057 y Fi(setup.py)41
+b(--help)0 2344 y Fq(to)27 b(get)h(more)f(information.)0
+2666 y Fr(3)114 b Fe(OpenSSL)36 b Fr(\026)h(Python)h(interface)f(to)h
+(Op)s(enSSL)0 2895 y Fq(This)25 b(pac)n(k)-5 b(age)24
b(pro)n(vides)g(a)h(high-lev)n(el)g(in)n(terface)f(to)i(the)g
(functions)f(in)h(the)g(Op)r(enSSL)f(library)-7 b(.)35
b(The)26 b(follo)n(wing)e(mo)r(dules)0 2995 y(are)j(de\034ned:)0
-3142 y Fm(crypto)208 3241 y Fr(Generic)g(cryptographic)e(mo)r(dule.)37
+3142 y Fl(crypto)208 3241 y Fq(Generic)g(cryptographic)e(mo)r(dule.)37
b(Note)28 b(that)g(if)g(an)n(ything)f(is)g(incomplete,)h(this)g(mo)r
-(dule)f(is!)0 3388 y Fm(rand)208 3488 y Fr(An)h(in)n(terface)e(to)i
+(dule)f(is!)0 3388 y Fl(rand)208 3488 y Fq(An)h(in)n(terface)e(to)i
(the)g(Op)r(enSSL)g(pseudo)f(random)f(n)n(um)n(b)r(er)i(generator.)0
-3635 y Fm(SSL)208 3734 y Fr(An)g(in)n(terface)e(to)i(the)g(SSL-sp)r
-(eci\034c)f(parts)g(of)h(Op)r(enSSL.)0 4014 y Fk(3.1)97
-b Fe(crypto)34 b Fk(\026)e(Generic)i(cryptographic)e(mo)s(dule)0
-4214 y Fm(X509Type)208 4314 y Fr(A)27 b(Python)h(t)n(yp)r(e)g(ob)5
+3635 y Fl(SSL)208 3734 y Fq(An)g(in)n(terface)e(to)i(the)g(SSL-sp)r
+(eci\034c)f(parts)g(of)h(Op)r(enSSL.)0 4014 y Fj(3.1)97
+b Fd(crypto)34 b Fj(\026)e(Generic)i(cryptographic)e(mo)s(dule)0
+4214 y Fl(X509Type)208 4314 y Fq(A)27 b(Python)h(t)n(yp)r(e)g(ob)5
b(ject)28 b(represen)n(ting)d(the)j(X509)f(ob)5 b(ject)27
-b(t)n(yp)r(e.)0 4461 y Fm(X509\(\))208 4561 y Fr(F)-7
+b(t)n(yp)r(e.)0 4461 y Fl(X509\(\))208 4561 y Fq(F)-7
b(actory)26 b(function)i(that)g(creates)e(an)i(X509)e(ob)5
-b(ject.)0 4707 y Fm(X509NameType)208 4807 y Fr(A)27 b(Python)h(t)n(yp)r
+b(ject.)0 4707 y Fl(X509NameType)208 4807 y Fq(A)27 b(Python)h(t)n(yp)r
(e)g(ob)5 b(ject)28 b(represen)n(ting)d(the)j(X509Name)f(ob)5
-b(ject)27 b(t)n(yp)r(e.)0 4954 y Fm(X509Name\()p Fd(x509name)6
-b Fm(\))208 5054 y Fr(F)-7 b(actory)26 b(function)i(that)g(creates)e(a)
-h(cop)n(y)g(of)34 b Fd(x509name)6 b Fr(.)0 5200 y Fm(X509ReqType)208
-5300 y Fr(A)27 b(Python)h(t)n(yp)r(e)g(ob)5 b(ject)28
+b(ject)27 b(t)n(yp)r(e.)0 4954 y Fl(X509Name\()p Fc(x509name)6
+b Fl(\))208 5054 y Fq(F)-7 b(actory)26 b(function)i(that)g(creates)e(a)
+h(cop)n(y)g(of)34 b Fc(x509name)6 b Fq(.)0 5200 y Fl(X509ReqType)208
+5300 y Fq(A)27 b(Python)h(t)n(yp)r(e)g(ob)5 b(ject)28
b(represen)n(ting)d(the)j(X509Req)f(ob)5 b(ject)27 b(t)n(yp)r(e.)p
-0 5549 3901 4 v 0 5649 a Fg(2.2)82 b(Building)27 b(the)g(Mo)r(dule)g
+0 5549 3901 4 v 0 5649 a Ff(2.2)82 b(Building)27 b(the)g(Mo)r(dule)g
(on)g(a)g(Windo)n(ws)g(System)2164 b(3)p eop end
%%Page: 4 4
-TeXDict begin 4 3 bop 0 83 a Fm(X509Req\(\))208 183 y
-Fr(F)-7 b(actory)26 b(function)i(that)g(creates)e(an)i(X509Req)e(ob)5
-b(ject.)0 330 y Fm(X509StoreType)208 429 y Fr(A)27 b(Python)h(t)n(yp)r
+TeXDict begin 4 3 bop 0 83 a Fl(X509Req\(\))208 183 y
+Fq(F)-7 b(actory)26 b(function)i(that)g(creates)e(an)i(X509Req)e(ob)5
+b(ject.)0 330 y Fl(X509StoreType)208 429 y Fq(A)27 b(Python)h(t)n(yp)r
(e)g(ob)5 b(ject)28 b(represen)n(ting)d(the)j(X509Store)e(ob)5
-b(ject)27 b(t)n(yp)r(e.)0 576 y Fm(PKeyType)208 676 y
-Fr(A)g(Python)h(t)n(yp)r(e)g(ob)5 b(ject)28 b(represen)n(ting)d(the)j
-(PKey)g(ob)5 b(ject)27 b(t)n(yp)r(e.)0 823 y Fm(PKey\(\))208
-922 y Fr(F)-7 b(actory)26 b(function)i(that)g(creates)e(a)h(PKey)h(ob)5
-b(ject.)0 1069 y Fm(PKCS7Type)208 1169 y Fr(A)27 b(Python)h(t)n(yp)r(e)
+b(ject)27 b(t)n(yp)r(e.)0 576 y Fl(PKeyType)208 676 y
+Fq(A)g(Python)h(t)n(yp)r(e)g(ob)5 b(ject)28 b(represen)n(ting)d(the)j
+(PKey)g(ob)5 b(ject)27 b(t)n(yp)r(e.)0 823 y Fl(PKey\(\))208
+922 y Fq(F)-7 b(actory)26 b(function)i(that)g(creates)e(a)h(PKey)h(ob)5
+b(ject.)0 1069 y Fl(PKCS7Type)208 1169 y Fq(A)27 b(Python)h(t)n(yp)r(e)
g(ob)5 b(ject)28 b(represen)n(ting)d(the)j(PK)n(CS7)f(ob)5
-b(ject)28 b(t)n(yp)r(e.)0 1316 y Fm(PKCS12Type)208 1415
-y Fr(A)f(Python)h(t)n(yp)r(e)g(ob)5 b(ject)28 b(represen)n(ting)d(the)j
-(PK)n(CS12)f(ob)5 b(ject)27 b(t)n(yp)r(e.)0 1562 y Fm(X509ExtensionTyp)
-o(e)208 1662 y Fr(A)g(Python)h(t)n(yp)r(e)g(ob)5 b(ject)28
+b(ject)28 b(t)n(yp)r(e.)0 1316 y Fl(PKCS12Type)208 1415
+y Fq(A)f(Python)h(t)n(yp)r(e)g(ob)5 b(ject)28 b(represen)n(ting)d(the)j
+(PK)n(CS12)f(ob)5 b(ject)27 b(t)n(yp)r(e.)0 1562 y Fl(X509ExtensionTyp)
+o(e)208 1662 y Fq(A)g(Python)h(t)n(yp)r(e)g(ob)5 b(ject)28
b(represen)n(ting)d(the)j(X509Extension)f(ob)5 b(ject)27
-b(t)n(yp)r(e.)0 1808 y Fm(X509Extension\()p Fd(typ)l(ename,)e(critic)l
-(al,)31 b(value)6 b Fm(\))208 1908 y Fr(F)-7 b(actory)26
+b(t)n(yp)r(e.)0 1808 y Fl(X509Extension\()p Fc(typ)l(ename,)e(critic)l
+(al,)31 b(value)6 b Fl(\))208 1908 y Fq(F)-7 b(actory)26
b(function)i(that)g(creates)e(a)h(X509Extension)g(ob)5
-b(ject.)0 2055 y Fm(NetscapeSPKIType)208 2155 y Fr(A)27
+b(ject.)0 2055 y Fl(NetscapeSPKIType)208 2155 y Fq(A)27
b(Python)h(t)n(yp)r(e)g(ob)5 b(ject)28 b(represen)n(ting)d(the)j
(Netscap)r(eSPKI)g(ob)5 b(ject)27 b(t)n(yp)r(e.)0 2316
-y Fm(NetscapeSPKI\()p Fc([)p Fd(enc)11 b Fc(])p Fm(\))208
-2415 y Fr(F)-7 b(actory)29 b(function)i(that)g(creates)e(a)h(Netscap)r
-(eSPKI)g(ob)5 b(ject.)45 b(If)31 b(the)g Fd(enc)k Fr(argumen)n(t)30
+y Fl(NetscapeSPKI\()p Fb([)p Fc(enc)11 b Fb(])p Fl(\))208
+2415 y Fq(F)-7 b(actory)29 b(function)i(that)g(creates)e(a)h(Netscap)r
+(eSPKI)g(ob)5 b(ject.)45 b(If)31 b(the)g Fc(enc)k Fq(argumen)n(t)30
b(is)g(presen)n(t,)h(it)f(should)h(b)r(e)f(a)208 2515
y(base64-enco)r(ded)25 b(string)i(represen)n(ting)f(a)h(Netscap)r
(eSPKI)h(ob)5 b(ject,)27 b(as)g(returned)g(b)n(y)g(the)h
-Fm(b64_encode)c Fr(metho)r(d.)0 2662 y Fm(FILETYPE_PEM)0
-2762 y(FILETYPE_ASN1)208 2861 y Fr(File)j(t)n(yp)r(e)h(constan)n(ts.)0
-3008 y Fm(TYPE_RSA)0 3108 y(TYPE_DSA)208 3207 y Fr(Key)e(t)n(yp)r(e)i
-(constan)n(ts.)0 3354 y Fn(exception)k Fm(Error)208 3454
-y Fr(Generic)27 b(exception)g(used)g(in)h(the)g Fm(crypto)d
-Fr(mo)r(dule.)0 3601 y Fm(dump_certificate)o(\()p Fd(t)o(yp)l(e,)g(c)l
-(ert)8 b Fm(\))208 3700 y Fr(Dump)28 b(the)g(certi\034cate)f
-Fd(c)l(ert)35 b Fr(in)n(to)27 b(a)h(bu\033er)f(string)g(enco)r(ded)h
-(with)g(the)g(t)n(yp)r(e)f Fd(typ)l(e)6 b Fr(.)0 3847
-y Fm(dump_certificate)o(_r)o(equ)o(es)o(t\()o Fd(typ)l(e,)25
-b(r)l(e)l(q)7 b Fm(\))208 3947 y Fr(Dump)28 b(the)g(certi\034cate)f
-(request)g Fd(r)l(e)l(q)35 b Fr(in)n(to)27 b(a)g(bu\033er)h(string)f
-(enco)r(ded)g(with)h(the)g(t)n(yp)r(e)g Fd(typ)l(e)6
-b Fr(.)0 4108 y Fm(dump_privatekey\()o Fd(typ)l(e,)25
-b(pkey)7 b Fc([)p Fd(,)31 b(cipher,)h(p)l(assphr)l(ase)19
-b Fc(])p Fm(\))208 4208 y Fr(Dump)39 b(the)f(priv)-5
-b(ate)38 b(k)n(ey)h Fd(pkey)46 b Fr(in)n(to)38 b(a)g(bu\033er)g(string)
-g(enco)r(ded)g(with)g(the)h(t)n(yp)r(e)f Fd(typ)l(e)6
-b Fr(,)42 b(optionally)37 b(\(if)45 b Fd(typ)l(e)g Fr(is)208
-4307 y Fm(FILETYPE_PEM)p Fr(\))22 b(encrypting)27 b(it)h(using)h
-Fd(cipher)38 b Fr(and)27 b Fd(p)l(assphr)l(ase)6 b Fr(.)208
-4440 y Fd(p)l(assphr)l(ase)35 b Fr(m)n(ust)28 b(b)r(e)g(either)f(a)g
+Fl(b64_encode)c Fq(metho)r(d.)0 2662 y Fl(FILETYPE_PEM)0
+2762 y(FILETYPE_ASN1)208 2861 y Fq(File)j(t)n(yp)r(e)h(constan)n(ts.)0
+3008 y Fl(TYPE_RSA)0 3108 y(TYPE_DSA)208 3207 y Fq(Key)e(t)n(yp)r(e)i
+(constan)n(ts.)0 3354 y Fm(exception)k Fl(Error)208 3454
+y Fq(Generic)27 b(exception)g(used)g(in)h(the)g Fl(crypto)d
+Fq(mo)r(dule.)0 3601 y Fl(dump_certificate)o(\()p Fc(t)o(yp)l(e,)g(c)l
+(ert)8 b Fl(\))208 3700 y Fq(Dump)28 b(the)g(certi\034cate)f
+Fc(c)l(ert)35 b Fq(in)n(to)27 b(a)h(bu\033er)f(string)g(enco)r(ded)h
+(with)g(the)g(t)n(yp)r(e)f Fc(typ)l(e)6 b Fq(.)0 3847
+y Fl(dump_certificate)o(_r)o(equ)o(es)o(t\()o Fc(typ)l(e,)25
+b(r)l(e)l(q)7 b Fl(\))208 3947 y Fq(Dump)28 b(the)g(certi\034cate)f
+(request)g Fc(r)l(e)l(q)35 b Fq(in)n(to)27 b(a)g(bu\033er)h(string)f
+(enco)r(ded)g(with)h(the)g(t)n(yp)r(e)g Fc(typ)l(e)6
+b Fq(.)0 4108 y Fl(dump_privatekey\()o Fc(typ)l(e,)25
+b(pkey)7 b Fb([)p Fc(,)31 b(cipher,)h(p)l(assphr)l(ase)19
+b Fb(])p Fl(\))208 4208 y Fq(Dump)39 b(the)f(priv)-5
+b(ate)38 b(k)n(ey)h Fc(pkey)46 b Fq(in)n(to)38 b(a)g(bu\033er)g(string)
+g(enco)r(ded)g(with)g(the)h(t)n(yp)r(e)f Fc(typ)l(e)6
+b Fq(,)42 b(optionally)37 b(\(if)45 b Fc(typ)l(e)g Fq(is)208
+4307 y Fl(FILETYPE_PEM)p Fq(\))22 b(encrypting)27 b(it)h(using)h
+Fc(cipher)38 b Fq(and)27 b Fc(p)l(assphr)l(ase)6 b Fq(.)208
+4440 y Fc(p)l(assphr)l(ase)35 b Fq(m)n(ust)28 b(b)r(e)g(either)f(a)g
(string)g(or)g(a)g(callbac)n(k)f(for)h(pro)n(viding)f(the)i(pass)f
-(phrase.)0 4587 y Fm(load_certificate)o(\()p Fd(t)o(yp)l(e,)e(bu\033er)
-9 b Fm(\))208 4687 y Fr(Load)26 b(a)h(certi\034cate)g(\(X509\))g(from)h
-(the)f(string)h Fd(bu\033er)37 b Fr(enco)r(ded)27 b(with)h(the)g(t)n
-(yp)r(e)g Fd(typ)l(e)6 b Fr(.)0 4834 y Fm(load_certificate)o(_r)o(equ)o
-(es)o(t\()o Fd(typ)l(e,)25 b(bu\033er)9 b Fm(\))208 4933
-y Fr(Load)26 b(a)h(certi\034cate)g(request)g(\(X509Req\))g(from)g(the)h
-(string)g Fd(bu\033er)37 b Fr(enco)r(ded)27 b(with)h(the)g(t)n(yp)r(e)g
-Fd(typ)l(e)6 b Fr(.)0 5099 y Fm(load_privatekey\()o Fd(typ)l(e,)25
-b(bu\033er)9 b Fc([)p Fd(,)29 b(p)l(assphr)l(ase)20 b
-Fc(])p Fm(\))208 5199 y Fr(Load)43 b(a)h(priv)-5 b(ate)44
-b(k)n(ey)f(\(PKey\))i(from)f(the)h(string)g Fd(bu\033er)53
-b Fr(enco)r(ded)44 b(with)h(the)f(t)n(yp)r(e)h Fd(typ)l(e)51
-b Fr(\(m)n(ust)45 b(b)r(e)f(one)g(of)208 5298 y Fm(FILETYPE_PEM)22
-b Fr(and)28 b Fm(FILETYPE_ASN1)p Fr(\).)p 0 5549 3901
-4 v 0 5649 a Fg(4)2239 b(3)83 b Fm(OpenSSL)24 b Fg(\026)k(Python)f
+(phrase.)0 4587 y Fl(load_certificate)o(\()p Fc(t)o(yp)l(e,)e(bu\033er)
+9 b Fl(\))208 4687 y Fq(Load)26 b(a)h(certi\034cate)g(\(X509\))g(from)h
+(the)f(string)h Fc(bu\033er)37 b Fq(enco)r(ded)27 b(with)h(the)g(t)n
+(yp)r(e)g Fc(typ)l(e)6 b Fq(.)0 4834 y Fl(load_certificate)o(_r)o(equ)o
+(es)o(t\()o Fc(typ)l(e,)25 b(bu\033er)9 b Fl(\))208 4933
+y Fq(Load)26 b(a)h(certi\034cate)g(request)g(\(X509Req\))g(from)g(the)h
+(string)g Fc(bu\033er)37 b Fq(enco)r(ded)27 b(with)h(the)g(t)n(yp)r(e)g
+Fc(typ)l(e)6 b Fq(.)0 5099 y Fl(load_privatekey\()o Fc(typ)l(e,)25
+b(bu\033er)9 b Fb([)p Fc(,)29 b(p)l(assphr)l(ase)20 b
+Fb(])p Fl(\))208 5199 y Fq(Load)43 b(a)h(priv)-5 b(ate)44
+b(k)n(ey)f(\(PKey\))i(from)f(the)h(string)g Fc(bu\033er)53
+b Fq(enco)r(ded)44 b(with)h(the)f(t)n(yp)r(e)h Fc(typ)l(e)51
+b Fq(\(m)n(ust)45 b(b)r(e)f(one)g(of)208 5298 y Fl(FILETYPE_PEM)22
+b Fq(and)28 b Fl(FILETYPE_ASN1)p Fq(\).)p 0 5549 3901
+4 v 0 5649 a Ff(4)2239 b(3)83 b Fl(OpenSSL)24 b Ff(\026)k(Python)f
(interface)h(to)f(Op)r(enSSL)p eop end
%%Page: 5 5
-TeXDict begin 5 4 bop 208 83 a Fd(p)l(assphr)l(ase)35
-b Fr(m)n(ust)28 b(b)r(e)g(either)f(a)g(string)g(or)g(a)g(callbac)n(k)f
-(for)h(pro)n(viding)f(the)i(pass)f(phrase.)0 230 y Fm
-(load_pkcs7_data\()o Fd(typ)l(e,)e(bu\033er)9 b Fm(\))208
-330 y Fr(Load)26 b(pk)n(cs7)h(data)g(from)g(the)h(string)g
-Fd(bu\033er)36 b Fr(enco)r(ded)28 b(with)g(the)g(t)n(yp)r(e)g
-Fd(typ)l(e)6 b Fr(.)0 491 y Fm(load_pkcs12\()p Fd(bu\033er)j
-Fc([)p Fd(,)24 b(p)l(assphr)l(ase)c Fc(])p Fm(\))208
-590 y Fr(Load)30 b(pk)n(cs12)f(data)h(from)h(the)g(string)g
-Fd(bu\033er)9 b Fr(.)47 b(If)31 b(the)h(pk)n(cs12)d(structure)h(is)h
-(encrypted,)g(a)g Fd(p)l(assphr)l(ase)39 b Fr(m)n(ust)31
-b(b)r(e)208 690 y(included.)0 953 y Fg(X509)c(objects)0
-1154 y Fr(X509)f(ob)5 b(jects)27 b(ha)n(v)n(e)g(the)h(follo)n(wing)e
-(metho)r(ds:)0 1300 y Fm(get_issuer\(\))208 1400 y Fr(Return)h(an)h
+TeXDict begin 5 4 bop 208 83 a Fc(p)l(assphr)l(ase)35
+b Fq(m)n(ust)28 b(b)r(e)g(either)f(a)g(string)g(or)g(a)g(callbac)n(k)f
+(for)h(pro)n(viding)f(the)i(pass)f(phrase.)0 230 y Fl
+(load_pkcs7_data\()o Fc(typ)l(e,)e(bu\033er)9 b Fl(\))208
+330 y Fq(Load)26 b(pk)n(cs7)h(data)g(from)g(the)h(string)g
+Fc(bu\033er)36 b Fq(enco)r(ded)28 b(with)g(the)g(t)n(yp)r(e)g
+Fc(typ)l(e)6 b Fq(.)0 491 y Fl(load_pkcs12\()p Fc(bu\033er)j
+Fb([)p Fc(,)24 b(p)l(assphr)l(ase)c Fb(])p Fl(\))208
