regenerate the docs
diff --git a/doc/html/callbacks.html b/doc/html/callbacks.html
index 9a9aeaf..e0f8b03 100644
--- a/doc/html/callbacks.html
+++ b/doc/html/callbacks.html
@@ -56,7 +56,7 @@
Python threads to be able to do other things. The real trouble is if you've
released the thread lock to do a potentially blocking operation, and the
operation calls a callback. Then we must take the thread lock back<A NAME="tex2html5"
- HREF="#foot972"><SUP>4</SUP></A>.
+ HREF="#foot980"><SUP>4</SUP></A>.
<P>
There are two solutions to the first problem, both of which are necessary. The
@@ -84,7 +84,7 @@
<P>
<BR><HR><H4>Footnotes</H4>
<DL>
-<DT><A NAME="foot972">... back</A><A
+<DT><A NAME="foot980">... back</A><A
href="callbacks.html#tex2html5"><SUP>4</SUP></A></DT>
<DD>I'm
not sure why this is necessary, but otherwise I get a segmentation violation on
diff --git a/doc/html/intro.html b/doc/html/intro.html
index 9d2127b..b40a285 100644
--- a/doc/html/intro.html
+++ b/doc/html/intro.html
@@ -55,7 +55,7 @@
were also limited, though in different ways. Unfortunately, Python's standard
library SSL support has remained weak, although other packages (such as
M2Crypto<A NAME="tex2html1"
- HREF="#foot933"><SUP>1</SUP></A>)
+ HREF="#foot941"><SUP>1</SUP></A>)
have made great advances and now equal or exceed pyOpenSSL's functionality.
<P>
@@ -67,7 +67,7 @@
<P>
<BR><HR><H4>Footnotes</H4>
<DL>
-<DT><A NAME="foot933">...
+<DT><A NAME="foot941">...
M2Crypto</A><A
href="intro.html#tex2html1"><SUP>1</SUP></A></DT>
<DD>See <a class="url" href="http://chandlerproject.org/Projects/MeTooCrypto">http://chandlerproject.org/Projects/MeTooCrypto</a>
diff --git a/doc/html/openssl-connection.html b/doc/html/openssl-connection.html
index ad7bbdd..f6fa777 100644
--- a/doc/html/openssl-connection.html
+++ b/doc/html/openssl-connection.html
@@ -51,7 +51,7 @@
Connection objects have the following methods:
<P>
-<dl><dt><b><a name='l2h-145'><tt class='method'>accept</tt></a></b>()
+<dl><dt><b><a name='l2h-146'><tt class='method'>accept</tt></a></b>()
<dd>
Call the <tt class="method">accept</tt> method of the underlying socket and set up SSL on the
returned socket, using the Context object supplied to this Connection object at
@@ -61,20 +61,20 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-146'><tt class='method'>bind</tt></a></b>(<var>address</var>)
+<dl><dt><b><a name='l2h-147'><tt class='method'>bind</tt></a></b>(<var>address</var>)
<dd>
Call the <tt class="method">bind</tt> method of the underlying socket.
</dl>
<P>
-<dl><dt><b><a name='l2h-147'><tt class='method'>close</tt></a></b>()
+<dl><dt><b><a name='l2h-148'><tt class='method'>close</tt></a></b>()
<dd>
Call the <tt class="method">close</tt> method of the underlying socket. Note: If you want
correct SSL closure, you need to call the <tt class="method">shutdown</tt> method first.
</dl>
<P>
-<dl><dt><b><a name='l2h-148'><tt class='method'>connect</tt></a></b>(<var>address</var>)
+<dl><dt><b><a name='l2h-149'><tt class='method'>connect</tt></a></b>(<var>address</var>)
<dd>
Call the <tt class="method">connect</tt> method of the underlying socket and set up SSL on the
socket, using the Context object supplied to this Connection object at
@@ -82,7 +82,7 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-149'><tt class='method'>connect_ex</tt></a></b>(<var>address</var>)
+<dl><dt><b><a name='l2h-150'><tt class='method'>connect_ex</tt></a></b>(<var>address</var>)
<dd>
Call the <tt class="method">connect_ex</tt> method of the underlying socket and set up SSL on
the socket, using the Context object supplied to this Connection object at
@@ -91,7 +91,7 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-150'><tt class='method'>do_handshake</tt></a></b>()
+<dl><dt><b><a name='l2h-151'><tt class='method'>do_handshake</tt></a></b>()
<dd>
Perform an SSL handshake (usually called after <tt class="method">renegotiate</tt> or one of
<tt class="method">set_accept_state</tt> or <tt class="method">set_accept_state</tt>). This can raise the
@@ -99,25 +99,25 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-151'><tt class='method'>fileno</tt></a></b>()
+<dl><dt><b><a name='l2h-152'><tt class='method'>fileno</tt></a></b>()
<dd>
Retrieve the file descriptor number for the underlying socket.