+590 y Fq(Load)30 b(pk)n(cs12)f(data)h(from)h(the)g(string)g
+Fc(bu\033er)9 b Fq(.)47 b(If)31 b(the)h(pk)n(cs12)d(structure)h(is)h
+(encrypted,)g(a)g Fc(p)l(assphr)l(ase)39 b Fq(m)n(ust)31
+b(b)r(e)208 690 y(included.)0 953 y Ff(X509)c(objects)0
+1154 y Fq(X509)f(ob)5 b(jects)27 b(ha)n(v)n(e)g(the)h(follo)n(wing)e
+(metho)r(ds:)0 1300 y Fl(get_issuer\(\))208 1400 y Fq(Return)h(an)h
(X509Name)e(ob)5 b(ject)27 b(represen)n(ting)f(the)i(issuer)f(of)g(the)
-h(certi\034cate.)0 1547 y Fm(get_pubkey\(\))208 1646
-y Fr(Return)f(a)g(PKey)h(ob)5 b(ject)27 b(represen)n(ting)f(the)i
+h(certi\034cate.)0 1547 y Fl(get_pubkey\(\))208 1646
+y Fq(Return)f(a)g(PKey)h(ob)5 b(ject)27 b(represen)n(ting)f(the)i
(public)g(k)n(ey)f(of)g(the)h(certi\034cate.)0 1793 y
-Fm(get_serial_numbe)o(r\()o(\))208 1893 y Fr(Return)f(the)h
-(certi\034cate)f(serial)g(n)n(um)n(b)r(er.)0 2040 y Fm(get_subject\(\))
-208 2139 y Fr(Return)g(an)h(X509Name)e(ob)5 b(ject)27
+Fl(get_serial_numbe)o(r\()o(\))208 1893 y Fq(Return)f(the)h
+(certi\034cate)f(serial)g(n)n(um)n(b)r(er.)0 2040 y Fl(get_subject\(\))
+208 2139 y Fq(Return)g(an)h(X509Name)e(ob)5 b(ject)27
b(represen)n(ting)f(the)i(sub)5 b(ject)28 b(of)f(the)h(certi\034cate.)0
-2286 y Fm(get_version\(\))208 2386 y Fr(Return)f(the)h(certi\034cate)f
-(v)n(ersion.)0 2533 y Fm(get_notBefore\(\))208 2632 y
-Fr(Return)f(a)h(string)f(giving)f(the)j(time)f(b)r(efore)f(whic)n(h)h
+2286 y Fl(get_version\(\))208 2386 y Fq(Return)f(the)h(certi\034cate)f
+(v)n(ersion.)0 2533 y Fl(get_notBefore\(\))208 2632 y
+Fq(Return)f(a)h(string)f(giving)f(the)j(time)f(b)r(efore)f(whic)n(h)h
(the)g(certi\034cate)f(is)g(not)h(v)-5 b(alid.)37 b(The)26
b(string)g(is)h(formatted)f(as)g(an)208 2732 y(ASN1)h(GENERALIZEDTIME:)
-1110 2956 y Fj(YYYYMMDDhhmmssZ)1110 3048 y(YYYYMMDDhhmmss+hhmm)1110
-3139 y(YYYYMMDDhhmmss-hhmm)208 3296 y Fr(If)h(no)f(v)-5
-b(alue)27 b(exists)g(for)g(this)h(\034eld,)g Fm(None)e
-Fr(is)i(returned.)0 3443 y Fm(get_notAfter\(\))208 3542
-y Fr(Return)h(a)g(string)g(giving)g(the)g(time)h(after)f(whic)n(h)h
+1110 2956 y Fi(YYYYMMDDhhmmssZ)1110 3048 y(YYYYMMDDhhmmss+hhmm)1110
+3139 y(YYYYMMDDhhmmss-hhmm)208 3296 y Fq(If)h(no)f(v)-5
+b(alue)27 b(exists)g(for)g(this)h(\034eld,)g Fl(None)e
+Fq(is)i(returned.)0 3443 y Fl(get_notAfter\(\))208 3542
+y Fq(Return)h(a)g(string)g(giving)g(the)g(time)h(after)f(whic)n(h)h
(the)g(certi\034cate)e(is)i(not)f(v)-5 b(alid.)43 b(The)29
b(string)g(is)g(formatted)h(as)e(an)208 3642 y(ASN1)f(GENERALIZEDTIME:)
-1110 3866 y Fj(YYYYMMDDhhmmssZ)1110 3957 y(YYYYMMDDhhmmss+hhmm)1110
-4049 y(YYYYMMDDhhmmss-hhmm)208 4205 y Fr(If)h(no)f(v)-5
-b(alue)27 b(exists)g(for)g(this)h(\034eld,)g Fm(None)e
-Fr(is)i(returned.)0 4352 y Fm(set_notBefore\()p Fd(when)6
-b Fm(\))208 4452 y Fr(Change)35 b(the)i(time)f(b)r(efore)g(whic)n(h)g
-(the)h(certi\034cate)f(is)g(not)g(v)-5 b(alid.)63 b Fd(when)43
-b Fr(is)36 b(a)g(string)f(formatted)h(as)g(an)g(ASN1)208
-4552 y(GENERALIZEDTIME:)1110 4776 y Fj(YYYYMMDDhhmmssZ)1110
+1110 3866 y Fi(YYYYMMDDhhmmssZ)1110 3957 y(YYYYMMDDhhmmss+hhmm)1110
+4049 y(YYYYMMDDhhmmss-hhmm)208 4205 y Fq(If)h(no)f(v)-5
+b(alue)27 b(exists)g(for)g(this)h(\034eld,)g Fl(None)e
+Fq(is)i(returned.)0 4352 y Fl(set_notBefore\()p Fc(when)6
+b Fl(\))208 4452 y Fq(Change)35 b(the)i(time)f(b)r(efore)g(whic)n(h)g
+(the)h(certi\034cate)f(is)g(not)g(v)-5 b(alid.)63 b Fc(when)43
+b Fq(is)36 b(a)g(string)f(formatted)h(as)g(an)g(ASN1)208
+4552 y(GENERALIZEDTIME:)1110 4776 y Fi(YYYYMMDDhhmmssZ)1110
4867 y(YYYYMMDDhhmmss+hhmm)1110 4958 y(YYYYMMDDhhmmss-hhmm)0
-5163 y Fm(set_notAfter\()p Fd(when)6 b Fm(\))208 5263
-y Fr(Change)38 b(the)h(time)h(after)e(whic)n(h)h(the)h(certi\034cate)e
-(is)h(not)g(v)-5 b(alid.)71 b Fd(when)46 b Fr(is)39 b(a)g(string)f
+5163 y Fl(set_notAfter\()p Fc(when)6 b Fl(\))208 5263
+y Fq(Change)38 b(the)h(time)h(after)e(whic)n(h)h(the)h(certi\034cate)e
+(is)h(not)g(v)-5 b(alid.)71 b Fc(when)46 b Fq(is)39 b(a)g(string)f
(formatted)h(as)f(an)h(ASN1)208 5362 y(GENERALIZEDTIME:)p
-0 5549 3901 4 v 0 5649 a Fg(3.1)82 b Fm(crypto)25 b Fg(\026)j(Generic)g
+0 5549 3901 4 v 0 5649 a Ff(3.1)82 b Fl(crypto)25 b Ff(\026)j(Generic)g
(cryptographic)e(mo)r(dule)2234 b(5)p eop end
%%Page: 6 6
-TeXDict begin 6 5 bop 1110 174 a Fj(YYYYMMDDhhmmssZ)1110
+TeXDict begin 6 5 bop 1110 174 a Fi(YYYYMMDDhhmmssZ)1110
266 y(YYYYMMDDhhmmss+hhmm)1110 357 y(YYYYMMDDhhmmss-hhmm)0
-562 y Fm(gmtime_adj_notBe)o(fo)o(re\()o Fd(time)6 b Fm(\))208
-661 y Fr(A)n(djust)28 b(the)g(timestamp)g(\(in)g(GMT\))g(when)g(the)f
+562 y Fl(gmtime_adj_notBe)o(fo)o(re\()o Fc(time)6 b Fl(\))208
+661 y Fq(A)n(djust)28 b(the)g(timestamp)g(\(in)g(GMT\))g(when)g(the)f
(certi\034cate)g(starts)g(b)r(eing)h(v)-5 b(alid.)0 808
-y Fm(gmtime_adj_notAf)o(te)o(r\()p Fd(t)o(ime)6 b Fm(\))208
-908 y Fr(A)n(djust)28 b(the)g(timestamp)g(\(in)g(GMT\))g(when)g(the)f
+y Fl(gmtime_adj_notAf)o(te)o(r\()p Fc(t)o(ime)6 b Fl(\))208
+908 y Fq(A)n(djust)28 b(the)g(timestamp)g(\(in)g(GMT\))g(when)g(the)f
(certi\034cate)g(stops)g(b)r(eing)h(v)-5 b(alid.)0 1054
-y Fm(has_expired\(\))208 1154 y Fr(Chec)n(ks)32 b(the)h
+y Fl(has_expired\(\))208 1154 y Fq(Chec)n(ks)32 b(the)h
(certi\034cate's)f(time)i(stamp)f(against)f(curren)n(t)g(time.)54
b(Returns)33 b(true)g(if)g(the)h(certi\034cate)e(has)h(expired)208
-1254 y(and)27 b(false)g(otherwise.)0 1401 y Fm(set_issuer\()p
-Fd(issuer)9 b Fm(\))208 1500 y Fr(Set)28 b(the)f(issuer)g(of)h(the)g
-(certi\034cate)f(to)g Fd(issuer)9 b Fr(.)0 1647 y Fm(set_pubkey\()p
-Fd(pkey)e Fm(\))208 1747 y Fr(Set)28 b(the)f(public)h(k)n(ey)f(of)h
-(the)g(certi\034cate)f(to)g Fd(pkey)7 b Fr(.)0 1894 y
-Fm(set_serial_numbe)o(r\()o Fd(serialno)e Fm(\))208 1993
-y Fr(Set)28 b(the)f(serial)g(n)n(um)n(b)r(er)g(of)h(the)g
-(certi\034cate)f(to)g Fd(serialno)5 b Fr(.)0 2140 y Fm(set_subject\()p
-Fd(subje)l(ct)j Fm(\))208 2240 y Fr(Set)28 b(the)f(sub)5
-b(ject)28 b(of)g(the)g(certi\034cate)f(to)g Fd(subje)l(ct)8
-b Fr(.)0 2387 y Fm(set_version\()p Fd(version)e Fm(\))208
-2486 y Fr(Set)28 b(the)f(certi\034cate)g(v)n(ersion)f(to)i
-Fd(version)6 b Fr(.)0 2633 y Fm(sign\()p Fd(pkey,)29
-b(digest)8 b Fm(\))208 2733 y Fr(Sign)22 b(the)h(certi\034cate,)f
-(using)g(the)h(k)n(ey)g Fd(pkey)31 b Fr(and)22 b(the)h(message)e
+1254 y(and)27 b(false)g(otherwise.)0 1401 y Fl(set_issuer\()p
+Fc(issuer)9 b Fl(\))208 1500 y Fq(Set)28 b(the)f(issuer)g(of)h(the)g
+(certi\034cate)f(to)g Fc(issuer)9 b Fq(.)0 1647 y Fl(set_pubkey\()p
+Fc(pkey)e Fl(\))208 1747 y Fq(Set)28 b(the)f(public)h(k)n(ey)f(of)h
+(the)g(certi\034cate)f(to)g Fc(pkey)7 b Fq(.)0 1894 y
+Fl(set_serial_numbe)o(r\()o Fc(serialno)e Fl(\))208 1993
+y Fq(Set)28 b(the)f(serial)g(n)n(um)n(b)r(er)g(of)h(the)g
+(certi\034cate)f(to)g Fc(serialno)5 b Fq(.)0 2140 y Fl(set_subject\()p
+Fc(subje)l(ct)j Fl(\))208 2240 y Fq(Set)28 b(the)f(sub)5
+b(ject)28 b(of)g(the)g(certi\034cate)f(to)g Fc(subje)l(ct)8
+b Fq(.)0 2387 y Fl(set_version\()p Fc(version)e Fl(\))208
+2486 y Fq(Set)28 b(the)f(certi\034cate)g(v)n(ersion)f(to)i
+Fc(version)6 b Fq(.)0 2633 y Fl(sign\()p Fc(pkey,)29
+b(digest)8 b Fl(\))208 2733 y Fq(Sign)22 b(the)h(certi\034cate,)f
+(using)g(the)h(k)n(ey)g Fc(pkey)31 b Fq(and)22 b(the)h(message)e
(digest)h(algorithm)f(iden)n(ti\034ed)i(b)n(y)f(the)h(string)f
-Fd(digest)8 b Fr(.)0 2880 y Fm(subject_name_has)o(h\()o(\))208
-2979 y Fr(Return)27 b(the)h(hash)f(of)h(the)g(certi\034cate)f(sub)5
-b(ject.)0 3126 y Fm(digest\()p Fd(digest_name)h Fm(\))208
-3226 y Fr(Return)27 b(a)g(digest)h(of)f(the)h(certi\034cate,)f(using)g
-(the)h Fd(digest_name)35 b Fr(metho)r(d.)0 3373 y Fm(add_extensions\()p
-Fd(ex)o(tensions)7 b Fm(\))208 3472 y Fr(A)n(dd)27 b(the)h(extensions)f
-(in)h(the)g(sequence)f Fd(extensions)34 b Fr(to)27 b(the)h
-(certi\034cate.)0 3735 y Fg(X509Name)e(objects)0 3936
-y Fr(X509Name)g(ob)5 b(jects)27 b(ha)n(v)n(e)g(the)h(follo)n(wing)e
-(metho)r(ds:)0 4083 y Fm(hash\(\))208 4182 y Fr(Return)e(an)g(in)n
+Fc(digest)8 b Fq(.)0 2880 y Fl(subject_name_has)o(h\()o(\))208
+2979 y Fq(Return)27 b(the)h(hash)f(of)h(the)g(certi\034cate)f(sub)5
+b(ject.)0 3126 y Fl(digest\()p Fc(digest_name)h Fl(\))208
+3226 y Fq(Return)27 b(a)g(digest)h(of)f(the)h(certi\034cate,)f(using)g
+(the)h Fc(digest_name)35 b Fq(metho)r(d.)0 3373 y Fl(add_extensions\()p
+Fc(ex)o(tensions)7 b Fl(\))208 3472 y Fq(A)n(dd)27 b(the)h(extensions)f
+(in)h(the)g(sequence)f Fc(extensions)34 b Fq(to)27 b(the)h
+(certi\034cate.)0 3735 y Ff(X509Name)e(objects)0 3936
+y Fq(X509Name)g(ob)5 b(jects)27 b(ha)n(v)n(e)g(the)h(follo)n(wing)e
+(metho)r(ds:)0 4083 y Fl(hash\(\))208 4182 y Fq(Return)e(an)g(in)n
(teger)f(giving)g(the)i(\034rst)f(four)g(b)n(ytes)f(of)h(the)h(MD5)f
(digest)g(of)g(the)h(DER)g(represen)n(tation)e(of)h(the)g(name.)0
-4329 y Fm(der\(\))208 4429 y Fr(Return)j(a)g(string)g(giving)g(the)h
+4329 y Fl(der\(\))208 4429 y Fq(Return)j(a)g(string)g(giving)g(the)h
(DER)h(represen)n(tation)c(of)j(the)g(name.)0 4576 y
-Fm(get_components\(\))208 4675 y Fr(Return)f(a)g(list)h(of)g(t)n(w)n
+Fl(get_components\(\))208 4675 y Fq(Return)f(a)g(list)h(of)g(t)n(w)n
(o-tuples)e(of)i(strings)e(giving)h(the)h(comp)r(onen)n(ts)f(of)h(the)g
(name.)0 4822 y(X509Name)e(ob)5 b(jects)27 b(ha)n(v)n(e)g(the)h(follo)n
-(wing)e(mem)n(b)r(ers:)0 4969 y Fm(countryName)208 5069
-y Fr(The)h(coun)n(try)g(of)g(the)h(en)n(tit)n(y)-7 b(.)37
-b Fm(C)27 b Fr(ma)n(y)g(b)r(e)h(used)g(as)f(an)g(alias)f(for)h
-Fm(countryName)p Fr(.)0 5215 y Fm(stateOrProvinceN)o(am)o(e)208
-5315 y Fr(The)g(state)h(or)e(pro)n(vince)g(of)i(the)g(en)n(tit)n(y)-7
-b(.)37 b Fm(ST)27 b Fr(ma)n(y)f(b)r(e)i(used)g(as)f(an)g(alias)g(for)g
-Fm(stateOrProvince)o(Na)o(me)p Fr(\267)p 0 5549 3901
-4 v 0 5649 a Fg(6)2239 b(3)83 b Fm(OpenSSL)24 b Fg(\026)k(Python)f
+(wing)e(mem)n(b)r(ers:)0 4969 y Fl(countryName)208 5069
+y Fq(The)h(coun)n(try)g(of)g(the)h(en)n(tit)n(y)-7 b(.)37
+b Fl(C)27 b Fq(ma)n(y)g(b)r(e)h(used)g(as)f(an)g(alias)f(for)h
+Fl(countryName)p Fq(.)0 5215 y Fl(stateOrProvinceN)o(am)o(e)208
+5315 y Fq(The)g(state)h(or)e(pro)n(vince)g(of)i(the)g(en)n(tit)n(y)-7
+b(.)37 b Fl(ST)27 b Fq(ma)n(y)f(b)r(e)i(used)g(as)f(an)g(alias)g(for)g
+Fl(stateOrProvince)o(Na)o(me)p Fq(\267)p 0 5549 3901
+4 v 0 5649 a Ff(6)2239 b(3)83 b Fl(OpenSSL)24 b Ff(\026)k(Python)f
(interface)h(to)f(Op)r(enSSL)p eop end
%%Page: 7 7
-TeXDict begin 7 6 bop 0 83 a Fm(localityName)208 183
-y Fr(The)27 b(lo)r(calit)n(y)g(of)h(the)f(en)n(tit)n(y)-7
-b(.)37 b Fm(L)28 b Fr(ma)n(y)e(b)r(e)i(used)g(as)f(an)g(alias)g(for)g
-Fm(localityName)p Fr(.)0 330 y Fm(organizationName)208
-429 y Fr(The)g(organization)e(name)j(of)f(the)h(en)n(tit)n(y)-7
-b(.)37 b Fm(O)27 b Fr(ma)n(y)g(b)r(e)h(used)g(as)e(an)i(alias)e(for)h
-Fm(organizationName)p Fr(.)0 576 y Fm(organizationalUn)o(it)o(Nam)o(e)
-208 676 y Fr(The)g(organizational)e(unit)j(of)g(the)g(en)n(tit)n(y)-7
-b(.)36 b Fm(OU)27 b Fr(ma)n(y)g(b)r(e)h(used)g(as)f(an)g(alias)f(for)h
-Fm(organizationalUni)o(tN)o(am)o(e)p Fr(.)0 823 y Fm(commonName)208
-922 y Fr(The)g(common)g(name)h(of)f(the)h(en)n(tit)n(y)-7
-b(.)37 b Fm(CN)27 b Fr(ma)n(y)f(b)r(e)i(used)g(as)f(an)g(alias)g(for)g
-Fm(commonName)p Fr(.)0 1069 y Fm(emailAddress)208 1169
-y Fr(The)g(e-mail)g(address)f(of)i(the)g(en)n(tit)n(y)-7
-b(.)0 1432 y Fg(X509Req)26 b(objects)0 1632 y Fr(X509Req)g(ob)5
+TeXDict begin 7 6 bop 0 83 a Fl(localityName)208 183
+y Fq(The)27 b(lo)r(calit)n(y)g(of)h(the)f(en)n(tit)n(y)-7
+b(.)37 b Fl(L)28 b Fq(ma)n(y)e(b)r(e)i(used)g(as)f(an)g(alias)g(for)g
+Fl(localityName)p Fq(.)0 330 y Fl(organizationName)208
+429 y Fq(The)g(organization)e(name)j(of)f(the)h(en)n(tit)n(y)-7
+b(.)37 b Fl(O)27 b Fq(ma)n(y)g(b)r(e)h(used)g(as)e(an)i(alias)e(for)h
+Fl(organizationName)p Fq(.)0 576 y Fl(organizationalUn)o(it)o(Nam)o(e)
+208 676 y Fq(The)g(organizational)e(unit)j(of)g(the)g(en)n(tit)n(y)-7
+b(.)36 b Fl(OU)27 b Fq(ma)n(y)g(b)r(e)h(used)g(as)f(an)g(alias)f(for)h
+Fl(organizationalUni)o(tN)o(am)o(e)p Fq(.)0 823 y Fl(commonName)208
+922 y Fq(The)g(common)g(name)h(of)f(the)h(en)n(tit)n(y)-7
+b(.)37 b Fl(CN)27 b Fq(ma)n(y)f(b)r(e)i(used)g(as)f(an)g(alias)g(for)g
+Fl(commonName)p Fq(.)0 1069 y Fl(emailAddress)208 1169
+y Fq(The)g(e-mail)g(address)f(of)i(the)g(en)n(tit)n(y)-7
+b(.)0 1432 y Ff(X509Req)26 b(objects)0 1632 y Fq(X509Req)g(ob)5
b(jects)27 b(ha)n(v)n(e)g(the)h(follo)n(wing)e(metho)r(ds:)0
-1779 y Fm(get_pubkey\(\))208 1879 y Fr(Return)h(a)g(PKey)h(ob)5
+1779 y Fl(get_pubkey\(\))208 1879 y Fq(Return)h(a)g(PKey)h(ob)5
b(ject)27 b(represen)n(ting)f(the)i(public)g(k)n(ey)f(of)g(the)h
-(certi\034cate)f(request.)0 2025 y Fm(get_subject\(\))208
-2125 y Fr(Return)g(an)h(X509Name)e(ob)5 b(ject)27 b(represen)n(ting)f
+(certi\034cate)f(request.)0 2025 y Fl(get_subject\(\))208
+2125 y Fq(Return)g(an)h(X509Name)e(ob)5 b(ject)27 b(represen)n(ting)f
(the)i(sub)5 b(ject)28 b(of)f(the)h(certi\034cate.)0
-2272 y Fm(set_pubkey\()p Fd(pkey)7 b Fm(\))208 2372 y
-Fr(Set)28 b(the)f(public)h(k)n(ey)f(of)h(the)g(certi\034cate)f(request)
-g(to)g Fd(pkey)7 b Fr(.)0 2518 y Fm(sign\()p Fd(pkey,)29
-b(digest)8 b Fm(\))208 2618 y Fr(Sign)36 b(the)g(certi\034cate)g
-(request,)h(using)f(the)g(k)n(ey)h Fd(pkey)45 b Fr(and)36
+2272 y Fl(set_pubkey\()p Fc(pkey)7 b Fl(\))208 2372 y
+Fq(Set)28 b(the)f(public)h(k)n(ey)f(of)h(the)g(certi\034cate)f(request)
+g(to)g Fc(pkey)7 b Fq(.)0 2518 y Fl(sign\()p Fc(pkey,)29
+b(digest)8 b Fl(\))208 2618 y Fq(Sign)36 b(the)g(certi\034cate)g
+(request,)h(using)f(the)g(k)n(ey)h Fc(pkey)45 b Fq(and)36
b(the)g(message)f(digest)g(algorithm)g(iden)n(ti\034ed)i(b)n(y)f(the)
-208 2718 y(string)28 b Fd(digest)8 b Fr(.)0 2865 y Fm(verify\()p
-Fd(pkey)f Fm(\))208 2964 y Fr(V)-7 b(erify)27 b(a)g(certi\034cate)g
-(request)g(using)g(the)h(public)g(k)n(ey)g Fd(pkey)7
-b Fr(.)0 3227 y Fg(X509Sto)n(re)26 b(objects)0 3428 y
-Fr(The)i(X509Store)d(ob)5 b(ject)28 b(has)f(curren)n(tly)f(just)i(one)g
-(metho)r(d:)0 3575 y Fm(add_cert\()p Fd(c)l(ert)8 b Fm(\))208
-3674 y Fr(A)n(dd)27 b(the)h(certi\034cate)f Fd(c)l(ert)36
-b Fr(to)27 b(the)h(certi\034cate)f(store.)0 3937 y Fg(PKey)g(objects)0
-4138 y Fr(The)h(PKey)f(ob)5 b(ject)27 b(has)g(the)h(follo)n(wing)f
-(metho)r(ds:)0 4285 y Fm(bits\(\))208 4384 y Fr(Return)g(the)h(n)n(um)n
+208 2718 y(string)28 b Fc(digest)8 b Fq(.)0 2865 y Fl(verify\()p
+Fc(pkey)f Fl(\))208 2964 y Fq(V)-7 b(erify)27 b(a)g(certi\034cate)g
+(request)g(using)g(the)h(public)g(k)n(ey)g Fc(pkey)7
+b Fq(.)0 3227 y Ff(X509Sto)n(re)26 b(objects)0 3428 y
+Fq(The)i(X509Store)d(ob)5 b(ject)28 b(has)f(curren)n(tly)f(just)i(one)g
+(metho)r(d:)0 3575 y Fl(add_cert\()p Fc(c)l(ert)8 b Fl(\))208
+3674 y Fq(A)n(dd)27 b(the)h(certi\034cate)f Fc(c)l(ert)36
+b Fq(to)27 b(the)h(certi\034cate)f(store.)0 3937 y Ff(PKey)g(objects)0
+4138 y Fq(The)h(PKey)f(ob)5 b(ject)27 b(has)g(the)h(follo)n(wing)f
+(metho)r(ds:)0 4285 y Fl(bits\(\))208 4384 y Fq(Return)g(the)h(n)n(um)n
(b)r(er)f(of)h(bits)g(of)f(the)h(k)n(ey)-7 b(.)0 4531
-y Fm(generate_key\()p Fd(typ)l(e,)25 b(bits)7 b Fm(\))208
-4631 y Fr(Generate)22 b(a)h(public/priv)-5 b(ate)23 b(k)n(ey)f(pair)h
-(of)g(the)h(t)n(yp)r(e)f Fd(typ)l(e)30 b Fr(\(one)23
-b(of)30 b Fm(TYPE_RSA)19 b Fr(and)24 b Fm(TYPE_DSA)p
-Fr(\))c(with)j(the)h(size)f Fd(bits)7 b Fr(.)0 4778 y
-Fm(type\(\))208 4877 y Fr(Return)27 b(the)h(t)n(yp)r(e)g(of)f(the)h(k)n
-(ey)-7 b(.)0 5140 y Fg(PK)n(CS7)27 b(objects)0 5341 y
-Fr(PK)n(CS7)g(ob)5 b(jects)27 b(ha)n(v)n(e)f(the)i(follo)n(wing)f
-(metho)r(ds:)p 0 5549 3901 4 v 0 5649 a Fg(3.1)82 b Fm(crypto)25
-b Fg(\026)j(Generic)g(cryptographic)e(mo)r(dule)2234
+y Fl(generate_key\()p Fc(typ)l(e,)25 b(bits)7 b Fl(\))208
+4631 y Fq(Generate)22 b(a)h(public/priv)-5 b(ate)23 b(k)n(ey)f(pair)h
+(of)g(the)h(t)n(yp)r(e)f Fc(typ)l(e)30 b Fq(\(one)23
+b(of)30 b Fl(TYPE_RSA)19 b Fq(and)24 b Fl(TYPE_DSA)p
+Fq(\))c(with)j(the)h(size)f Fc(bits)7 b Fq(.)0 4778 y
+Fl(type\(\))208 4877 y Fq(Return)27 b(the)h(t)n(yp)r(e)g(of)f(the)h(k)n
+(ey)-7 b(.)0 5140 y Ff(PK)n(CS7)27 b(objects)0 5341 y
+Fq(PK)n(CS7)g(ob)5 b(jects)27 b(ha)n(v)n(e)f(the)i(follo)n(wing)f
+(metho)r(ds:)p 0 5549 3901 4 v 0 5649 a Ff(3.1)82 b Fl(crypto)25
+b Ff(\026)j(Generic)g(cryptographic)e(mo)r(dule)2234
b(7)p eop end
%%Page: 8 8
-TeXDict begin 8 7 bop 0 83 a Fm(type_is_signed\(\))208
-183 y Fr(FIXME)0 330 y Fm(type_is_envelope)o(d\()o(\))208
-429 y Fr(FIXME)0 576 y Fm(type_is_signedAn)o(dE)o(nve)o(lo)o(pe)o
-(d\(\))208 676 y Fr(FIXME)0 823 y Fm(type_is_data\(\))208
-922 y Fr(FIXME)0 1069 y Fm(get_type_name\(\))208 1169
-y Fr(Get)28 b(the)f(t)n(yp)r(e)h(name)g(of)f(the)h(PK)n(CS7.)0
-1432 y Fg(PK)n(CS12)e(objects)0 1632 y Fr(PK)n(CS12)g(ob)5
+TeXDict begin 8 7 bop 0 83 a Fl(type_is_signed\(\))208
+183 y Fq(FIXME)0 330 y Fl(type_is_envelope)o(d\()o(\))208
+429 y Fq(FIXME)0 576 y Fl(type_is_signedAn)o(dE)o(nve)o(lo)o(pe)o
+(d\(\))208 676 y Fq(FIXME)0 823 y Fl(type_is_data\(\))208
+922 y Fq(FIXME)0 1069 y Fl(get_type_name\(\))208 1169
+y Fq(Get)28 b(the)f(t)n(yp)r(e)h(name)g(of)f(the)h(PK)n(CS7.)0
+1432 y Ff(PK)n(CS12)e(objects)0 1632 y Fq(PK)n(CS12)g(ob)5
b(jects)28 b(ha)n(v)n(e)e(the)i(follo)n(wing)e(metho)r(ds:)0
-1779 y Fm(get_certificate\()o(\))208 1879 y Fr(Return)h(certi\034cate)g
+1779 y Fl(get_certificate\()o(\))208 1879 y Fq(Return)h(certi\034cate)g
(p)r(ortion)g(of)h(the)g(PK)n(CS12)e(structure.)0 2025
-y Fm(get_privatekey\(\))208 2125 y Fr(Return)h(priv)-5
+y Fl(get_privatekey\(\))208 2125 y Fq(Return)h(priv)-5
b(ate)27 b(k)n(ey)g(p)r(ortion)g(of)h(the)g(PK)n(CS12)e(structure)0
-2272 y Fm(get_ca_certifica)o(te)o(s\(\))208 2372 y Fr(Return)k(CA)g
+2272 y Fl(get_ca_certifica)o(te)o(s\(\))208 2372 y Fq(Return)k(CA)g
(certi\034cates)f(within)i(the)f(PK)n(CS12)f(ob)5 b(ject)30
b(as)f(a)g(tuple.)45 b(Returns)30 b(None)g(if)g(no)g(CA)g
(certi\034cates)f(are)208 2471 y(presen)n(t.)0 2734 y
-Fg(X509Extension)c(objects)0 2935 y Fr(X509Extension)h(ob)5
+Ff(X509Extension)c(objects)0 2935 y Fq(X509Extension)h(ob)5
b(jects)27 b(curren)n(tly)g(only)g(ha)n(v)n(e)f(one)i(metho)r(d:)0
-3082 y Fm(get_critical\(\))208 3181 y Fr(Return)f(the)h(critical)f
+3082 y Fl(get_critical\(\))208 3181 y Fq(Return)f(the)h(critical)f
(\034eld)h(of)f(the)h(extension)f(ob)5 b(ject.)0 3444
-y Fg(Netscap)r(eSPKI)27 b(objects)0 3645 y Fr(Netscap)r(eSPKI)h(ob)5
+y Ff(Netscap)r(eSPKI)27 b(objects)0 3645 y Fq(Netscap)r(eSPKI)h(ob)5
b(jects)27 b(ha)n(v)n(e)f(the)i(follo)n(wing)e(metho)r(ds:)0
-3792 y Fm(b64_encode\(\))208 3891 y Fr(Return)h(a)g(base64-enco)r(ded)f
+3792 y Fl(b64_encode\(\))208 3891 y Fq(Return)h(a)g(base64-enco)r(ded)f
(string)h(represen)n(tation)e(of)j(the)g(ob)5 b(ject.)0
-4038 y Fm(get_pubkey\(\))208 4138 y Fr(Return)27 b(the)h(public)g(k)n
-(ey)f(of)h(ob)5 b(ject.)0 4285 y Fm(set_pubkey\()p Fd(key)i
-Fm(\))208 4384 y Fr(Set)28 b(the)f(public)h(k)n(ey)f(of)h(the)g(ob)5
-b(ject)27 b(to)h Fd(key)7 b Fr(.)0 4531 y Fm(sign\()p
-Fd(key,)29 b(digest_name)6 b Fm(\))208 4631 y Fr(Sign)27
+4038 y Fl(get_pubkey\(\))208 4138 y Fq(Return)27 b(the)h(public)g(k)n
+(ey)f(of)h(ob)5 b(ject.)0 4285 y Fl(set_pubkey\()p Fc(key)i
+Fl(\))208 4384 y Fq(Set)28 b(the)f(public)h(k)n(ey)f(of)h(the)g(ob)5
+b(ject)27 b(to)h Fc(key)7 b Fq(.)0 4531 y Fl(sign\()p
+Fc(key,)29 b(digest_name)6 b Fl(\))208 4631 y Fq(Sign)27
b(the)h(Netscap)r(eSPKI)g(ob)5 b(ject)27 b(using)g(the)h(giv)n(en)f
-Fd(key)35 b Fr(and)28 b Fd(digest_name)6 b Fr(.)0 4778
-y Fm(verify\()p Fd(key)h Fm(\))208 4877 y Fr(V)-7 b(erify)27
+Fc(key)35 b Fq(and)28 b Fc(digest_name)6 b Fq(.)0 4778
+y Fl(verify\()p Fc(key)h Fl(\))208 4877 y Fq(V)-7 b(erify)27
b(the)h(Netscap)r(eSPKI)g(ob)5 b(ject)27 b(using)g(the)h(giv)n(en)f
-Fd(key)7 b Fr(.)0 5157 y Fk(3.2)97 b Fe(rand)34 b Fk(\026)e(An)h
+Fc(key)7 b Fq(.)0 5157 y Fj(3.2)97 b Fd(rand)34 b Fj(\026)e(An)h
(interface)g(to)g(the)g(Op)s(enSSL)f(pseudo)h(random)g(numb)s(er)g
-(generato)m(r)0 5357 y Fr(This)28 b(mo)r(dule)f(handles)h(the)f(Op)r
+(generato)m(r)0 5357 y Fq(This)28 b(mo)r(dule)f(handles)h(the)f(Op)r
(enSSL)h(pseudo)f(random)g(n)n(um)n(b)r(er)g(generator)f(\(PRNG\))j
(and)e(declares)f(the)i(follo)n(wing:)p 0 5549 3901 4
-v 0 5649 a Fg(8)2239 b(3)83 b Fm(OpenSSL)24 b Fg(\026)k(Python)f
+v 0 5649 a Ff(8)2239 b(3)83 b Fl(OpenSSL)24 b Ff(\026)k(Python)f
(interface)h(to)f(Op)r(enSSL)p eop end
%%Page: 9 9
-TeXDict begin 9 8 bop 0 83 a Fm(add\()p Fd(string,)28
-b(entr)l(opy)7 b Fm(\))208 183 y Fr(Mix)22 b(b)n(ytes)g(from)g
-Fd(string)30 b Fr(in)n(to)22 b(the)h(PRNG)h(state.)35
-b(The)22 b Fd(entr)l(opy)30 b Fr(argumen)n(t)22 b(is)g(\(the)h(lo)n(w)n
+TeXDict begin 9 8 bop 0 83 a Fl(add\()p Fc(string,)28
+b(entr)l(opy)7 b Fl(\))208 183 y Fq(Mix)22 b(b)n(ytes)g(from)g
+Fc(string)30 b Fq(in)n(to)22 b(the)h(PRNG)h(state.)35
+b(The)22 b Fc(entr)l(opy)30 b Fq(argumen)n(t)22 b(is)g(\(the)h(lo)n(w)n
(er)e(b)r(ound)i(of)6 b(\))23 b(an)f(estimate)208 282
y(of)f(ho)n(w)g(m)n(uc)n(h)h(randomness)e(is)h(con)n(tained)g(in)h
-Fd(string)7 b Fr(,)23 b(measured)e(in)h(b)n(ytes.)34
+Fc(string)7 b Fq(,)23 b(measured)e(in)h(b)n(ytes.)34
b(F)-7 b(or)21 b(more)g(information,)h(see)g(e.g.)34
-b(RF)n(C)208 382 y(1750.)0 529 y Fm(egd\()p Fd(p)l(ath)6
-b Fc([)p Fd(,)29 b(bytes)19 b Fc(])p Fm(\))208 628 y
-Fr(Query)29 b(the)j(En)n(trop)n(y)e(Gathering)g(Daemon)1629
-598 y Fl(2)1697 628 y Fr(on)h(so)r(c)n(k)n(et)f Fd(p)l(ath)38
-b Fr(for)30 b Fd(bytes)38 b Fr(b)n(ytes)31 b(of)g(random)f(data)g(and)h
-(and)g(uses)208 728 y Fm(add)26 b Fr(to)h(seed)h(the)g(PRNG.)g(The)g
-(default)g(v)-5 b(alue)27 b(of)34 b Fd(bytes)h Fr(is)27
-b(255.)0 889 y Fm(load_file\()p Fd(p)l(ath)6 b Fc([)p
-Fd(,)26 b(bytes)19 b Fc(])p Fm(\))208 989 y Fr(Read)29
-b Fd(bytes)38 b Fr(b)n(ytes)30 b(\(or)f(all)h(of)g(it,)i(if)37
-b Fd(bytes)g Fr(is)31 b(negativ)n(e\))e(of)h(data)g(from)g(the)g
-(\034le)h Fd(p)l(ath)37 b Fr(to)30 b(seed)g(the)h(PRNG.)g(The)208
-1089 y(default)d(v)-5 b(alue)27 b(of)34 b Fd(bytes)h
-Fr(is)27 b(-1.)0 1235 y Fm(screen\(\))208 1335 y Fr(A)n(dd)g(the)h
+b(RF)n(C)208 382 y(1750.)0 529 y Fl(egd\()p Fc(p)l(ath)6
+b Fb([)p Fc(,)29 b(bytes)19 b Fb(])p Fl(\))208 628 y
+Fq(Query)29 b(the)j(En)n(trop)n(y)e(Gathering)g(Daemon)1629
+598 y Fk(2)1697 628 y Fq(on)h(so)r(c)n(k)n(et)f Fc(p)l(ath)38
+b Fq(for)30 b Fc(bytes)38 b Fq(b)n(ytes)31 b(of)g(random)f(data)g(and)h
+(and)g(uses)208 728 y Fl(add)26 b Fq(to)h(seed)h(the)g(PRNG.)g(The)g
+(default)g(v)-5 b(alue)27 b(of)34 b Fc(bytes)h Fq(is)27
+b(255.)0 889 y Fl(load_file\()p Fc(p)l(ath)6 b Fb([)p
+Fc(,)26 b(bytes)19 b Fb(])p Fl(\))208 989 y Fq(Read)29
+b Fc(bytes)38 b Fq(b)n(ytes)30 b(\(or)f(all)h(of)g(it,)i(if)37
+b Fc(bytes)g Fq(is)31 b(negativ)n(e\))e(of)h(data)g(from)g(the)g
+(\034le)h Fc(p)l(ath)37 b Fq(to)30 b(seed)g(the)h(PRNG.)g(The)208
+1089 y(default)d(v)-5 b(alue)27 b(of)34 b Fc(bytes)h
+Fq(is)27 b(-1.)0 1235 y Fl(screen\(\))208 1335 y Fq(A)n(dd)g(the)h
(curren)n(t)f(con)n(ten)n(ts)g(of)g(the)h(screen)f(to)g(the)h(PRNG)h
(state.)37 b(A)-9 b(v)k(ailabilit)n(y:)36 b(Windo)n(ws.)0
-1482 y Fm(seed\()p Fd(string)7 b Fm(\))208 1582 y Fr(This)27
-b(is)h(equiv)-5 b(alen)n(t)27 b(to)g(calling)h Fm(add)f
-Fr(with)h Fd(entr)l(opy)35 b Fr(as)27 b(the)h(length)f(of)h(the)g
-(string.)0 1728 y Fm(status\(\))208 1828 y Fr(Returns)f(true)g(if)i
+1482 y Fl(seed\()p Fc(string)7 b Fl(\))208 1582 y Fq(This)27
+b(is)h(equiv)-5 b(alen)n(t)27 b(to)g(calling)h Fl(add)f
+Fq(with)h Fc(entr)l(opy)35 b Fq(as)27 b(the)h(length)f(of)h(the)g
+(string.)0 1728 y Fl(status\(\))208 1828 y Fq(Returns)f(true)g(if)i
(the)e(PRNG)i(has)e(b)r(een)h(seeded)f(with)h(enough)f(data,)g(and)h
-(false)f(otherwise.)0 1975 y Fm(write_file\()p Fd(p)l(ath)6
-b Fm(\))208 2075 y Fr(W)-7 b(rite)34 b(a)g(n)n(um)n(b)r(er)g(of)h
+(false)f(otherwise.)0 1975 y Fl(write_file\()p Fc(p)l(ath)6
+b Fl(\))208 2075 y Fq(W)-7 b(rite)34 b(a)g(n)n(um)n(b)r(er)g(of)h
(random)e(b)n(ytes)h(\(curren)n(tly)g(1024\))f(to)h(the)h(\034le)f
-Fd(p)l(ath)6 b Fr(.)59 b(This)34 b(\034le)h(can)f(then)g(b)r(e)h(used)g
-(with)208 2174 y Fm(load_file)23 b Fr(to)28 b(seed)f(the)h(PRNG)h
-(again.)0 2454 y Fk(3.3)97 b Fe(SSL)33 b Fk(\026)f(An)h(interface)h(to)
+Fc(p)l(ath)6 b Fq(.)59 b(This)34 b(\034le)h(can)f(then)g(b)r(e)h(used)g
+(with)208 2174 y Fl(load_file)23 b Fq(to)28 b(seed)f(the)h(PRNG)h
+(again.)0 2454 y Fj(3.3)97 b Fd(SSL)33 b Fj(\026)f(An)h(interface)h(to)
e(the)h(SSL-sp)s(eci\034c)h(pa)m(rts)f(of)f(Op)s(enSSL)0
-2654 y Fr(This)c(mo)r(dule)f(handles)h(things)f(sp)r(eci\034c)h(to)f
+2654 y Fq(This)c(mo)r(dule)f(handles)h(things)f(sp)r(eci\034c)h(to)f
(SSL.)h(There)f(are)f(t)n(w)n(o)h(ob)5 b(jects)27 b(de\034ned:)38
-b(Con)n(text,)27 b(Connection.)0 2801 y Fm(SSLv2_METHOD)0
+b(Con)n(text,)27 b(Connection.)0 2801 y Fl(SSLv2_METHOD)0
2901 y(SSLv3_METHOD)0 3000 y(SSLv23_METHOD)0 3100 y(TLSv1_METHOD)208
-3200 y Fr(These)g(constan)n(ts)f(represen)n(t)h(the)h(di\033eren)n(t)f
+3200 y Fq(These)g(constan)n(ts)f(represen)n(t)h(the)h(di\033eren)n(t)f
(SSL)h(metho)r(ds)g(to)f(use)h(when)f(creating)g(a)g(con)n(text)g(ob)5
-b(ject.)0 3346 y Fm(VERIFY_NONE)0 3446 y(VERIFY_PEER)0
+b(ject.)0 3346 y Fl(VERIFY_NONE)0 3446 y(VERIFY_PEER)0
3546 y(VERIFY_FAIL_IF_N)o(O_)o(PEE)o(R_)o(CE)o(RT)208
-3645 y Fr(These)27 b(constan)n(ts)f(represen)n(t)h(the)h(v)n
+3645 y Fq(These)27 b(constan)n(ts)f(represen)n(t)h(the)h(v)n
(eri\034cation)e(mo)r(de)h(used)h(b)n(y)f(the)h(Con)n(text)f(ob)5
-b(ject's)27 b Fm(set_verify)d Fr(metho)r(d.)0 3792 y
-Fm(FILETYPE_PEM)0 3892 y(FILETYPE_ASN1)208 3991 y Fr(File)41
-b(t)n(yp)r(e)g(constan)n(ts)f(used)h(with)g(the)h Fm(use_certificate)o
-(_f)o(ile)34 b Fr(and)41 b Fm(use_privatekey_f)o(il)o(e)35
-b Fr(metho)r(ds)41 b(of)208 4091 y(Con)n(text)27 b(ob)5
-b(jects.)0 4238 y Fm(OP_SINGLE_DH_USE)0 4338 y(OP_EPHEMERAL_RSA)0
+b(ject's)27 b Fl(set_verify)d Fq(metho)r(d.)0 3792 y
+Fl(FILETYPE_PEM)0 3892 y(FILETYPE_ASN1)208 3991 y Fq(File)41
+b(t)n(yp)r(e)g(constan)n(ts)f(used)h(with)g(the)h Fl(use_certificate)o
+(_f)o(ile)34 b Fq(and)41 b Fl(use_privatekey_f)o(il)o(e)35
+b Fq(metho)r(ds)41 b(of)208 4091 y(Con)n(text)27 b(ob)5
+b(jects.)0 4238 y Fl(OP_SINGLE_DH_USE)0 4338 y(OP_EPHEMERAL_RSA)0
4437 y(OP_NO_SSLv2)0 4537 y(OP_NO_SSLv3)0 4636 y(OP_NO_TLSv1)208
-4736 y Fr(Constan)n(ts)30 b(used)i(with)g Fm(set_options)26
-b Fr(of)32 b(Con)n(text)f(ob)5 b(jects.)48 b Fm(OP_SINGLE_DH_USE)25
-b Fr(means)31 b(to)g(alw)n(a)n(ys)f(create)g(a)208 4836
+4736 y Fq(Constan)n(ts)30 b(used)i(with)g Fl(set_options)26
+b Fq(of)32 b(Con)n(text)f(ob)5 b(jects.)48 b Fl(OP_SINGLE_DH_USE)25
+b Fq(means)31 b(to)g(alw)n(a)n(ys)f(create)g(a)208 4836
y(new)19 b(k)n(ey)f(when)h(using)g(ephemeral)f(Di\036e-Hellman.)34
-b Fm(OP_EPHEMERAL_RSA)13 b Fr(means)18 b(to)h(alw)n(a)n(ys)e(use)i
+b Fl(OP_EPHEMERAL_RSA)13 b Fq(means)18 b(to)h(alw)n(a)n(ys)e(use)i
(ephemeral)g(RSA)208 4935 y(k)n(eys)f(when)h(doing)f(RSA)i(op)r
-(erations.)33 b Fm(OP_NO_SSLv2)p Fr(,)16 b Fm(OP_NO_SSLv3)f
-Fr(and)k Fm(OP_NO_TLSv1)14 b Fr(means)19 b(to)g(disable)f(those)208
+(erations.)33 b Fl(OP_NO_SSLv2)p Fq(,)16 b Fl(OP_NO_SSLv3)f
+Fq(and)k Fl(OP_NO_TLSv1)14 b Fq(means)19 b(to)g(disable)f(those)208
5035 y(sp)r(eci\034c)29 b(proto)r(cols.)39 b(This)29
b(is)g(in)n(teresting)g(if)g(y)n(ou're)f(using)g(e.g.)41
-b Fm(SSLv23_METHOD)24 b Fr(to)29 b(get)g(an)f(SSLv2-compatible)208
+b Fl(SSLv23_METHOD)24 b Fq(to)29 b(get)g(an)f(SSLv2-compatible)208
5135 y(handshak)n(e,)e(but)i(don't)g(w)n(an)n(t)f(to)g(use)h(SSLv2.)p
-0 5204 1560 4 v 92 5258 a Fi(2)127 5281 y Fh(See)c Fq(http://www.lotha)
-n(r.com/tech/crypto/)p 0 5549 3901 4 v 0 5649 a Fg(3.3)82
-b Fm(SSL)26 b Fg(\026)i(An)g(interface)g(to)f(the)g(SSL-sp)r(eci\034c)h
+0 5204 1560 4 v 92 5258 a Fh(2)127 5281 y Fg(See)c Fp(http://www.lotha)
+n(r.com/tech/crypto/)p 0 5549 3901 4 v 0 5649 a Ff(3.3)82
+b Fl(SSL)26 b Ff(\026)i(An)g(interface)g(to)f(the)g(SSL-sp)r(eci\034c)h
(pa)n(rts)f(of)h(Op)r(enSSL)1652 b(9)p eop end
%%Page: 10 10
-TeXDict begin 10 9 bop 0 83 a Fm(ContextType)208 183
-y Fr(A)27 b(Python)h(t)n(yp)r(e)g(ob)5 b(ject)28 b(represen)n(ting)d
+TeXDict begin 10 9 bop 0 83 a Fl(ContextType)208 183
+y Fq(A)27 b(Python)h(t)n(yp)r(e)g(ob)5 b(ject)28 b(represen)n(ting)d
(the)j(Con)n(text)g(ob)5 b(ject)27 b(t)n(yp)r(e.)0 330
-y Fm(Context\()p Fd(metho)l(d)9 b Fm(\))208 429 y Fr(F)-7
+y Fl(Context\()p Fc(metho)l(d)9 b Fl(\))208 429 y Fq(F)-7
b(actory)34 b(function)i(that)g(creates)f(a)g(new)h(Con)n(text)f(ob)5
b(ject)36 b(giv)n(en)e(an)i(SSL)g(metho)r(d.)61 b(The)36
-b(metho)r(d)g(should)g(b)r(e)208 529 y Fm(SSLv2_METHOD)p
-Fr(,)22 b Fm(SSLv3_METHOD)p Fr(,)h Fm(SSLv23_METHOD)f
-Fr(or)27 b Fm(TLSv1_METHOD)p Fr(.)0 676 y Fm(ConnectionType)208
-775 y Fr(A)g(Python)h(t)n(yp)r(e)g(ob)5 b(ject)28 b(represen)n(ting)d
+b(metho)r(d)g(should)g(b)r(e)208 529 y Fl(SSLv2_METHOD)p
+Fq(,)22 b Fl(SSLv3_METHOD)p Fq(,)h Fl(SSLv23_METHOD)f
+Fq(or)27 b Fl(TLSv1_METHOD)p Fq(.)0 676 y Fl(ConnectionType)208
+775 y Fq(A)g(Python)h(t)n(yp)r(e)g(ob)5 b(ject)28 b(represen)n(ting)d
(the)j(Connection)f(ob)5 b(ject)28 b(t)n(yp)r(e.)0 922
-y Fm(Connection\()p Fd(c)l(ontext,)c(so)l(cket)8 b Fm(\))208
-1022 y Fr(F)-7 b(actory)26 b(fucnction)i(that)g(creates)e(a)h(new)h
+y Fl(Connection\()p Fc(c)l(ontext,)c(so)l(cket)8 b Fl(\))208
+1022 y Fq(F)-7 b(actory)26 b(fucnction)i(that)g(creates)e(a)h(new)h
(Connection)f(ob)5 b(ject)27 b(giv)n(en)g(an)g(SSL)h(con)n(text)f(and)h
-(a)f(so)r(c)n(k)n(et)3538 992 y Fl(3)3603 1022 y Fr(ob)5
-b(ject.)0 1169 y Fn(exception)32 b Fm(Error)208 1268
-y Fr(This)i(exception)g(is)h(used)f(as)g(a)h(base)e(class)h(for)g(the)h
+(a)f(so)r(c)n(k)n(et)3538 992 y Fk(3)3603 1022 y Fq(ob)5
+b(ject.)0 1169 y Fm(exception)32 b Fl(Error)208 1268
+y Fq(This)i(exception)g(is)h(used)f(as)g(a)h(base)e(class)h(for)g(the)h
(other)f(SSL-related)g(exceptions,)i(but)f(ma)n(y)f(also)f(b)r(e)i
(raised)208 1368 y(directly)-7 b(.)208 1501 y(Whenev)n(er)36
b(this)h(exception)g(is)g(raised)f(directly)-7 b(,)40
b(it)d(has)g(a)f(list)i(of)f(error)e(messages)g(from)i(the)h(Op)r
(enSSL)f(error)208 1600 y(queue,)k(where)d(eac)n(h)f(item)i(is)g(a)f
-(tuple)h Fm(\()p Fd(lib)5 b Fm(,)44 b Fd(function)6 b
-Fm(,)43 b Fd(r)l(e)l(ason)6 b Fm(\))p Fr(.)70 b(Here)38
-b Fd(lib)5 b Fr(,)43 b Fd(function)h Fr(and)39 b Fd(r)l(e)l(ason)45
-b Fr(are)37 b(all)208 1700 y(strings,)26 b(describing)h(where)g(and)g
-(what)h(the)g(problem)f(is.)36 b(See)28 b Fd(err)p Fr(\(3\))g(for)f
-(more)g(information.)0 1847 y Fn(exception)32 b Fm(ZeroReturnError)208
-1946 y Fr(This)g(exception)g(matc)n(hes)g(the)h(error)d(return)i(co)r
-(de)h Fm(SSL_ERROR_ZERO_)o(RE)o(TUR)o(N)p Fr(,)26 b(and)33
+(tuple)h Fl(\()p Fc(lib)5 b Fl(,)44 b Fc(function)6 b
+Fl(,)43 b Fc(r)l(e)l(ason)6 b Fl(\))p Fq(.)70 b(Here)38
+b Fc(lib)5 b Fq(,)43 b Fc(function)h Fq(and)39 b Fc(r)l(e)l(ason)45
+b Fq(are)37 b(all)208 1700 y(strings,)26 b(describing)h(where)g(and)g
+(what)h(the)g(problem)f(is.)36 b(See)28 b Fc(err)p Fq(\(3\))g(for)f
+(more)g(information.)0 1847 y Fm(exception)32 b Fl(ZeroReturnError)208
+1946 y Fq(This)g(exception)g(matc)n(hes)g(the)h(error)d(return)i(co)r
+(de)h Fl(SSL_ERROR_ZERO_)o(RE)o(TUR)o(N)p Fq(,)26 b(and)33
b(is)f(raised)f(when)i(the)g(SSL)208 2046 y(Connection)c(has)g(b)r(een)
h(closed.)43 b(In)29 b(SSL)h(3.0)f(and)h(TLS)g(1.0,)f(this)h(only)f(o)r
(ccurs)g(if)h(a)g(closure)e(alert)h(has)g(o)r(ccurred)208
@@ -5114,440 +5030,442 @@
(la)n(y)n(er)f(\(e.g.)36 b(a)28 b(so)r(c)n(k)n(et\))e(has)h(b)r(een)h
(closed.)208 2378 y(It)k(ma)n(y)f(seem)h(a)f(little)i(strange)e(that)h
(this)g(is)g(an)g(exception,)g(but)h(it)f(do)r(es)g(matc)n(h)g(an)f
-Fm(SSL_ERROR)e Fr(co)r(de,)j(and)g(is)208 2478 y(v)n(ery)26
-b(con)n(v)n(enien)n(t.)0 2625 y Fn(exception)32 b Fm(WantReadError)208
-2724 y Fr(The)i(op)r(eration)e(did)j(not)f(complete;)j(the)d(same)g
+Fl(SSL_ERROR)e Fq(co)r(de,)j(and)g(is)208 2478 y(v)n(ery)26
+b(con)n(v)n(enien)n(t.)0 2625 y Fm(exception)32 b Fl(WantReadError)208
+2724 y Fq(The)i(op)r(eration)e(did)j(not)f(complete;)j(the)d(same)g
(I/O)f(metho)r(d)h(should)g(b)r(e)g(called)g(again)f(later,)i(with)f
(the)h(same)208 2824 y(argumen)n(ts.)g(An)n(y)28 b(I/O)e(metho)r(d)i
(can)f(lead)h(to)f(this)h(since)f(new)h(handshak)n(es)e(can)h(o)r(ccur)
-g(at)g(an)n(y)g(time.)0 2971 y Fn(exception)32 b Fm(WantWriteError)208
-3070 y Fr(See)27 b Fm(WantReadError)p Fr(.)0 3217 y Fn(exception)32
-b Fm(WantX509LookupE)o(rr)o(or)208 3317 y Fr(The)24 b(op)r(eration)g
+g(at)g(an)n(y)g(time.)0 2971 y Fm(exception)32 b Fl(WantWriteError)208
+3070 y Fq(See)27 b Fl(WantReadError)p Fq(.)0 3217 y Fm(exception)32
+b Fl(WantX509LookupE)o(rr)o(or)208 3317 y Fq(The)24 b(op)r(eration)g
(did)h(not)g(complete)f(b)r(ecause)g(an)h(application)f(callbac)n(k)f
(has)h(ask)n(ed)g(to)g(b)r(e)h(called)g(again.)34 b(The)25
b(I/O)208 3417 y(metho)r(d)f(should)h(b)r(e)f(called)g(again)g(later,)g
(with)h(the)g(same)e(argumen)n(ts.)35 b(Note:)g(This)24
b(w)n(on't)h(o)r(ccur)e(in)i(this)g(v)n(ersion,)208 3516
y(as)h(there)i(are)e(no)i(suc)n(h)f(callbac)n(ks)f(in)i(this)f(v)n
-(ersion.)0 3663 y Fn(exception)32 b Fm(SysCallError)208
-3763 y Fr(The)25 b Fm(SysCallError)20 b Fr(o)r(ccurs)k(when)i(there's)e
+(ersion.)0 3663 y Fm(exception)32 b Fl(SysCallError)208
+3763 y Fq(The)25 b Fl(SysCallError)20 b Fq(o)r(ccurs)k(when)i(there's)e
(an)h(I/O)g(error)e(and)i(Op)r(enSSL's)g(error)e(queue)i(do)r(es)g(not)
g(con)n(tain)g(an)n(y)208 3862 y(information.)59 b(This)36
b(can)f(mean)g(t)n(w)n(o)g(things:)52 b(An)36 b(error)d(in)j(the)g
(transp)r(ort)e(proto)r(col,)i(or)f(an)g(end)h(of)f(\034le)h(that)208
3962 y(violates)26 b(the)i(proto)r(col.)36 b(The)27 b(parameter)f(to)i
-(the)g(exception)f(is)g(alw)n(a)n(ys)f(a)h(pair)g Fm(\()p
-Fd(errnum)6 b Fm(,)42 b Fd(errstr)9 b Fm(\))p Fr(.)0
-4225 y Fg(Context)27 b(objects)0 4425 y Fr(Con)n(text)g(ob)5
+(the)g(exception)f(is)g(alw)n(a)n(ys)f(a)h(pair)g Fl(\()p
+Fc(errnum)6 b Fl(,)42 b Fc(errstr)9 b Fl(\))p Fq(.)0
+4225 y Ff(Context)27 b(objects)0 4425 y Fq(Con)n(text)g(ob)5
b(jects)27 b(ha)n(v)n(e)g(the)h(follo)n(wing)e(metho)r(ds:)0
-4572 y Fm(check_privatekey)o(\(\))208 4689 y Fr(Chec)n(k)k(if)i(the)g
-(priv)-5 b(ate)31 b(k)n(ey)f(\(loaded)h(with)h Fm(use_privatekey)p
-Fc([)p Fm(_)o(fi)o(le)11 b Fc(])p Fr(\))26 b(matc)n(hes)k(the)i
-(certi\034cate)f(\(loaded)g(with)208 4816 y Fm(use_certificate)o
-Fc([)p Fm(_)o(fil)o(e)11 b Fc(])p Fr(\).)31 b(Returns)d
-Fm(None)e Fr(if)i(they)f(matc)n(h,)h(raises)e Fm(Error)g
-Fr(otherwise.)0 4963 y Fm(get_app_data\(\))208 5063 y
-Fr(Retriev)n(e)g(application)h(data)g(as)g(set)h(b)n(y)g
-Fm(set_app_data)p Fr(.)p 0 5134 1560 4 v 92 5188 a Fi(3)127
-5211 y Fh(A)n(ctually)-6 b(,)25 b(all)e(that)j(is)d(required)j(is)e(an)
-g(ob)t(ject)h(that)h Fb(b)l(ehaves)e Fh(lik)n(e)g(a)h(so)r(c)n(k)n(et,)
+4572 y Fl(check_privatekey)o(\(\))208 4689 y Fq(Chec)n(k)k(if)i(the)g
+(priv)-5 b(ate)31 b(k)n(ey)f(\(loaded)h(with)h Fl(use_privatekey)p
+Fb([)p Fl(_)o(fi)o(le)11 b Fb(])p Fq(\))26 b(matc)n(hes)k(the)i
+(certi\034cate)f(\(loaded)g(with)208 4816 y Fl(use_certificate)o
+Fb([)p Fl(_)o(fil)o(e)11 b Fb(])p Fq(\).)31 b(Returns)d
+Fl(None)e Fq(if)i(they)f(matc)n(h,)h(raises)e Fl(Error)g
+Fq(otherwise.)0 4963 y Fl(get_app_data\(\))208 5063 y
+Fq(Retriev)n(e)g(application)h(data)g(as)g(set)h(b)n(y)g
+Fl(set_app_data)p Fq(.)p 0 5134 1560 4 v 92 5188 a Fh(3)127
+5211 y Fg(A)n(ctually)-6 b(,)25 b(all)e(that)j(is)d(required)j(is)e(an)
+g(ob)t(ject)h(that)h Fa(b)l(ehaves)e Fg(lik)n(e)g(a)h(so)r(c)n(k)n(et,)
g(y)n(ou)g(could)g(ev)n(en)g(use)f(\034les,)g(ev)n(en)i(though)f(it'd)f
(b)r(e)h(tric)n(ky)g(to)0 5290 y(get)g(the)f(handshak)n(es)h(righ)n(t!)
-p 0 5549 3901 4 v 0 5649 a Fg(10)2197 b(3)83 b Fm(OpenSSL)24
-b Fg(\026)k(Python)f(interface)h(to)f(Op)r(enSSL)p eop
+p 0 5549 3901 4 v 0 5649 a Ff(10)2197 b(3)83 b Fl(OpenSSL)24
+b Ff(\026)k(Python)f(interface)h(to)f(Op)r(enSSL)p eop
end
%%Page: 11 11
-TeXDict begin 11 10 bop 0 83 a Fm(get_cert_store\(\))208
-183 y Fr(Retriev)n(e)34 b(the)i(certi\034cate)f(store)f(\(a)h
+TeXDict begin 11 10 bop 0 83 a Fl(get_cert_store\(\))208
+183 y Fq(Retriev)n(e)34 b(the)i(certi\034cate)f(store)f(\(a)h
(X509Store)f(ob)5 b(ject\))35 b(that)h(the)f(con)n(text)g(uses.)60
b(This)35 b(can)g(b)r(e)h(used)f(to)g(add)208 282 y("trusted")26
-b(certi\034cates)h(without)h(using)f(the.)37 b Fm(load_verify_loca)o
-(tio)o(ns)o(\(\))21 b Fr(metho)r(d.)0 429 y Fm(get_timeout\(\))208
-529 y Fr(Retriev)n(e)26 b(session)h(timeout,)h(as)f(set)g(b)n(y)i
-Fm(set_timeout)p Fr(.)j(The)c(default)g(is)f(300)f(seconds.)0
-676 y Fm(get_verify_depth)o(\(\))208 775 y Fr(Retriev)n(e)g(the)i(Con)n
+b(certi\034cates)h(without)h(using)f(the.)37 b Fl(load_verify_loca)o
+(tio)o(ns)o(\(\))21 b Fq(metho)r(d.)0 429 y Fl(get_timeout\(\))208
+529 y Fq(Retriev)n(e)26 b(session)h(timeout,)h(as)f(set)g(b)n(y)i
+Fl(set_timeout)p Fq(.)j(The)c(default)g(is)f(300)f(seconds.)0
+676 y Fl(get_verify_depth)o(\(\))208 775 y Fq(Retriev)n(e)g(the)i(Con)n
(text)f(ob)5 b(ject's)28 b(v)n(erify)e(depth,)j(as)d(set)i(b)n(y)g
-Fm(set_verify_depth)p Fr(.)0 922 y Fm(get_verify_mode\()o(\))208
-1022 y Fr(Retriev)n(e)e(the)i(Con)n(text)f(ob)5 b(ject's)28
-b(v)n(erify)e(mo)r(de,)i(as)f(set)h(b)n(y)g Fm(set_verify_mode)p
-Fr(.)0 1169 y Fm(load_client_ca\()p Fd(p)l(em\034le)6
-b Fm(\))208 1268 y Fr(Read)33 b(a)g(\034le)h(with)g(PEM-formatted)g
+Fl(set_verify_depth)p Fq(.)0 922 y Fl(get_verify_mode\()o(\))208
+1022 y Fq(Retriev)n(e)e(the)i(Con)n(text)f(ob)5 b(ject's)28
+b(v)n(erify)e(mo)r(de,)i(as)f(set)h(b)n(y)g Fl(set_verify_mode)p
+Fq(.)0 1169 y Fl(load_client_ca\()p Fc(p)l(em\034le)6
+b Fl(\))208 1268 y Fq(Read)33 b(a)g(\034le)h(with)g(PEM-formatted)g
(certi\034cates)f(that)h(will)g(b)r(e)g(sen)n(t)f(to)h(the)g(clien)n(t)
f(when)h(requesting)f(a)g(clien)n(t)208 1368 y(certi\034cate.)0
-1515 y Fm(load_verify_loca)o(ti)o(ons)o(\()p Fd(p)l(em\034le)6
-b Fm(\))208 1614 y Fr(Sp)r(ecify)24 b(where)f(CA)g(certi\034cates)g
+1515 y Fl(load_verify_loca)o(ti)o(ons)o(\()p Fc(p)l(em\034le)6
+b Fl(\))208 1614 y Fq(Sp)r(ecify)24 b(where)f(CA)g(certi\034cates)g
(for)g(v)n(eri\034cation)f(purp)r(oses)h(are)f(lo)r(cated.)35
b(These)23 b(are)g(trusted)g(certi\034cates.)35 b(Note)208
1714 y(that)27 b(the)h(certi\034cates)f(ha)n(v)n(e)f(to)i(b)r(e)g(in)g
-(PEM)g(format.)0 1861 y Fm(load_tmp_dh\()p Fd(dh\034le)6
-b Fm(\))208 1961 y Fr(Load)26 b(parameters)g(for)h(Ephemeral)g
-(Di\036e-Hellman)h(from)g Fd(dh\034le)6 b Fr(.)0 2107
-y Fm(set_app_data\()p Fd(data)g Fm(\))208 2207 y Fr(Asso)r(ciate)25
-b Fd(data)33 b Fr(with)27 b(this)f(Con)n(text)f(ob)5
-b(ject.)36 b Fd(data)e Fr(can)25 b(b)r(e)i(retriev)n(ed)d(later)i
-(using)f(the)i Fm(get_app_data)21 b Fr(metho)r(d.)0 2354
-y Fm(set_cipher_list\()o Fd(ciphers)7 b Fm(\))208 2454
-y Fr(Set)28 b(the)g(list)h(of)f(ciphers)f(to)h(b)r(e)g(used)g(in)g
+(PEM)g(format.)0 1861 y Fl(load_tmp_dh\()p Fc(dh\034le)6
+b Fl(\))208 1961 y Fq(Load)26 b(parameters)g(for)h(Ephemeral)g
+(Di\036e-Hellman)h(from)g Fc(dh\034le)6 b Fq(.)0 2107
+y Fl(set_app_data\()p Fc(data)g Fl(\))208 2207 y Fq(Asso)r(ciate)25
+b Fc(data)33 b Fq(with)27 b(this)f(Con)n(text)f(ob)5
+b(ject.)36 b Fc(data)e Fq(can)25 b(b)r(e)i(retriev)n(ed)d(later)i
+(using)f(the)i Fl(get_app_data)21 b Fq(metho)r(d.)0 2354
+y Fl(set_cipher_list\()o Fc(ciphers)7 b Fl(\))208 2454
+y Fq(Set)28 b(the)g(list)h(of)f(ciphers)f(to)h(b)r(e)g(used)g(in)g
(this)h(con)n(text.)37 b(See)28 b(the)h(Op)r(enSSL)f(man)n(ual)f(for)h
(more)f(information)g(\(e.g.)208 2553 y(ciphers\(1\)\))0
-2700 y Fm(set_info_callbac)o(k\()o Fd(c)l(al)t(lb)l(ack)9
-b Fm(\))208 2800 y Fr(Set)33 b(the)f(information)g(callbac)n(k)f(to)i
-Fd(c)l(al)t(lb)l(ack)9 b Fr(.)54 b(This)32 b(function)h(will)g(b)r(e)g
+2700 y Fl(set_info_callbac)o(k\()o Fc(c)l(al)t(lb)l(ack)9
+b Fl(\))208 2800 y Fq(Set)33 b(the)f(information)g(callbac)n(k)f(to)i
+Fc(c)l(al)t(lb)l(ack)9 b Fq(.)54 b(This)32 b(function)h(will)g(b)r(e)g
(called)f(from)g(time)h(to)g(time)g(during)f(SSL)208
-2899 y(handshak)n(es.)49 b Fd(c)l(al)t(lb)l(ack)43 b
-Fr(should)32 b(tak)n(e)g(three)g(argumen)n(ts:)45 b(a)32
+2899 y(handshak)n(es.)49 b Fc(c)l(al)t(lb)l(ack)43 b
+Fq(should)32 b(tak)n(e)g(three)g(argumen)n(ts:)45 b(a)32
b(Connection)g(ob)5 b(ject)32 b(and)g(t)n(w)n(o)g(in)n(tegers.)50
b(The)32 b(\034rst)208 2999 y(in)n(teger)f(sp)r(eci\034es)g(where)h(in)
g(the)g(SSL)g(handshak)n(e)f(the)h(function)h(w)n(as)e(called,)h(and)g
(the)g(other)g(the)g(return)f(co)r(de)208 3099 y(from)c(a)g(\(p)r
(ossibly)g(failed\))h(in)n(ternal)f(function)h(call.)0
-3245 y Fm(set_options\()p Fd(options)7 b Fm(\))208 3345
-y Fr(A)n(dd)28 b(SSL)h(options.)38 b(Options)28 b(y)n(ou)f(ha)n(v)n(e)g
+3245 y Fl(set_options\()p Fc(options)7 b Fl(\))208 3345
+y Fq(A)n(dd)28 b(SSL)h(options.)38 b(Options)28 b(y)n(ou)f(ha)n(v)n(e)g
(set)i(b)r(efore)f(are)f(not)h(cleared!)38 b(This)28
b(metho)r(d)h(should)f(b)r(e)h(used)f(with)h(the)208
-3445 y Fm(OP_*)d Fr(constan)n(ts.)0 3591 y Fm(set_passwd_cb\()p
-Fd(c)l(al)t(lb)l(ack)9 b Fc([)p Fd(,)25 b(user)l(data)19
-b Fc(])p Fm(\))208 3691 y Fr(Set)42 b(the)g(passphrase)f(callbac)n(k)f
-(to)i Fd(c)l(al)t(lb)l(ack)9 b Fr(.)82 b(This)42 b(function)h(will)f(b)
+3445 y Fl(OP_*)d Fq(constan)n(ts.)0 3591 y Fl(set_passwd_cb\()p
+Fc(c)l(al)t(lb)l(ack)9 b Fb([)p Fc(,)25 b(user)l(data)19
+b Fb(])p Fl(\))208 3691 y Fq(Set)42 b(the)g(passphrase)f(callbac)n(k)f
+(to)i Fc(c)l(al)t(lb)l(ack)9 b Fq(.)82 b(This)42 b(function)h(will)f(b)
r(e)g(called)g(when)g(a)g(priv)-5 b(ate)42 b(k)n(ey)f(with)h(a)208
-3791 y(passphrase)37 b(is)i(loaded.)70 b Fd(c)l(al)t(lb)l(ack)50
-b Fr(should)39 b(tak)n(e)f(a)g(b)r(o)r(olean)h(argumen)n(t)f
-Fd(r)l(ep)l(e)l(at)47 b Fr(and)39 b(an)f(arbitrary)f(argumen)n(t)208
-3890 y Fd(data)f Fr(and)28 b(return)g(the)h(passphrase)e(en)n(tered)h
-(b)n(y)g(the)h(user.)40 b(If)35 b Fd(r)l(ep)l(e)l(at)i
-Fr(is)28 b(true)h(then)g Fd(c)l(al)t(lb)l(ack)39 b Fr(should)29
+3791 y(passphrase)37 b(is)i(loaded.)70 b Fc(c)l(al)t(lb)l(ack)50
+b Fq(should)39 b(tak)n(e)f(a)g(b)r(o)r(olean)h(argumen)n(t)f
+Fc(r)l(ep)l(e)l(at)47 b Fq(and)39 b(an)f(arbitrary)f(argumen)n(t)208
+3890 y Fc(data)f Fq(and)28 b(return)g(the)h(passphrase)e(en)n(tered)h
+(b)n(y)g(the)h(user.)40 b(If)35 b Fc(r)l(ep)l(e)l(at)i
+Fq(is)28 b(true)h(then)g Fc(c)l(al)t(lb)l(ack)39 b Fq(should)29
b(ask)f(for)g(the)208 3990 y(passphrase)j(t)n(wice)j(and)g(mak)n(e)f
(sure)g(that)h(the)g(t)n(w)n(o)f(en)n(tries)g(are)g(equal.)55
-b(The)34 b Fd(data)41 b Fr(argumen)n(t)33 b(is)h(the)g
-Fd(user)l(data)208 4090 y Fr(v)-5 b(ariable)25 b(passed)h(to)h(the)g
-Fm(set_passwd_cb)22 b Fr(metho)r(d.)37 b(If)27 b(an)g(error)e(o)r
-(ccurs,)h Fd(c)l(al)t(lb)l(ack)37 b Fr(should)27 b(return)f(a)h(false)f
+b(The)34 b Fc(data)41 b Fq(argumen)n(t)33 b(is)h(the)g
+Fc(user)l(data)208 4090 y Fq(v)-5 b(ariable)25 b(passed)h(to)h(the)g
+Fl(set_passwd_cb)22 b Fq(metho)r(d.)37 b(If)27 b(an)g(error)e(o)r
+(ccurs,)h Fc(c)l(al)t(lb)l(ack)37 b Fq(should)27 b(return)f(a)h(false)f
(v)-5 b(alue)208 4189 y(\(e.g.)36 b(an)28 b(empt)n(y)f(string\).)0
-4336 y Fm(set_session_id\()p Fd(n)o(ame)6 b Fm(\))208
-4436 y Fr(Set)33 b(the)h(con)n(text)f Fd(name)39 b Fr(within)34
+4336 y Fl(set_session_id\()p Fc(n)o(ame)6 b Fl(\))208
+4436 y Fq(Set)33 b(the)h(con)n(text)f Fc(name)39 b Fq(within)34
b(whic)n(h)f(a)g(session)f(can)h(b)r(e)h(reused)e(for)h(this)g(Con)n
(text)g(ob)5 b(ject.)54 b(This)33 b(is)g(needed)208 4535
y(when)e(doing)g(session)g(resumption,)h(b)r(ecause)g(there)f(is)h(no)f
(w)n(a)n(y)g(for)g(a)g(stored)g(session)f(to)i(kno)n(w)f(whic)n(h)g
(Con)n(text)208 4635 y(ob)5 b(ject)27 b(it)h(is)f(asso)r(ciated)g
-(with.)37 b Fd(name)d Fr(ma)n(y)27 b(b)r(e)h(an)n(y)e(binary)h(data.)0
-4782 y Fm(set_timeout\()p Fd(time)l(out)8 b Fm(\))208
-4882 y Fr(Set)29 b(the)g(timeout)h(for)e(newly)h(created)f(sessions)g
-(for)h(this)g(Con)n(text)g(ob)5 b(ject)28 b(to)h Fd(time)l(out)8
-b Fr(.)41 b Fd(time)l(out)36 b Fr(m)n(ust)29 b(b)r(e)h(giv)n(en)208
+(with.)37 b Fc(name)d Fq(ma)n(y)27 b(b)r(e)h(an)n(y)e(binary)h(data.)0
+4782 y Fl(set_timeout\()p Fc(time)l(out)8 b Fl(\))208
+4882 y Fq(Set)29 b(the)g(timeout)h(for)e(newly)h(created)f(sessions)g
+(for)h(this)g(Con)n(text)g(ob)5 b(ject)28 b(to)h Fc(time)l(out)8
+b Fq(.)41 b Fc(time)l(out)36 b Fq(m)n(ust)29 b(b)r(e)h(giv)n(en)208
4981 y(in)f(\(whole\))f(seconds.)40 b(The)29 b(default)g(v)-5
b(alue)28 b(is)h(300)e(seconds.)40 b(See)29 b(the)g(Op)r(enSSL)g(man)n
(ual)f(for)g(more)g(information)208 5081 y(\(e.g.)36
-b(SSL_CTX_set_timeout\(3\)\).)0 5228 y Fm(set_verify\()p
-Fd(mo)l(de,)26 b(c)l(al)t(lb)l(ack)9 b Fm(\))208 5327
-y Fr(Set)36 b(the)h(v)n(eri\034cation)e(\035ags)g(for)h(this)h(Con)n
-(text)f(ob)5 b(ject)36 b(to)g Fd(mo)l(de)44 b Fr(and)36
-b(sp)r(ecify)g(that)h Fd(c)l(al)t(lb)l(ack)47 b Fr(should)36
-b(b)r(e)h(used)p 0 5549 3901 4 v 0 5649 a Fg(3.3)82 b
-Fm(SSL)26 b Fg(\026)i(An)g(interface)g(to)f(the)g(SSL-sp)r(eci\034c)h
+b(SSL_CTX_set_timeout\(3\)\).)0 5228 y Fl(set_verify\()p
+Fc(mo)l(de,)26 b(c)l(al)t(lb)l(ack)9 b Fl(\))208 5327
+y Fq(Set)36 b(the)h(v)n(eri\034cation)e(\035ags)g(for)h(this)h(Con)n
+(text)f(ob)5 b(ject)36 b(to)g Fc(mo)l(de)44 b Fq(and)36
+b(sp)r(ecify)g(that)h Fc(c)l(al)t(lb)l(ack)47 b Fq(should)36
+b(b)r(e)h(used)p 0 5549 3901 4 v 0 5649 a Ff(3.3)82 b
+Fl(SSL)26 b Ff(\026)i(An)g(interface)g(to)f(the)g(SSL-sp)r(eci\034c)h
(pa)n(rts)f(of)h(Op)r(enSSL)1611 b(11)p eop end
%%Page: 12 12
-TeXDict begin 12 11 bop 208 83 a Fr(for)30 b(v)n(eri\034cation)g
-(callbac)n(ks.)45 b Fd(mo)l(de)38 b Fr(should)31 b(b)r(e)h(one)e(of)38
-b Fm(VERIFY_NONE)26 b Fr(and)31 b Fm(VERIFY_PEER)p Fr(.)c(If)38
-b Fm(VERIFY_PEER)26 b Fr(is)208 183 y(used,)j Fd(mo)l(de)36
-b Fr(can)29 b(b)r(e)g(OR:ed)g(with)g Fm(VERIFY_FAIL_IF_NO)o(_P)o(EE)o
-(R_C)o(ER)o(T)23 b Fr(and)29 b Fm(VERIFY_CLIENT_O)o(NCE)22
-b Fr(to)29 b(further)208 282 y(con)n(trol)23 b(the)j(b)r(eha)n(viour.)
-34 b Fd(c)l(al)t(lb)l(ack)i Fr(should)25 b(tak)n(e)f(\034v)n(e)h
+TeXDict begin 12 11 bop 208 83 a Fq(for)30 b(v)n(eri\034cation)g
+(callbac)n(ks.)45 b Fc(mo)l(de)38 b Fq(should)31 b(b)r(e)h(one)e(of)38
+b Fl(VERIFY_NONE)26 b Fq(and)31 b Fl(VERIFY_PEER)p Fq(.)c(If)38
+b Fl(VERIFY_PEER)26 b Fq(is)208 183 y(used,)j Fc(mo)l(de)36
+b Fq(can)29 b(b)r(e)g(OR:ed)g(with)g Fl(VERIFY_FAIL_IF_NO)o(_P)o(EE)o
+(R_C)o(ER)o(T)23 b Fq(and)29 b Fl(VERIFY_CLIENT_O)o(NCE)22
+b Fq(to)29 b(further)208 282 y(con)n(trol)23 b(the)j(b)r(eha)n(viour.)
+34 b Fc(c)l(al)t(lb)l(ack)i Fq(should)25 b(tak)n(e)f(\034v)n(e)h
(argumen)n(ts:)34 b(A)25 b(Connection)g(ob)5 b(ject,)25
b(an)g(X509)f(ob)5 b(ject,)25 b(and)208 382 y(three)e(in)n(teger)g(v)-5
b(ariables,)23 b(whic)n(h)h(are)f(in)h(turn)g(p)r(oten)n(tial)g(error)d
(n)n(um)n(b)r(er,)k(error)c(depth)k(and)f(return)f(co)r(de.)35
-b Fd(c)l(al)t(lb)l(ack)208 482 y Fr(should)27 b(return)g(true)g(if)h(v)
+b Fc(c)l(al)t(lb)l(ack)208 482 y Fq(should)27 b(return)g(true)g(if)h(v)
n(eri\034cation)f(passes)f(and)h(false)h(otherwise.)0
-628 y Fm(set_verify_depth)o(\()p Fd(depth)6 b Fm(\))208
-728 y Fr(Set)36 b(the)g(maxim)n(um)f(depth)h(for)g(the)g(certi\034cate)
+628 y Fl(set_verify_depth)o(\()p Fc(depth)6 b Fl(\))208
+728 y Fq(Set)36 b(the)g(maxim)n(um)f(depth)h(for)g(the)g(certi\034cate)
f(c)n(hain)g(v)n(eri\034cation)f(that)i(shall)f(b)r(e)h(allo)n(w)n(ed)e
(for)i(this)f(Con)n(text)208 828 y(ob)5 b(ject.)0 975
-y Fm(use_certificate\()o Fd(c)l(ert)j Fm(\))208 1074
-y Fr(Use)27 b(the)h(certi\034cate)f Fd(c)l(ert)35 b Fr(whic)n(h)28
+y Fl(use_certificate\()o Fc(c)l(ert)j Fl(\))208 1074
+y Fq(Use)27 b(the)h(certi\034cate)f Fc(c)l(ert)35 b Fq(whic)n(h)28
b(has)f(to)g(b)r(e)h(a)f(X509)g(ob)5 b(ject.)0 1221 y
-Fm(add_extra_chain_)o(ce)o(rt\()o Fd(c)l(ert)j Fm(\))208
-1321 y Fr(A)n(dds)32 b(the)h(certi\034cate)f Fd(c)l(ert)8
-b Fr(,)34 b(whic)n(h)f(has)f(to)g(b)r(e)i(a)e(X509)f(ob)5
+Fl(add_extra_chain_)o(ce)o(rt\()o Fc(c)l(ert)j Fl(\))208
+1321 y Fq(A)n(dds)32 b(the)h(certi\034cate)f Fc(c)l(ert)8
+b Fq(,)34 b(whic)n(h)f(has)f(to)g(b)r(e)i(a)e(X509)f(ob)5
b(ject,)34 b(to)f(the)g(certi\034cate)f(c)n(hain)g(presen)n(ted)g
(together)208 1420 y(with)c(the)g(certi\034cate.)0 1567
-y Fm(use_certificate_)o(ch)o(ain)o(_f)o(il)o(e\()p Fd(\034)o(le)6
-b Fm(\))208 1667 y Fr(Load)26 b(a)h(certi\034cate)g(c)n(hain)g(from)h
-Fd(\034le)34 b Fr(whic)n(h)27 b(m)n(ust)h(b)r(e)g(PEM)g(enco)r(ded.)0
-1814 y Fm(use_privatekey\()p Fd(pkey)7 b Fm(\))208 1913
-y Fr(Use)27 b(the)h(priv)-5 b(ate)27 b(k)n(ey)h Fd(pkey)36
-b Fr(whic)n(h)28 b(has)f(to)g(b)r(e)h(a)f(PKey)h(ob)5
-b(ject.)0 2075 y Fm(use_certificate_)o(fi)o(le\()o Fd(\034le)h
-Fc([)p Fd(,)24 b(format)d Fc(])p Fm(\))208 2174 y Fr(Load)i(the)h
-(\034rst)g(certi\034cate)f(found)h(in)h Fd(\034le)6 b
-Fr(.)36 b(The)24 b(certi\034cate)f(m)n(ust)h(b)r(e)h(in)f(the)g(format)
-g(sp)r(eci\034ed)g(b)n(y)h Fd(format)8 b Fr(,)25 b(whic)n(h)208
-2274 y(is)i(either)g Fm(FILETYPE_PEM)c Fr(or)k Fm(FILETYPE_ASN1)p
-Fr(.)k(The)d(default)g(is)f Fm(FILETYPE_PEM)p Fr(.)0
-2421 y Fm(use_privatekey_f)o(il)o(e\()p Fd(\034)o(le)6
-b Fc([)p Fd(,)25 b(format)20 b Fc(])p Fm(\))208 2520
-y Fr(Load)31 b(the)h(\034rst)g(priv)-5 b(ate)31 b(k)n(ey)g(found)i(in)f
-Fd(\034le)6 b Fr(.)50 b(The)32 b(priv)-5 b(ate)32 b(k)n(ey)f(m)n(ust)h
+y Fl(use_certificate_)o(ch)o(ain)o(_f)o(il)o(e\()p Fc(\034)o(le)6
+b Fl(\))208 1667 y Fq(Load)26 b(a)h(certi\034cate)g(c)n(hain)g(from)h
+Fc(\034le)34 b Fq(whic)n(h)27 b(m)n(ust)h(b)r(e)g(PEM)g(enco)r(ded.)0
+1814 y Fl(use_privatekey\()p Fc(pkey)7 b Fl(\))208 1913
+y Fq(Use)27 b(the)h(priv)-5 b(ate)27 b(k)n(ey)h Fc(pkey)36
+b Fq(whic)n(h)28 b(has)f(to)g(b)r(e)h(a)f(PKey)h(ob)5
+b(ject.)0 2075 y Fl(use_certificate_)o(fi)o(le\()o Fc(\034le)h
+Fb([)p Fc(,)24 b(format)d Fb(])p Fl(\))208 2174 y Fq(Load)i(the)h
+(\034rst)g(certi\034cate)f(found)h(in)h Fc(\034le)6 b
+Fq(.)36 b(The)24 b(certi\034cate)f(m)n(ust)h(b)r(e)h(in)f(the)g(format)
+g(sp)r(eci\034ed)g(b)n(y)h Fc(format)8 b Fq(,)25 b(whic)n(h)208
+2274 y(is)i(either)g Fl(FILETYPE_PEM)c Fq(or)k Fl(FILETYPE_ASN1)p
+Fq(.)k(The)d(default)g(is)f Fl(FILETYPE_PEM)p Fq(.)0
+2421 y Fl(use_privatekey_f)o(il)o(e\()p Fc(\034)o(le)6
+b Fb([)p Fc(,)25 b(format)20 b Fb(])p Fl(\))208 2520
+y Fq(Load)31 b(the)h(\034rst)g(priv)-5 b(ate)31 b(k)n(ey)g(found)i(in)f
+Fc(\034le)6 b Fq(.)50 b(The)32 b(priv)-5 b(ate)32 b(k)n(ey)f(m)n(ust)h
(b)r(e)g(in)h(the)f(format)f(sp)r(eci\034ed)i(b)n(y)f
-Fd(format)8 b Fr(,)208 2620 y(whic)n(h)27 b(is)g(either)h
-Fm(FILETYPE_PEM)22 b Fr(or)27 b Fm(FILETYPE_ASN1)p Fr(.)32
-b(The)27 b(default)h(is)g Fm(FILETYPE_PEM)p Fr(.)0 2876
-y Fg(Connection)e(objects)0 3077 y Fr(Connection)h(ob)5
+Fc(format)8 b Fq(,)208 2620 y(whic)n(h)27 b(is)g(either)h
+Fl(FILETYPE_PEM)22 b Fq(or)27 b Fl(FILETYPE_ASN1)p Fq(.)32
+b(The)27 b(default)h(is)g Fl(FILETYPE_PEM)p Fq(.)0 2876
+y Ff(Connection)e(objects)0 3077 y Fq(Connection)h(ob)5
b(jects)27 b(ha)n(v)n(e)f(the)i(follo)n(wing)f(metho)r(ds:)0
-3224 y Fm(accept\(\))208 3323 y Fr(Call)33 b(the)g Fm(accept)e
-Fr(metho)r(d)j(of)f(the)h(underlying)f(so)r(c)n(k)n(et)f(and)h(set)h
+3224 y Fl(accept\(\))208 3323 y Fq(Call)33 b(the)g Fl(accept)e
+Fq(metho)r(d)j(of)f(the)h(underlying)f(so)r(c)n(k)n(et)f(and)h(set)h
(up)g(SSL)f(on)g(the)h(returned)f(so)r(c)n(k)n(et,)h(using)f(the)208
3423 y(Con)n(text)22 b(ob)5 b(ject)22 b(supplied)h(to)f(this)h
(Connection)f(ob)5 b(ject)22 b(at)h(creation.)34 b(Returns)22
-b(a)g(pair)g Fm(\()p Fd(c)l(onn)6 b Fm(,)43 b Fd(addr)l(ess)7
-b Fm(\))p Fr(.)36 b(where)208 3523 y Fd(c)l(onn)d Fr(is)28
+b(a)g(pair)g Fl(\()p Fc(c)l(onn)6 b Fl(,)43 b Fc(addr)l(ess)7
+b Fl(\))p Fq(.)36 b(where)208 3523 y Fc(c)l(onn)d Fq(is)28
b(the)g(new)f(Connection)g(ob)5 b(ject)28 b(created,)e(and)i
-Fd(addr)l(ess)35 b Fr(is)28 b(as)f(returned)g(b)n(y)g(the)h(so)r(c)n(k)
-n(et's)e Fm(accept)p Fr(.)0 3669 y Fm(bind\()p Fd(addr)l(ess)7
-b Fm(\))208 3769 y Fr(Call)27 b(the)h Fm(bind)e Fr(metho)r(d)i(of)f
-(the)h(underlying)f(so)r(c)n(k)n(et.)0 3916 y Fm(close\(\))208
-4016 y Fr(Call)i(the)h Fm(close)e Fr(metho)r(d)i(of)g(the)g(underlying)
+Fc(addr)l(ess)35 b Fq(is)28 b(as)f(returned)g(b)n(y)g(the)h(so)r(c)n(k)
+n(et's)e Fl(accept)p Fq(.)0 3669 y Fl(bind\()p Fc(addr)l(ess)7
+b Fl(\))208 3769 y Fq(Call)27 b(the)h Fl(bind)e Fq(metho)r(d)i(of)f
+(the)h(underlying)f(so)r(c)n(k)n(et.)0 3916 y Fl(close\(\))208
+4016 y Fq(Call)i(the)h Fl(close)e Fq(metho)r(d)i(of)g(the)g(underlying)
f(so)r(c)n(k)n(et.)43 b(Note:)e(If)31 b(y)n(ou)e(w)n(an)n(t)g(correct)f
(SSL)i(closure,)f(y)n(ou)g(need)h(to)208 4115 y(call)d(the)h
-Fm(shutdown)c Fr(metho)r(d)k(\034rst.)0 4262 y Fm(connect\()p
-Fd(addr)l(ess)7 b Fm(\))208 4362 y Fr(Call)31 b(the)h
-Fm(connect)e Fr(metho)r(d)i(of)g(the)g(underlying)g(so)r(c)n(k)n(et)e
+Fl(shutdown)c Fq(metho)r(d)k(\034rst.)0 4262 y Fl(connect\()p
+Fc(addr)l(ess)7 b Fl(\))208 4362 y Fq(Call)31 b(the)h
+Fl(connect)e Fq(metho)r(d)i(of)g(the)g(underlying)g(so)r(c)n(k)n(et)e
(and)i(set)g(up)g(SSL)h(on)e(the)i(so)r(c)n(k)n(et,)f(using)f(the)h
(Con)n(text)208 4461 y(ob)5 b(ject)27 b(supplied)h(to)f(this)h
(Connection)f(ob)5 b(ject)27 b(at)h(creation.)0 4608
-y Fm(connect_ex\()p Fd(addr)l(ess)7 b Fm(\))208 4708
-y Fr(Call)24 b(the)g Fm(connect_ex)c Fr(metho)r(d)25
+y Fl(connect_ex\()p Fc(addr)l(ess)7 b Fl(\))208 4708
+y Fq(Call)24 b(the)g Fl(connect_ex)c Fq(metho)r(d)25
b(of)f(the)h(underlying)f(so)r(c)n(k)n(et)f(and)h(set)g(up)h(SSL)f(on)g
(the)h(so)r(c)n(k)n(et,)f(using)g(the)g(Con)n(text)208
4807 y(ob)5 b(ject)35 b(supplied)g(to)h(this)f(Connection)g(ob)5
b(ject)36 b(at)f(creation.)59 b(Note)36 b(that)f(if)h(the)g
-Fm(connect_ex)31 b Fr(metho)r(d)36 b(of)g(the)208 4907
+Fl(connect_ex)31 b Fq(metho)r(d)36 b(of)g(the)208 4907
y(so)r(c)n(k)n(et)26 b(do)r(esn't)i(return)f(0,)g(SSL)h(w)n(on't)f(b)r
-(e)h(initialized.)0 5054 y Fm(do_handshake\(\))208 5154
-y Fr(P)n(erform)49 b(an)h(SSL)g(handshak)n(e)f(\(usually)h(called)g
-(after)f Fm(renegotiate)d Fr(or)j(one)h(of)57 b Fm(set_accept_stat)o(e)
-44 b Fr(or)208 5253 y Fm(set_accept_stat)o(e)p Fr(\).)31
+(e)h(initialized.)0 5054 y Fl(do_handshake\(\))208 5154
+y Fq(P)n(erform)49 b(an)h(SSL)g(handshak)n(e)f(\(usually)h(called)g
+(after)f Fl(renegotiate)d Fq(or)j(one)h(of)57 b Fl(set_accept_stat)o(e)
+44 b Fq(or)208 5253 y Fl(set_accept_stat)o(e)p Fq(\).)31
b(This)d(can)f(raise)f(the)i(same)f(exceptions)g(as)g
-Fm(send)f Fr(and)h Fm(recv)p Fr(.)0 5400 y Fm(fileno\(\))p
-0 5549 3901 4 v 0 5649 a Fg(12)2197 b(3)83 b Fm(OpenSSL)24
-b Fg(\026)k(Python)f(interface)h(to)f(Op)r(enSSL)p eop
+Fl(send)f Fq(and)h Fl(recv)p Fq(.)0 5400 y Fl(fileno\(\))p
+0 5549 3901 4 v 0 5649 a Ff(12)2197 b(3)83 b Fl(OpenSSL)24
+b Ff(\026)k(Python)f(interface)h(to)f(Op)r(enSSL)p eop
end
%%Page: 13 13
-TeXDict begin 13 12 bop 208 83 a Fr(Retriev)n(e)26 b(the)i(\034le)g
+TeXDict begin 13 12 bop 208 83 a Fq(Retriev)n(e)26 b(the)i(\034le)g
(descriptor)e(n)n(um)n(b)r(er)i(for)f(the)h(underlying)e(so)r(c)n(k)n
-(et.)0 230 y Fm(listen\()p Fd(b)l(acklo)l(g)7 b Fm(\))208
-330 y Fr(Call)27 b(the)h Fm(listen)d Fr(metho)r(d)j(of)f(the)h
-(underlying)f(so)r(c)n(k)n(et.)0 476 y Fm(get_app_data\(\))208
-576 y Fr(Retriev)n(e)f(application)h(data)g(as)g(set)h(b)n(y)g
-Fm(set_app_data)p Fr(.)0 723 y Fm(get_cipher_list\()o(\))208
-823 y Fr(Retriev)n(e)23 b(the)h(list)g(of)g(ciphers)g(used)g(b)n(y)f
+(et.)0 230 y Fl(listen\()p Fc(b)l(acklo)l(g)7 b Fl(\))208
+330 y Fq(Call)27 b(the)h Fl(listen)d Fq(metho)r(d)j(of)f(the)h
+(underlying)f(so)r(c)n(k)n(et.)0 476 y Fl(get_app_data\(\))208
+576 y Fq(Retriev)n(e)f(application)h(data)g(as)g(set)h(b)n(y)g
+Fl(set_app_data)p Fq(.)0 723 y Fl(get_cipher_list\()o(\))208
+823 y Fq(Retriev)n(e)23 b(the)h(list)g(of)g(ciphers)g(used)g(b)n(y)f
(the)i(Connection)e(ob)5 b(ject.)36 b(W)-9 b(ARNING:)25
b(This)f(API)h(has)e(c)n(hanged.)35 b(It)24 b(used)208
922 y(to)j(tak)n(e)g(an)g(optional)g(parameter)f(and)h(just)h(return)g
(a)f(string,)g(but)h(not)f(it)h(returns)f(the)h(en)n(tire)f(list)h(in)g
-(one)f(go.)0 1069 y Fm(get_context\(\))208 1169 y Fr(Retriev)n(e)f(the)
+(one)f(go.)0 1069 y Fl(get_context\(\))208 1169 y Fq(Retriev)n(e)f(the)
i(Con)n(text)f(ob)5 b(ject)28 b(asso)r(ciated)e(with)i(this)g
-(Connection.)0 1316 y Fm(get_peer_certifi)o(ca)o(te\()o(\))208
-1415 y Fr(Retriev)n(e)e(the)i(other)f(side's)g(certi\034cate)g(\(if)i
-(an)n(y\))0 1562 y Fm(getpeername\(\))208 1662 y Fr(Call)e(the)h
-Fm(getpeername)23 b Fr(metho)r(d)28 b(of)f(the)h(underlying)f(so)r(c)n
-(k)n(et.)0 1808 y Fm(getsockname\(\))208 1908 y Fr(Call)g(the)h
-Fm(getsockname)23 b Fr(metho)r(d)28 b(of)f(the)h(underlying)f(so)r(c)n
-(k)n(et.)0 2072 y Fm(getsockopt\()p Fd(level,)f(optname)6
-b Fc([)p Fd(,)31 b(bu\035en)18 b Fc(])p Fm(\))208 2171
-y Fr(Call)27 b(the)h Fm(getsockopt)23 b Fr(metho)r(d)28
-b(of)g(the)g(underlying)f(so)r(c)n(k)n(et.)0 2318 y Fm(pending\(\))208
-2418 y Fr(Retriev)n(e)22 b(the)h(n)n(um)n(b)r(er)g(of)g(b)n(ytes)g
+(Connection.)0 1316 y Fl(get_peer_certifi)o(ca)o(te\()o(\))208
+1415 y Fq(Retriev)n(e)e(the)i(other)f(side's)g(certi\034cate)g(\(if)i
+(an)n(y\))0 1562 y Fl(getpeername\(\))208 1662 y Fq(Call)e(the)h
+Fl(getpeername)23 b Fq(metho)r(d)28 b(of)f(the)h(underlying)f(so)r(c)n
+(k)n(et.)0 1808 y Fl(getsockname\(\))208 1908 y Fq(Call)g(the)h
+Fl(getsockname)23 b Fq(metho)r(d)28 b(of)f(the)h(underlying)f(so)r(c)n
+(k)n(et.)0 2072 y Fl(getsockopt\()p Fc(level,)f(optname)6
+b Fb([)p Fc(,)31 b(bu\035en)18 b Fb(])p Fl(\))208 2171
+y Fq(Call)27 b(the)h Fl(getsockopt)23 b Fq(metho)r(d)28
+b(of)g(the)g(underlying)f(so)r(c)n(k)n(et.)0 2318 y Fl(pending\(\))208
+2418 y Fq(Retriev)n(e)22 b(the)h(n)n(um)n(b)r(er)g(of)g(b)n(ytes)g
(that)h(can)e(b)r(e)i(safely)f(read)f(from)h(the)g(SSL)h(bu\033er)f(\()
-p Fd(not)g Fr(the)h(underlying)e(transp)r(ort)208 2517
-y(bu\033er\).)0 2664 y Fm(recv\()p Fd(bufsize)6 b Fm(\))208
-2764 y Fr(Receiv)n(e)30 b(data)h(from)g(the)h(Connection.)47
+p Fc(not)g Fq(the)h(underlying)e(transp)r(ort)208 2517
+y(bu\033er\).)0 2664 y Fl(recv\()p Fc(bufsize)6 b Fl(\))208
+2764 y Fq(Receiv)n(e)30 b(data)h(from)g(the)h(Connection.)47
b(The)31 b(return)g(v)-5 b(alue)31 b(is)h(a)e(string)h(represen)n(ting)
f(the)h(data)g(receiv)n(ed.)47 b(The)208 2864 y(maxim)n(um)27
b(amoun)n(t)g(of)g(data)h(to)f(b)r(e)h(receiv)n(ed)e(at)i(once,)f(is)g
-(sp)r(eci\034ed)h(b)n(y)h Fd(bufsize)6 b Fr(.)0 3010
-y Fm(renegotiate\(\))208 3110 y Fr(Renegotiate)26 b(the)i(SSL)g
+(sp)r(eci\034ed)h(b)n(y)h Fc(bufsize)6 b Fq(.)0 3010
+y Fl(renegotiate\(\))208 3110 y Fq(Renegotiate)26 b(the)i(SSL)g
(session.)36 b(Call)27 b(this)h(if)g(y)n(ou)f(wish)g(to)h(c)n(hange)e
(cipher)h(suites)h(or)e(an)n(ything)h(lik)n(e)g(that.)0
-3257 y Fm(send\()p Fd(string)7 b Fm(\))208 3357 y Fr(Send)27
-b(the)h Fd(string)35 b Fr(data)27 b(to)h(the)g(Connection.)0
-3503 y Fm(sendall\()p Fd(string)7 b Fm(\))208 3603 y
-Fr(Send)30 b(all)f(of)h(the)g Fd(string)37 b Fr(data)29
-b(to)g(the)h(Connection.)43 b(This)30 b(calls)f Fm(send)f
-Fr(rep)r(eatedly)h(un)n(til)h(all)f(data)h(is)f(sen)n(t.)43
+3257 y Fl(send\()p Fc(string)7 b Fl(\))208 3357 y Fq(Send)27
+b(the)h Fc(string)35 b Fq(data)27 b(to)h(the)g(Connection.)0
+3503 y Fl(sendall\()p Fc(string)7 b Fl(\))208 3603 y
+Fq(Send)30 b(all)f(of)h(the)g Fc(string)37 b Fq(data)29
+b(to)g(the)h(Connection.)43 b(This)30 b(calls)f Fl(send)f
+Fq(rep)r(eatedly)h(un)n(til)h(all)f(data)h(is)f(sen)n(t.)43
b(If)30 b(an)208 3703 y(error)25 b(o)r(ccurs,)i(it's)h(imp)r(ossible)f
(to)g(tell)h(ho)n(w)f(m)n(uc)n(h)h(data)f(has)g(b)r(een)h(sen)n(t.)0
-3850 y Fm(set_accept_state)o(\(\))208 3949 y Fr(Set)20
+3850 y Fl(set_accept_state)o(\(\))208 3949 y Fq(Set)20
b(the)g(connection)f(to)h(w)n(ork)e(in)i(serv)n(er)e(mo)r(de.)34
b(The)20 b(handshak)n(e)f(will)h(b)r(e)g(handled)g(automatically)e(b)n
-(y)i(read/write.)0 4096 y Fm(set_app_data\()p Fd(data)6
-b Fm(\))208 4196 y Fr(Asso)r(ciate)39 b Fd(data)47 b
-Fr(with)40 b(this)g(Connection)g(ob)5 b(ject.)73 b Fd(data)47
-b Fr(can)39 b(b)r(e)i(retriev)n(ed)d(later)h(using)h(the)g
-Fm(get_app_data)208 4295 y Fr(metho)r(d.)0 4442 y Fm(set_connect_stat)o
-(e\()o(\))208 4542 y Fr(Set)21 b(the)g(connection)g(to)g(w)n(ork)e(in)i
+(y)i(read/write.)0 4096 y Fl(set_app_data\()p Fc(data)6
+b Fl(\))208 4196 y Fq(Asso)r(ciate)39 b Fc(data)47 b
+Fq(with)40 b(this)g(Connection)g(ob)5 b(ject.)73 b Fc(data)47
+b Fq(can)39 b(b)r(e)i(retriev)n(ed)d(later)h(using)h(the)g
+Fl(get_app_data)208 4295 y Fq(metho)r(d.)0 4442 y Fl(set_connect_stat)o
+(e\()o(\))208 4542 y Fq(Set)21 b(the)g(connection)g(to)g(w)n(ork)e(in)i
(clien)n(t)g(mo)r(de.)35 b(The)21 b(handshak)n(e)f(will)h(b)r(e)g
(handled)g(automatically)f(b)n(y)h(read/write.)0 4689
-y Fm(setblocking\()p Fd(\035ag)7 b Fm(\))208 4788 y Fr(Call)27
-b(the)h Fm(setblocking)23 b Fr(metho)r(d)28 b(of)f(the)h(underlying)f
-(so)r(c)n(k)n(et.)0 4935 y Fm(setsockopt\()p Fd(level,)f(optname,)31
-b(value)6 b Fm(\))208 5035 y Fr(Call)27 b(the)h Fm(setsockopt)23
-b Fr(metho)r(d)28 b(of)g(the)g(underlying)f(so)r(c)n(k)n(et.)0
-5182 y Fm(shutdown\(\))208 5281 y Fr(Send)35 b(the)h(sh)n(utdo)n(wn)f
+y Fl(setblocking\()p Fc(\035ag)7 b Fl(\))208 4788 y Fq(Call)27
+b(the)h Fl(setblocking)23 b Fq(metho)r(d)28 b(of)f(the)h(underlying)f
+(so)r(c)n(k)n(et.)0 4935 y Fl(setsockopt\()p Fc(level,)f(optname,)31
+b(value)6 b Fl(\))208 5035 y Fq(Call)27 b(the)h Fl(setsockopt)23
+b Fq(metho)r(d)28 b(of)g(the)g(underlying)f(so)r(c)n(k)n(et.)0
+5182 y Fl(shutdown\(\))208 5281 y Fq(Send)35 b(the)h(sh)n(utdo)n(wn)f
(message)f(to)h(the)h(Connection.)60 b(Returns)35 b(true)g(if)h(the)g
(sh)n(utdo)n(wn)e(message)g(exc)n(hange)g(is)208 5381
y(completed)25 b(and)g(false)h(otherwise)e(\(in)i(whic)n(h)g(case)e(y)n
-(ou)h(call)g Fm(recv\(\))e Fr(or)i Fm(send\(\))e Fr(when)j(the)g
-(connection)f(b)r(ecomes)p 0 5549 3901 4 v 0 5649 a Fg(3.3)82
-b Fm(SSL)26 b Fg(\026)i(An)g(interface)g(to)f(the)g(SSL-sp)r(eci\034c)h
+(ou)h(call)g Fl(recv\(\))e Fq(or)i Fl(send\(\))e Fq(when)j(the)g
+(connection)f(b)r(ecomes)p 0 5549 3901 4 v 0 5649 a Ff(3.3)82
+b Fl(SSL)26 b Ff(\026)i(An)g(interface)g(to)f(the)g(SSL-sp)r(eci\034c)h
(pa)n(rts)f(of)h(Op)r(enSSL)1611 b(13)p eop end
%%Page: 14 14
-TeXDict begin 14 13 bop 208 83 a Fr(readable/writeable.)0
-230 y Fm(get_shutdown\(\))208 330 y Fr(Get)70 b(the)g(sh)n(utdo)n(wn)f
+TeXDict begin 14 13 bop 208 83 a Fq(readable/writeable.)0
+230 y Fl(get_shutdown\(\))208 330 y Fq(Get)70 b(the)g(sh)n(utdo)n(wn)f
(state)g(of)h(the)g(Connection.)162 b(Returns)69 b(a)h(bitv)n(ector)e
-(of)i(either)f(or)g(b)r(oth)h(of)208 429 y Fd(SENT_SHUTDO)n(WN)39
-b Fr(and)27 b Fd(RECEIVED_SHUTDO)n(WN)14 b Fr(.)0 576
-y Fm(set_shutdown\()p Fd(state)6 b Fm(\))208 676 y Fr(Set)21
+(of)i(either)f(or)g(b)r(oth)h(of)208 429 y Fc(SENT_SHUTDO)n(WN)39
+b Fq(and)27 b Fc(RECEIVED_SHUTDO)n(WN)14 b Fq(.)0 576
+y Fl(set_shutdown\()p Fc(state)6 b Fl(\))208 676 y Fq(Set)21
b(the)g(sh)n(utdo)n(wn)g(state)g(of)g(the)g(Connection.)34
-b Fd(state)27 b Fr(is)21 b(a)g(bitv)n(ector)f(of)h(either)g(or)f(b)r
-(oth)i(of)27 b Fd(SENT_SHUTDO)n(WN)208 775 y Fr(and)g
-Fd(RECEIVED_SHUTDO)n(WN)14 b Fr(.)0 922 y Fm(sock_shutdown\()p
-Fd(how)9 b Fm(\))208 1022 y Fr(Call)27 b(the)h Fm(shutdown)c
-Fr(metho)r(d)k(of)g(the)g(underlying)e(so)r(c)n(k)n(et.)0
-1169 y Fm(state_string\(\))208 1268 y Fr(Retriev)n(e)g(a)i(v)n(erb)r
+b Fc(state)27 b Fq(is)21 b(a)g(bitv)n(ector)f(of)h(either)g(or)f(b)r
+(oth)i(of)27 b Fc(SENT_SHUTDO)n(WN)208 775 y Fq(and)g
+Fc(RECEIVED_SHUTDO)n(WN)14 b Fq(.)0 922 y Fl(sock_shutdown\()p
+Fc(how)9 b Fl(\))208 1022 y Fq(Call)27 b(the)h Fl(shutdown)c
+Fq(metho)r(d)k(of)g(the)g(underlying)e(so)r(c)n(k)n(et.)0
+1169 y Fl(state_string\(\))208 1268 y Fq(Retriev)n(e)g(a)i(v)n(erb)r
(ose)e(string)g(detailing)i(the)g(state)f(of)h(the)f(Connection.)0
-1415 y Fm(want_read\(\))208 1515 y Fr(Chec)n(ks)f(if)i(more)f(data)g
+1415 y Fl(want_read\(\))208 1515 y Fq(Chec)n(ks)f(if)i(more)f(data)g
(has)g(to)h(b)r(e)g(read)e(from)i(the)f(transp)r(ort)g(la)n(y)n(er)f
-(to)h(complete)h(an)f(op)r(eration.)0 1662 y Fm(want_write\(\))208
-1761 y Fr(Chec)n(ks)f(if)i(there)g(is)f(data)g(to)h(write)f(to)g(the)h
+(to)h(complete)h(an)f(op)r(eration.)0 1662 y Fl(want_write\(\))208
+1761 y Fq(Chec)n(ks)f(if)i(there)g(is)f(data)g(to)h(write)f(to)g(the)h
(transp)r(ort)f(la)n(y)n(er)f(to)h(complete)h(an)f(op)r(eration.)0
-2083 y Fs(4)114 b(Internals)0 2312 y Fr(W)-7 b(e)25 b(ran)g(in)n(to)f
+2081 y Fr(4)114 b(Internals)0 2310 y Fq(W)-7 b(e)25 b(ran)g(in)n(to)f
(three)h(main)g(problems)f(dev)n(eloping)g(this:)36 b(Exceptions,)25
b(callbac)n(ks)f(and)h(accessing)e(so)r(c)n(k)n(et)h(metho)r(ds.)36
-b(This)0 2412 y(is)27 b(what)h(this)g(c)n(hapter)e(is)i(ab)r(out.)0
-2691 y Fk(4.1)97 b(Exceptions)0 2892 y Fr(W)-7 b(e)52
+b(This)0 2410 y(is)27 b(what)h(this)g(c)n(hapter)e(is)i(ab)r(out.)0
+2687 y Fj(4.1)97 b(Exceptions)0 2887 y Fq(W)-7 b(e)52
b(realized)f(early)g(that)h(most)g(of)g(the)g(exceptions)f(w)n(ould)h
(b)r(e)g(raised)f(b)n(y)h(the)g(I/O)f(functions)h(of)g(Op)r(enSSL,)0
-2991 y(so)d(it)i(felt)f(natural)f(to)h(mimic)g(Op)r(enSSL's)g(error)e
+2987 y(so)d(it)i(felt)f(natural)f(to)h(mimic)g(Op)r(enSSL's)g(error)e
(co)r(de)i(system,)55 b(translating)48 b(them)j(in)n(to)e(Python)i
-(exceptions.)0 3091 y(This)30 b(naturally)e(giv)n(es)h(us)h(the)g
-(exceptions)f Fm(SSL.ZeroReturnEr)o(ro)o(r)p Fr(,)24
-b Fm(SSL.WantReadError)o Fr(,)h Fm(SSL.WantWriteEr)o(ro)o(r)p
-Fr(,)0 3191 y Fm(SSL.WantX509Look)o(up)o(Err)o(or)c Fr(and)27
-b Fm(SSL.SysCallError)p Fr(.)0 3338 y(F)-7 b(or)27 b(more)g
+(exceptions.)0 3087 y(This)30 b(naturally)e(giv)n(es)h(us)h(the)g
+(exceptions)f Fl(SSL.ZeroReturnEr)o(ro)o(r)p Fq(,)24
+b Fl(SSL.WantReadError)o Fq(,)h Fl(SSL.WantWriteEr)o(ro)o(r)p
+Fq(,)0 3186 y Fl(SSL.WantX509Look)o(up)o(Err)o(or)c Fq(and)27
+b Fl(SSL.SysCallError)p Fq(.)0 3333 y(F)-7 b(or)27 b(more)g
(information)g(ab)r(out)g(this,)h(see)f(section)g(3.3.)0
-3617 y Fk(4.2)97 b(Callbacks)0 3818 y Fr(There)34 b(are)f(a)h(n)n(um)n
+3611 y Fj(4.2)97 b(Callbacks)0 3811 y Fq(There)34 b(are)f(a)h(n)n(um)n
(b)r(er)g(of)h(problems)e(with)i(callbac)n(ks.)56 b(First)34
b(of)g(all,)i(Op)r(enSSL)f(is)f(written)h(as)e(a)h(C)h(library)-7
-b(,)34 b(it's)h(not)0 3917 y(mean)n(t)26 b(to)g(ha)n(v)n(e)e(Python)j
+b(,)34 b(it's)h(not)0 3911 y(mean)n(t)26 b(to)g(ha)n(v)n(e)e(Python)j
(callbac)n(ks,)d(so)i(a)f(w)n(a)n(y)g(around)g(that)h(is)g(needed.)36
b(Another)26 b(problem)f(is)h(thread)g(supp)r(ort.)36
-b(A)26 b(lot)0 4017 y(of)h(the)g(Op)r(enSSL)g(I/O)e(functions)i(can)g
+b(A)26 b(lot)0 4010 y(of)h(the)g(Op)r(enSSL)g(I/O)e(functions)i(can)g
(blo)r(c)n(k)f(if)h(the)g(so)r(c)n(k)n(et)f(is)g(in)h(blo)r(c)n(king)f
(mo)r(de,)h(and)g(then)g(y)n(ou)f(w)n(an)n(t)g(other)g(Python)0
-4117 y(threads)c(to)g(b)r(e)h(able)f(to)g(do)g(other)g(things.)35
-b(The)22 b(real)g(trouble)g(is)g(if)h(y)n(ou'v)n(e)e(released)g(the)h
-(thread)g(lo)r(c)n(k)g(to)g(do)g(a)g(p)r(oten)n(tially)0
-4216 y(blo)r(c)n(king)27 b(op)r(eration,)f(and)i(the)g(op)r(eration)e
-(calls)h(a)g(callbac)n(k.)35 b(Then)28 b(w)n(e)f(m)n(ust)h(tak)n(e)f
-(the)h(thread)f(lo)r(c)n(k)g(bac)n(k)3475 4186 y Fl(4)3511
-4216 y Fr(.)0 4363 y(There)d(are)f(t)n(w)n(o)g(solutions)h(to)g(the)h
-(\034rst)f(problem,)g(b)r(oth)h(of)f(whic)n(h)g(are)f(necessary)-7
+4110 y(threads)i(to)g(b)r(e)h(able)g(to)f(do)h(other)f(things.)40
+b(The)28 b(real)g(trouble)g(is)h(if)g(y)n(ou'v)n(e)e(released)h(the)h
+(global)e(CPython)i(in)n(terpreter)0 4210 y(lo)r(c)n(k)e(to)h(do)f(a)h
+(p)r(oten)n(tially)f(blo)r(c)n(king)g(op)r(eration,)g(and)h(the)g(op)r
+(eration)f(calls)g(a)g(callbac)n(k.)36 b(Then)28 b(w)n(e)g(m)n(ust)g
+(tak)n(e)f(the)h(GIL)0 4309 y(bac)n(k,)f(since)g(calling)g(Python)h
+(APIs)g(without)g(holding)f(it)h(is)g(not)f(allo)n(w)n(ed.)0
+4456 y(There)d(are)f(t)n(w)n(o)g(solutions)h(to)g(the)h(\034rst)f
+(problem,)g(b)r(oth)h(of)f(whic)n(h)g(are)f(necessary)-7
b(.)34 b(The)25 b(\034rst)f(solution)f(to)h(use)h(is)f(if)g(the)h(C)0
-4463 y(callbac)n(k)i(allo)n(ws)f(\021userdata\021)33
+4556 y(callbac)n(k)i(allo)n(ws)f(\021userdata\021)33
b(to)28 b(b)r(e)h(passed)e(to)h(it)g(\(an)g(arbitrary)e(p)r(oin)n(ter)i
(normally\).)37 b(This)28 b(is)g(great!)37 b(W)-7 b(e)28
-b(can)g(set)g(our)0 4562 y(Python)i(function)g(ob)5 b(ject)29
+b(can)g(set)g(our)0 4655 y(Python)i(function)g(ob)5 b(ject)29
b(as)f(the)i(real)f(userdata)f(and)h(em)n(ulate)g(userdata)f(for)h(the)
h(Python)f(function)h(in)g(another)e(w)n(a)n(y)-7 b(.)0
-4662 y(The)24 b(other)g(solution)g(can)g(b)r(e)h(used)g(if)g(an)f(ob)5
+4755 y(The)24 b(other)g(solution)g(can)g(b)r(e)h(used)g(if)g(an)f(ob)5
b(ject)24 b(with)h(an)f(\021app_data\021)29 b(system)c(alw)n(a)n(ys)d
(is)j(passed)e(to)h(the)h(callbac)n(k.)35 b(F)-7 b(or)0
-4762 y(example,)26 b(the)h(SSL)f(ob)5 b(ject)26 b(in)h(Op)r(enSSL)f
+4855 y(example,)26 b(the)h(SSL)f(ob)5 b(ject)26 b(in)h(Op)r(enSSL)f
(has)g(app_data)f(functions)i(and)f(in)h(e.g.)36 b(the)26
b(v)n(eri\034cation)f(callbac)n(ks,)g(y)n(ou)g(can)0
-4861 y(retriev)n(e)i(the)i(related)f(SSL)h(ob)5 b(ject.)39
+4954 y(retriev)n(e)i(the)i(related)f(SSL)h(ob)5 b(ject.)39
b(What)29 b(w)n(e)g(do)f(is)g(to)h(set)f(our)g(wrapp)r(er)g
-Fm(Connection)c Fr(ob)5 b(ject)28 b(as)g(app_data)g(for)g(the)0
-4961 y(SSL)g(ob)5 b(ject,)27 b(and)h(w)n(e)f(can)g(easily)g(\034nd)h
-(the)g(Python)g(callbac)n(k.)0 5108 y(The)42 b(other)g(problem)g(is)g
-(also)f(partially)h(solv)n(ed)f(b)n(y)h(app_data.)80
-b(Since)43 b(w)n(e're)e(asso)r(ciating)g(our)g(wrapp)r(er)h(ob)5
-b(jects)0 5207 y(with)44 b(the)f(\021real\021)49 b(ob)5
-b(jects,)46 b(w)n(e)d(can)g(easily)f(access)g(data)g(from)h(the)h
-Fm(Connection)39 b Fr(ob)5 b(ject.)83 b(The)43 b(solution)g(then)g(is)p
-0 5277 1560 4 v 92 5330 a Fi(4)127 5354 y Fh(I'm)22 b(not)j(sure)f(wh)n
-(y)g(this)g(is)f(necessary)-6 b(,)25 b(but)f(otherwise)h(I)f(get)h(a)e
-(segmen)n(tation)i(violation)f(on)g Fa(PyEval_CallObject)p
-0 5549 3901 4 v 0 5649 a Fg(14)3368 b(4)83 b(Internals)p
-eop end
+Fl(Connection)c Fq(ob)5 b(ject)28 b(as)g(app_data)g(for)g(the)0
+5054 y(SSL)g(ob)5 b(ject,)27 b(and)h(w)n(e)f(can)g(easily)g(\034nd)h
+(the)g(Python)g(callbac)n(k.)0 5201 y(The)23 b(other)g(problem)g(is)g
+(solv)n(ed)f(using)h(thread)g(lo)r(cal)g(v)-5 b(ariables.)34
+b(Whenev)n(er)22 b(the)i(GIL)g(is)f(released)f(b)r(efore)h(calling)f
+(in)n(to)h(an)0 5300 y(Op)r(enSSL)j(API,)g(the)g(PyThreadState)f(p)r
+(oin)n(ter)g(returned)g(b)n(y)h Fl(PyEval_SaveState)19
+b Fq(is)25 b(stored)g(in)g(a)g(global)g(thread)g(lo)r(cal)0
+5400 y(v)-5 b(ariable)27 b(\(using)g(Python's)h(o)n(wn)f(TLS)h(API,)g
+Fl(PyThread_set_key_)o(va)o(lue)o Fq(\).)k(When)c(it)g(is)g(necessary)e
+(to)h(re-acquire)f(the)p 0 5549 3901 4 v 0 5649 a Ff(14)3368
+b(4)83 b(Internals)p eop end
%%Page: 15 15
-TeXDict begin 15 14 bop 0 83 a Fr(to)35 b(simply)h(include)g(a)f
-Fm(PyThreadState)c Fr(v)-5 b(ariable)34 b(in)i(the)g
-Fm(Connection)31 b Fr(declaration,)37 b(and)e(write)g(macros)f(similar)
-h(to)0 183 y Fm(Py_BEGIN_ALLOW_T)o(HR)o(EAD)o(S)26 b
-Fr(and)33 b Fm(Py_END_ALLOW_TH)o(REA)o(DS)26 b Fr(that)33
-b(allo)n(ws)e(sp)r(ecifying)h(of)h(the)g Fm(PyThreadState)27
-b Fr(v)-5 b(ari-)0 282 y(able)23 b(to)g(use.)35 b(No)n(w)23
-b(w)n(e)g(can)g(simply)g(\021b)r(egin)g(allo)n(w)f(threads\021)29
-b(b)r(efore)23 b(a)g(p)r(oten)n(tially)g(blo)r(c)n(king)f(op)r
-(eration,)h(and)g(\021end)g(allo)n(w)0 382 y(threads\021)33
-b(b)r(efore)28 b(calling)e(a)i(callbac)n(k.)0 662 y Fk(4.3)97
-b(A)m(cessing)35 b(So)s(ck)m(et)e(Metho)s(ds)0 862 y
-Fr(W)-7 b(e)27 b(quic)n(kly)e(sa)n(w)h(the)g(b)r(ene\034t)h(of)g
-(wrapping)e(so)r(c)n(k)n(et)g(metho)r(ds)h(in)h(the)g
-Fm(SSL.Connection)20 b Fr(class,)26 b(for)g(an)g(easy)f(transition)0
-962 y(in)n(to)e(using)f(SSL.)h(The)g(problem)f(here)h(is)f(that)h(the)h
-Fm(socket)c Fr(mo)r(dule)j(lac)n(ks)f(a)g(C)h(API,)h(and)e(all)h(the)g
-(metho)r(ds)g(are)f(declared)0 1061 y(static.)36 b(One)27
-b(approac)n(h)d(w)n(ould)i(b)r(e)h(to)f(ha)n(v)n(e)g
-Fm(OpenSSL)d Fr(as)j(a)g(submo)r(dule)h(to)f(the)h Fm(socket)d
-Fr(mo)r(dule,)j(placing)f(all)g(the)h(co)r(de)0 1161
-y(in)j(`)p Fq(so)r(ck)n(etmo)r(dule.c)p Fr(',)h(but)f(this)g(is)g(ob)n
-(viously)e(not)i(a)f(go)r(o)r(d)g(solution,)h(since)g(y)n(ou)f(migh)n
-(t)g(not)h(w)n(an)n(t)f(to)h(imp)r(ort)g(tonnes)f(of)0
-1261 y(extra)f(stu\033)h(y)n(ou're)e(not)i(going)e(to)i(use)f(when)h
-(imp)r(orting)f(the)i Fm(socket)c Fr(mo)r(dule.)40 b(The)29
-b(other)f(approac)n(h)e(is)j(to)f(someho)n(w)0 1360 y(get)33
+TeXDict begin 15 14 bop 0 83 a Fq(GIL,)22 b(either)g(after)g(the)h(Op)r
+(enSSL)f(API)h(returns)e(or)h(in)g(a)g(C)g(callbac)n(k)f(in)n(v)n(ok)n
+(ed)f(b)n(y)i(that)h(Op)r(enSSL)f(API,)h(the)g(v)-5 b(alue)22
+b(of)g(the)0 183 y(thread)32 b(lo)r(cal)f(v)-5 b(ariable)32
+b(is)g(retriev)n(ed)f(\()p Fl(PyThread_get_key)o(_va)o(lu)o(e)p
+Fq(\))26 b(and)33 b(used)f(to)g(re-acquire)e(the)j(GIL.)f(This)h(allo)n
+(ws)0 282 y(Python)f(threads)e(to)h(execute)h(while)f(Op)r(enSSL)g
+(APIs)h(are)f(running)f(and)i(allo)n(ws)e(use)h(of)g(an)n(y)f
+(particular)g(p)n(yOp)r(enSSL)0 382 y(ob)5 b(ject)29
+b(from)f(an)n(y)g(Python)i(thread,)e(since)h(there)g(is)g(no)f(p)r
+(er-thread)g(state)h(asso)r(ciated)f(with)h(an)n(y)f(of)h(these)g(ob)5
+b(jects)28 b(and)0 482 y(since)f(Op)r(enSSL)h(is)g(threadsafe)e(\(as)h
+(long)g(as)g(prop)r(erly)g(initialized,)g(as)g(p)n(yOp)r(enSSL)h
+(initializes)f(it\).)0 761 y Fj(4.3)97 b(A)m(cessing)35
+b(So)s(ck)m(et)e(Metho)s(ds)0 962 y Fq(W)-7 b(e)27 b(quic)n(kly)e(sa)n
+(w)h(the)g(b)r(ene\034t)h(of)g(wrapping)e(so)r(c)n(k)n(et)g(metho)r(ds)
+h(in)h(the)g Fl(SSL.Connection)20 b Fq(class,)26 b(for)g(an)g(easy)f
+(transition)0 1061 y(in)n(to)e(using)f(SSL.)h(The)g(problem)f(here)h
+(is)f(that)h(the)h Fl(socket)c Fq(mo)r(dule)j(lac)n(ks)f(a)g(C)h(API,)h
+(and)e(all)h(the)g(metho)r(ds)g(are)f(declared)0 1161
+y(static.)36 b(One)27 b(approac)n(h)d(w)n(ould)i(b)r(e)h(to)f(ha)n(v)n
+(e)g Fl(OpenSSL)d Fq(as)j(a)g(submo)r(dule)h(to)f(the)h
+Fl(socket)d Fq(mo)r(dule,)j(placing)f(all)g(the)h(co)r(de)0
+1261 y(in)j(`)p Fp(so)r(ck)n(etmo)r(dule.c)p Fq(',)h(but)f(this)g(is)g
+(ob)n(viously)e(not)i(a)f(go)r(o)r(d)g(solution,)h(since)g(y)n(ou)f
+(migh)n(t)g(not)h(w)n(an)n(t)f(to)h(imp)r(ort)g(tonnes)f(of)0
+1360 y(extra)f(stu\033)h(y)n(ou're)e(not)i(going)e(to)i(use)f(when)h
+(imp)r(orting)f(the)i Fl(socket)c Fq(mo)r(dule.)40 b(The)29
+b(other)f(approac)n(h)e(is)j(to)f(someho)n(w)0 1460 y(get)33
b(a)g(p)r(oin)n(ter)g(to)h(the)f(metho)r(d)h(to)g(b)r(e)f(called,)i
(either)e(the)h(C)g(function,)h(or)e(a)g(callable)f(Python)i(ob)5
-b(ject.)54 b(This)34 b(is)f(not)0 1460 y(really)26 b(a)i(go)r(o)r(d)f
+b(ject.)54 b(This)34 b(is)f(not)0 1559 y(really)26 b(a)i(go)r(o)r(d)f
(solution)g(either,)g(since)g(there's)h(a)f(lot)g(of)h(lo)r(okups)f(in)
-n(v)n(olv)n(ed.)0 1607 y(The)h(w)n(a)n(y)f(it)h(w)n(orks)e(is)i(that)h
-(y)n(ou)e(ha)n(v)n(e)g(to)g(supply)h(a)g(\020)7 b Fm(socket)p
-Fr(-lik)n(e\021)31 b(transp)r(ort)c(ob)5 b(ject)28 b(to)f(the)i
-Fm(SSL.Connection)p Fr(.)j(The)0 1706 y(only)24 b(requiremen)n(t)f(of)i
-(this)f(ob)5 b(ject)24 b(is)h(that)f(it)h(has)f(a)g Fm(fileno\(\))d
-Fr(metho)r(d)k(that)f(returns)g(a)g(\034le)g(descriptor)f(that's)i(v)-5
-b(alid)24 b(at)0 1806 y(the)g(C)g(lev)n(el)f(\(i.e.)36
+n(v)n(olv)n(ed.)0 1706 y(The)h(w)n(a)n(y)f(it)h(w)n(orks)e(is)i(that)h
+(y)n(ou)e(ha)n(v)n(e)g(to)g(supply)h(a)g(\020)7 b Fl(socket)p
+Fq(-lik)n(e\021)31 b(transp)r(ort)c(ob)5 b(ject)28 b(to)f(the)i
+Fl(SSL.Connection)p Fq(.)j(The)0 1806 y(only)24 b(requiremen)n(t)f(of)i
+(this)f(ob)5 b(ject)24 b(is)h(that)f(it)h(has)f(a)g Fl(fileno\(\))d
+Fq(metho)r(d)k(that)f(returns)g(a)g(\034le)g(descriptor)f(that's)i(v)-5
+b(alid)24 b(at)0 1906 y(the)g(C)g(lev)n(el)f(\(i.e.)36
b(y)n(ou)23 b(can)h(use)f(the)i(system)e(calls)g(read)g(and)h(write\).)
-35 b(If)25 b(y)n(ou)e(w)n(an)n(t)g(to)h(use)f(the)h Fm(connect\(\))c
-Fr(or)j Fm(accept\(\))0 1906 y Fr(metho)r(ds)29 b(of)h(the)f
-Fm(SSL.Connection)24 b Fr(ob)5 b(ject,)29 b(the)h(transp)r(ort)e(ob)5
+35 b(If)25 b(y)n(ou)e(w)n(an)n(t)g(to)h(use)f(the)h Fl(connect\(\))c
+Fq(or)j Fl(accept\(\))0 2005 y Fq(metho)r(ds)29 b(of)h(the)f
+Fl(SSL.Connection)24 b Fq(ob)5 b(ject,)29 b(the)h(transp)r(ort)e(ob)5
b(ject)29 b(has)f(to)h(supply)h(suc)n(h)f(metho)r(ds)g(to)r(o.)41
-b(Apart)29 b(from)0 2005 y(them,)c(an)n(y)e(metho)r(d)h(lo)r(okups)f
-(in)h(the)f Fm(SSL.Connection)18 b Fr(ob)5 b(ject)24
+b(Apart)29 b(from)0 2105 y(them,)c(an)n(y)e(metho)r(d)h(lo)r(okups)f
+(in)h(the)f Fl(SSL.Connection)18 b Fq(ob)5 b(ject)24
b(that)f(fail)h(are)f(passed)f(on)i(to)f(the)h(underlying)f(transp)r
-(ort)0 2105 y(ob)5 b(ject.)0 2252 y(F)-7 b(uture)25 b(c)n(hanges)f
+(ort)0 2204 y(ob)5 b(ject.)0 2351 y(F)-7 b(uture)25 b(c)n(hanges)f
(migh)n(t)h(b)r(e)g(to)g(allo)n(w)f(Python-lev)n(el)g(transp)r(ort)g
(ob)5 b(jects,)25 b(that)g(instead)g(of)g(ha)n(ving)g
-Fm(fileno\(\))d Fr(metho)r(ds,)0 2351 y(ha)n(v)n(e)h
-Fm(read\(\))g Fr(and)h Fm(write\(\))e Fr(metho)r(ds,)k(so)e(more)f(adv)
+Fl(fileno\(\))d Fq(metho)r(ds,)0 2451 y(ha)n(v)n(e)h
+Fl(read\(\))g Fq(and)h Fl(write\(\))e Fq(metho)r(ds,)k(so)e(more)f(adv)
-5 b(anced)24 b(features)h(of)f(Python)h(can)g(b)r(e)g(used.)35
-b(This)25 b(w)n(ould)f(probably)0 2451 y(en)n(tail)36
+b(This)25 b(w)n(ould)f(probably)0 2551 y(en)n(tail)36
b(some)g(sort)g(of)g(Op)r(enSSL)h(\020BIOs\021,)g(but)g(con)n(v)n
(erting)e(Python)i(strings)e(bac)n(k)h(and)g(forth)g(is)h(exp)r(ensiv)n
-(e,)h(so)e(this)0 2551 y(shouldn't)f(b)r(e)h(used)f(unless)g(necessary)
+(e,)h(so)e(this)0 2650 y(shouldn't)f(b)r(e)h(used)f(unless)g(necessary)
-7 b(.)57 b(Other)35 b(nice)g(things)g(w)n(ould)g(b)r(e)g(to)g(b)r(e)h
(able)e(to)h(pass)g(in)g(di\033eren)n(t)g(transp)r(ort)0
-2650 y(ob)5 b(jects)41 b(for)g(reading)f(and)h(writing,)j(but)e(then)g
-(the)g Fm(fileno\(\))c Fr(metho)r(d)k(of)47 b Fm(SSL.Connection)36
-b Fr(b)r(ecomes)41 b(virtually)0 2750 y(useless.)36 b(Also,)27
+2750 y(ob)5 b(jects)41 b(for)g(reading)f(and)h(writing,)j(but)e(then)g
+(the)g Fl(fileno\(\))c Fq(metho)r(d)k(of)47 b Fl(SSL.Connection)36
+b Fq(b)r(ecomes)41 b(virtually)0 2849 y(useless.)36 b(Also,)27
b(should)h(the)g(metho)r(d)g(resolution)e(b)r(e)i(used)g(on)f(the)h
(read-transp)r(ort)d(or)i(the)h(write-transp)r(ort?)p
-0 5549 3901 4 v 0 5649 a Fg(4.3)82 b(A)n(cessing)26 b(So)r(ck)n(et)h
+0 5549 3901 4 v 0 5649 a Ff(4.3)82 b(A)n(cessing)26 b(So)r(ck)n(et)h
(Metho)r(ds)2744 b(15)p eop end
%%Trailer
diff --git a/doc/pyOpenSSL.tex b/doc/pyOpenSSL.tex
index 907405f..30f1543 100644
--- a/doc/pyOpenSSL.tex
+++ b/doc/pyOpenSSL.tex
@@ -1050,10 +1050,9 @@
is needed. Another problem is thread support. A lot of the OpenSSL I/O
functions can block if the socket is in blocking mode, and then you want other
Python threads to be able to do other things. The real trouble is if you've
-released the thread lock to do a potentially blocking operation, and the
-operation calls a callback. Then we must take the thread lock back\footnote{I'm
-not sure why this is necessary, but otherwise I get a segmentation violation on
-\cfunction{PyEval_CallObject}}.
+released the global CPython interpreter lock to do a potentially blocking
+operation, and the operation calls a callback. Then we must take the GIL back,
+since calling Python APIs without holding it is not allowed.
There are two solutions to the first problem, both of which are necessary. The
first solution to use is if the C callback allows ''userdata'' to be passed to
@@ -1066,15 +1065,17 @@
wrapper \class{Connection} object as app_data for the SSL object, and we can
easily find the Python callback.
-The other problem is also partially solved by app_data. Since we're associating
-our wrapper objects with the ''real'' objects, we can easily access data from
-the \class{Connection} object. The solution then is to simply include a
-\ctype{PyThreadState} variable in the \class{Connection} declaration, and write
-macros similar to \cfunction{Py_BEGIN_ALLOW_THREADS} and
-\cfunction{Py_END_ALLOW_THREADS} that allows specifying of the
-\ctype{PyThreadState} variable to use. Now we can simply ''begin allow
-threads'' before a potentially blocking operation, and ''end allow threads''
-before calling a callback.
+The other problem is solved using thread local variables. Whenever the GIL is
+released before calling into an OpenSSL API, the PyThreadState pointer returned
+by \cfunction{PyEval_SaveState} is stored in a global thread local variable
+(using Python's own TLS API, \cfunction{PyThread_set_key_value}). When it is
+necessary to re-acquire the GIL, either after the OpenSSL API returns or in a C
+callback invoked by that OpenSSL API, the value of the thread local variable is
+retrieved (\cfunction{PyThread_get_key_value}) and used to re-acquire the GIL.
+This allows Python threads to execute while OpenSSL APIs are running and allows
+use of any particular pyOpenSSL object from any Python thread, since there is
+no per-thread state associated with any of these objects and since OpenSSL is
+threadsafe (as long as properly initialized, as pyOpenSSL initializes it).
\subsection{Acessing Socket Methods \label{socket-methods}}
diff --git a/doc/pyOpenSSL.txt b/doc/pyOpenSSL.txt
index 28e20d1..b153f59 100644
--- a/doc/pyOpenSSL.txt
+++ b/doc/pyOpenSSL.txt
@@ -912,9 +912,10 @@
way around that is needed. Another problem is thread support. A lot of
the OpenSSL I/O functions can block if the socket is in blocking mode,
and then you want other Python threads to be able to do other things.
- The real trouble is if you've released the thread lock to do a
- potentially blocking operation, and the operation calls a callback.
- Then we must take the thread lock back^4.
+ The real trouble is if you've released the global CPython interpreter
+ lock to do a potentially blocking operation, and the operation calls a
+ callback. Then we must take the GIL back, since calling Python APIs
+ without holding it is not allowed.
There are two solutions to the first problem, both of which are
necessary. The first solution to use is if the C callback allows
@@ -928,15 +929,18 @@
Connection object as app_data for the SSL object, and we can easily
find the Python callback.
- The other problem is also partially solved by app_data. Since we're
- associating our wrapper objects with the ''real'' objects, we can
- easily access data from the Connection object. The solution then is to
- simply include a PyThreadState variable in the Connection declaration,
- and write macros similar to Py_BEGIN_ALLOW_THREADS and
- Py_END_ALLOW_THREADS that allows specifying of the PyThreadState
- variable to use. Now we can simply ''begin allow threads'' before a
- potentially blocking operation, and ''end allow threads'' before
- calling a callback.
+ The other problem is solved using thread local variables. Whenever the
+ GIL is released before calling into an OpenSSL API, the PyThreadState
+ pointer returned by PyEval_SaveState is stored in a global thread local
+ variable (using Python's own TLS API, PyThread_set_key_value). When it
+ is necessary to re-acquire the GIL, either after the OpenSSL API
+ returns or in a C callback invoked by that OpenSSL API, the value of
+ the thread local variable is retrieved (PyThread_get_key_value) and
+ used to re-acquire the GIL. This allows Python threads to execute while
+ OpenSSL APIs are running and allows use of any particular pyOpenSSL
+ object from any Python thread, since there is no per-thread state
+ associated with any of these objects and since OpenSSL is threadsafe
+ (as long as properly initialized, as pyOpenSSL initializes it).
4.3 Acessing Socket Methods
@@ -1000,10 +1004,6 @@
Actually, all that is required is an object that behaves like a
socket, you could even use files, even though it'd be tricky to
get the handshakes right!
-
- ... back^4
- I'm not sure why this is necessary, but otherwise I get a
- segmentation violation on PyEval_CallObject
__________________________________________________________________
Python OpenSSL Manual
diff --git a/leakcheck/context-verify-callback.py b/leakcheck/context-verify-callback.py
new file mode 100644
index 0000000..5e49d7a
--- /dev/null
+++ b/leakcheck/context-verify-callback.py
@@ -0,0 +1,98 @@
+# Copyright (C) Jean-Paul Calderone 2008, All rights reserved
+#
+# Stress tester for thread-related bugs in global_verify_callback in
+# src/ssl/context.c. This will reliably segfault if context.c isn't a
+# PyThreadState management technique which is compatible with the approach used
+# by ssl.c.
+
+
+from itertools import count
+from threading import Thread
+from socket import socket
+
+from OpenSSL.SSL import Context, TLSv1_METHOD, VERIFY_PEER, Connection, WantReadError
+from OpenSSL.crypto import FILETYPE_PEM, load_certificate, load_privatekey
+
+cleartextPrivateKeyPEM = (
+ "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIICXAIBAAKBgQDaemNe1syksAbFFpF3aoOrZ18vB/IQNZrAjFqXPv9iieJm7+Tc\n"
+ "g+lA/v0qmoEKrpT2xfwxXmvZwBNM4ZhyRC3DPIFEyJV7/3IA1p5iuMY/GJI1VIgn\n"
+ "aikQCnrsyxtaRpsMBeZRniaVzcUJ+XnEdFGEjlo+k0xlwfVclDEMwgpXAQIDAQAB\n"
+ "AoGBALi0a7pMQqqgnriVAdpBVJveQtxSDVWi2/gZMKVZfzNheuSnv4amhtaKPKJ+\n"
+ "CMZtHkcazsE2IFvxRN/kgato9H3gJqq8nq2CkdpdLNVKBoxiCtkLfutdY4SQLtoY\n"
+ "USN7exk131pchsAJXYlR6mCW+ZP+E523cNwpPgsyKxVbmXSBAkEA9470fy2W0jFM\n"
+ "taZFslpntKSzbvn6JmdtjtvWrM1bBaeeqFiGBuQFYg46VaCUaeRWYw02jmYAsDYh\n"
+ "ZQavmXThaQJBAOHtlAQ0IJJEiMZr6vtVPH32fmbthSv1AUSYPzKqdlQrUnOXPQXu\n"
+ "z70cFoLG1TvPF5rBxbOkbQ/s8/ka5ZjPfdkCQCeC7YsO36+UpsWnUCBzRXITh4AC\n"
+ "7eYLQ/U1KUJTVF/GrQ/5cQrQgftwgecAxi9Qfmk4xqhbp2h4e0QAmS5I9WECQH02\n"
+ "0QwrX8nxFeTytr8pFGezj4a4KVCdb2B3CL+p3f70K7RIo9d/7b6frJI6ZL/LHQf2\n"
+ "UP4pKRDkgKsVDx7MELECQGm072/Z7vmb03h/uE95IYJOgY4nfmYs0QKA9Is18wUz\n"
+ "DpjfE33p0Ha6GO1VZRIQoqE24F8o5oimy3BEjryFuw4=\n"
+ "-----END RSA PRIVATE KEY-----\n")
+
+
+cleartextCertificatePEM = (
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICfTCCAeYCAQEwDQYJKoZIhvcNAQEEBQAwgYYxCzAJBgNVBAYTAlVTMRkwFwYD\n"
+ "VQQDExBweW9wZW5zc2wuc2YubmV0MREwDwYDVQQHEwhOZXcgWW9yazESMBAGA1UE\n"
+ "ChMJUHlPcGVuU1NMMREwDwYDVQQIEwhOZXcgWW9yazEQMA4GCSqGSIb3DQEJARYB\n"
+ "IDEQMA4GA1UECxMHVGVzdGluZzAeFw0wODAzMjUxOTA0MTNaFw0wOTAzMjUxOTA0\n"
+ "MTNaMIGGMQswCQYDVQQGEwJVUzEZMBcGA1UEAxMQcHlvcGVuc3NsLnNmLm5ldDER\n"
+ "MA8GA1UEBxMITmV3IFlvcmsxEjAQBgNVBAoTCVB5T3BlblNTTDERMA8GA1UECBMI\n"
+ "TmV3IFlvcmsxEDAOBgkqhkiG9w0BCQEWASAxEDAOBgNVBAsTB1Rlc3RpbmcwgZ8w\n"
+ "DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANp6Y17WzKSwBsUWkXdqg6tnXy8H8hA1\n"
+ "msCMWpc+/2KJ4mbv5NyD6UD+/SqagQqulPbF/DFea9nAE0zhmHJELcM8gUTIlXv/\n"
+ "cgDWnmK4xj8YkjVUiCdqKRAKeuzLG1pGmwwF5lGeJpXNxQn5ecR0UYSOWj6TTGXB\n"
+ "9VyUMQzCClcBAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAmm0Vzvv1O91WLl2LnF2P\n"
+ "q55LJdOnJbCCXIgxLdoVmvYAz1ZJq1eGKgKWI5QLgxiSzJLEU7KK//aVfiZzoCd5\n"
+ "RipBiEEMEV4eAY317bHPwPP+4Bj9t0l8AsDLseC5vLRHgxrLEu3bn08DYx6imB5Q\n"
+ "UBj849/xpszEM7BhwKE0GiQ=\n"
+ "-----END CERTIFICATE-----\n")
+
+count = count()
+def go():
+ port = socket()
+ port.bind(('', 0))
+ port.listen(1)
+
+ called = []
+ def info(*args):
+ print count.next()
+ called.append(None)
+ return 1
+ context = Context(TLSv1_METHOD)
+ context.set_verify(VERIFY_PEER, info)
+ context.use_certificate(
+ load_certificate(FILETYPE_PEM, cleartextCertificatePEM))
+ context.use_privatekey(
+ load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM))
+
+ while 1:
+ client = socket()
+ client.setblocking(False)
+ client.connect_ex(port.getsockname())
+
+ clientSSL = Connection(context, client)
+ clientSSL.set_connect_state()
+
+ server, ignored = port.accept()
+ server.setblocking(False)
+
+ serverSSL = Connection(context, server)
+ serverSSL.set_accept_state()
+
+ del called[:]
+ while not called:
+ for ssl in clientSSL, serverSSL:
+ try:
+ ssl.send('foo')
+ except WantReadError, e:
+ pass
+
+
+threads = [Thread(target=go, args=()) for i in xrange(2)]
+for th in threads:
+ th.start()
+for th in threads:
+ th.join()
+
diff --git a/leakcheck/dhparam.pem b/leakcheck/dhparam.pem
new file mode 100644
index 0000000..9d33a4a
--- /dev/null
+++ b/leakcheck/dhparam.pem
@@ -0,0 +1,4 @@
+-----BEGIN DH PARAMETERS-----
+MEYCQQDM2LbvAjF5ahXHOUdDR09Vw/7kxjF/euWhNKBqUQQYT7FDSAMCCMq+Jhno
+BKxWEDhlxR1Q1VZ4H/NVTAGtWai7AgEC
+-----END DH PARAMETERS-----
diff --git a/leakcheck/thread-crash.py b/leakcheck/thread-crash.py
new file mode 100644
index 0000000..26048a5
--- /dev/null
+++ b/leakcheck/thread-crash.py
@@ -0,0 +1,70 @@
+# Copyright (C) Jean-Paul Calderone 2008, All rights reserved
+#
+# Stress tester for thread-related bugs in ssl_Connection_send and
+# ssl_Connection_recv in src/ssl/connection.c for usage of a single
+# Connection object simultaneously in multiple threads. In 0.7 and earlier,
+# this will somewhat reliably cause Python to abort with a "tstate mix-up"
+# almost immediately, due to the incorrect sharing between threads of the
+# `tstate` field of the connection object.
+
+
+from socket import socket
+from threading import Thread
+
+from OpenSSL.SSL import Connection, Context, TLSv1_METHOD
+
+def send(conn):
+ while 1:
+ for i in xrange(1024 * 32):
+ conn.send('x')
+ print 'Sent 32KB on', hex(id(conn))
+
+
+def recv(conn):
+ while 1:
+ for i in xrange(1024 * 64):
+ conn.recv(1)
+ print 'Received 64KB on', hex(id(conn))
+
+
+def main():
+ port = socket()
+ port.bind(('', 0))
+ port.listen(5)
+
+ client = socket()
+ client.setblocking(False)
+ client.connect_ex(port.getsockname())
+ client.setblocking(True)
+
+ server = port.accept()[0]
+
+ clientCtx = Context(TLSv1_METHOD)
+ clientCtx.set_cipher_list('ALL:ADH')
+ clientCtx.load_tmp_dh('dhparam.pem')
+
+ sslClient = Connection(clientCtx, client)
+ sslClient.set_connect_state()
+
+ serverCtx = Context(TLSv1_METHOD)
+ serverCtx.set_cipher_list('ALL:ADH')
+ serverCtx.load_tmp_dh('dhparam.pem')
+
+ sslServer = Connection(serverCtx, server)
+ sslServer.set_accept_state()
+
+ t1 = Thread(target=send, args=(sslClient,))
+ t2 = Thread(target=send, args=(sslServer,))
+ t3 = Thread(target=recv, args=(sslClient,))
+ t4 = Thread(target=recv, args=(sslServer,))
+
+ t1.start()
+ t2.start()
+ t3.start()
+ t4.start()
+ t1.join()
+ t2.join()
+ t3.join()
+ t4.join()
+
+main()
diff --git a/src/ssl/connection.h b/src/ssl/connection.h
index dedb73e..13f42f0 100644
--- a/src/ssl/connection.h
+++ b/src/ssl/connection.h
@@ -42,7 +42,7 @@
SSL *ssl;
ssl_ContextObj *context;
PyObject *socket;
- PyThreadState *tstate;
+ PyThreadState *tstate; /* This field is no longer used. */
PyObject *app_data;
} ssl_ConnectionObj;
diff --git a/src/ssl/context.c b/src/ssl/context.c
index 6497304..ed0eabe 100644
--- a/src/ssl/context.c
+++ b/src/ssl/context.c
@@ -162,9 +162,7 @@
ssl = (SSL *)X509_STORE_CTX_get_app_data(x509_ctx);
conn = (ssl_ConnectionObj *)SSL_get_app_data(ssl);
- use_thread_state = conn->tstate != NULL;
- if (use_thread_state)
- MY_END_ALLOW_THREADS(conn->tstate);
+ MY_END_ALLOW_THREADS(conn->tstate);
cert = crypto_X509_New(X509_STORE_CTX_get_current_cert(x509_ctx), 0);
errnum = X509_STORE_CTX_get_error(x509_ctx);
@@ -184,8 +182,7 @@
c_ret = 0;
}
- if (use_thread_state)
- MY_BEGIN_ALLOW_THREADS(conn->tstate);
+ MY_BEGIN_ALLOW_THREADS(conn->tstate);
return c_ret;
}
diff --git a/src/ssl/ssl.c b/src/ssl/ssl.c
index 7f58771..1f8cbcc 100644
--- a/src/ssl/ssl.c
+++ b/src/ssl/ssl.c
@@ -32,6 +32,8 @@
void **crypto_API;
+int _pyOpenSSL_tstate_key;
+
/* Exceptions defined by the SSL submodule */
PyObject *ssl_Error, /* Base class */
*ssl_ZeroReturnError, /* Used with SSL_get_error */
@@ -201,6 +203,13 @@
if (!init_ssl_connection(dict))
goto error;
-error:
+#ifdef WITH_THREAD
+ /*
+ * Initialize this module's threading support structures.
+ */
+ _pyOpenSSL_tstate_key = PyThread_create_key();
+#endif
+
+ error:
;
}
diff --git a/src/ssl/ssl.h b/src/ssl/ssl.h
index e8d3e93..9cf0186 100644
--- a/src/ssl/ssl.h
+++ b/src/ssl/ssl.h
@@ -14,6 +14,7 @@
#define PyOpenSSL_SSL_H_
#include <Python.h>
+#include <pythread.h>
#include "context.h"
#include "connection.h"
#include "../util.h"
@@ -45,6 +46,10 @@
#define ssl_API_pointers 2
+#ifdef WITH_THREAD
+extern int _pyOpenSSL_tstate_key;
+#endif /* WITH_THREAD */
+
#ifdef SSL_MODULE
extern ssl_Context_New_RETURN ssl_Context_New ssl_Context_New_PROTO;
diff --git a/src/util.h b/src/util.h
index 592660e..b95e75b 100644
--- a/src/util.h
+++ b/src/util.h
@@ -30,10 +30,21 @@
* WHERE to save the thread state.
*/
#ifdef WITH_THREAD
-# define MY_BEGIN_ALLOW_THREADS(st) \
- { st = PyEval_SaveThread(); }
-# define MY_END_ALLOW_THREADS(st) \
- { PyEval_RestoreThread(st); st = NULL; }
+
+/*
+ * Get the current Python threadstate and put it somewhere any code running
+ * in this thread can get it, if it needs to restore the threadstate to run
+ * some Python.
+ */
+# define MY_BEGIN_ALLOW_THREADS(ignored) \
+ PyThread_set_key_value(_pyOpenSSL_tstate_key, PyEval_SaveThread());
+
+/*
+ * Get the previous Python threadstate and restore it.
+ */
+# define MY_END_ALLOW_THREADS(ignored) \
+ PyEval_RestoreThread(PyThread_get_key_value(_pyOpenSSL_tstate_key));
+
#else
# define MY_BEGIN_ALLOW_THREADS(st)
# define MY_END_ALLOW_THREADS(st) { st = NULL; }
diff --git a/tsafe.py b/tsafe.py
index 2b5f1a2..ba7d2e6 100644
--- a/tsafe.py
+++ b/tsafe.py
@@ -8,6 +8,11 @@
class Connection:
def __init__(self, *args):
+ import warnings
+ warnings.warn(
+ "OpenSSL.SSL.Connection is thread-safe. "
+ "OpenSSL.tsafe.Connection is no longer necessary.",
+ stacklevel=2)
self._ssl_conn = apply(_ssl.Connection, args)
self._lock = _RLock()