</dl>
<P>
-<dl><dt><b><a name='l2h-152'><tt class='method'>listen</tt></a></b>(<var>backlog</var>)
+<dl><dt><b><a name='l2h-153'><tt class='method'>listen</tt></a></b>(<var>backlog</var>)
<dd>
Call the <tt class="method">listen</tt> method of the underlying socket.
</dl>
<P>
-<dl><dt><b><a name='l2h-153'><tt class='method'>get_app_data</tt></a></b>()
+<dl><dt><b><a name='l2h-154'><tt class='method'>get_app_data</tt></a></b>()
<dd>
Retrieve application data as set by <tt class="method">set_app_data</tt>.
</dl>
<P>
-<dl><dt><b><a name='l2h-154'><tt class='method'>get_cipher_list</tt></a></b>()
+<dl><dt><b><a name='l2h-155'><tt class='method'>get_cipher_list</tt></a></b>()
<dd>
Retrieve the list of ciphers used by the Connection object. WARNING: This API
has changed. It used to take an optional parameter and just return a string,
@@ -125,44 +125,44 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-155'><tt class='method'>get_context</tt></a></b>()
+<dl><dt><b><a name='l2h-156'><tt class='method'>get_context</tt></a></b>()
<dd>
Retrieve the Context object associated with this Connection.
</dl>
<P>
-<dl><dt><b><a name='l2h-156'><tt class='method'>get_peer_certificate</tt></a></b>()
+<dl><dt><b><a name='l2h-157'><tt class='method'>get_peer_certificate</tt></a></b>()
<dd>
Retrieve the other side's certificate (if any)
</dl>
<P>
-<dl><dt><b><a name='l2h-157'><tt class='method'>getpeername</tt></a></b>()
+<dl><dt><b><a name='l2h-158'><tt class='method'>getpeername</tt></a></b>()
<dd>
Call the <tt class="method">getpeername</tt> method of the underlying socket.
</dl>
<P>
-<dl><dt><b><a name='l2h-158'><tt class='method'>getsockname</tt></a></b>()
+<dl><dt><b><a name='l2h-159'><tt class='method'>getsockname</tt></a></b>()
<dd>
Call the <tt class="method">getsockname</tt> method of the underlying socket.
</dl>
<P>
-<dl><dt><b><a name='l2h-159'><tt class='method'>getsockopt</tt></a></b>(<var>level, optname</var><big>[</big><var>, buflen</var><big>]</big>)
+<dl><dt><b><a name='l2h-160'><tt class='method'>getsockopt</tt></a></b>(<var>level, optname</var><big>[</big><var>, buflen</var><big>]</big>)
<dd>
Call the <tt class="method">getsockopt</tt> method of the underlying socket.
</dl>
<P>
-<dl><dt><b><a name='l2h-160'><tt class='method'>pending</tt></a></b>()
+<dl><dt><b><a name='l2h-161'><tt class='method'>pending</tt></a></b>()
<dd>
Retrieve the number of bytes that can be safely read from the SSL buffer
(<i>not</i> the underlying transport buffer).
</dl>
<P>
-<dl><dt><b><a name='l2h-161'><tt class='method'>recv</tt></a></b>(<var>bufsize</var>)
+<dl><dt><b><a name='l2h-162'><tt class='method'>recv</tt></a></b>(<var>bufsize</var>)
<dd>
Receive data from the Connection. The return value is a string representing the
data received. The maximum amount of data to be received at once, is specified
@@ -170,20 +170,20 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-162'><tt class='method'>renegotiate</tt></a></b>()
+<dl><dt><b><a name='l2h-163'><tt class='method'>renegotiate</tt></a></b>()
<dd>
Renegotiate the SSL session. Call this if you wish to change cipher suites or
anything like that.
</dl>
<P>
-<dl><dt><b><a name='l2h-163'><tt class='method'>send</tt></a></b>(<var>string</var>)
+<dl><dt><b><a name='l2h-164'><tt class='method'>send</tt></a></b>(<var>string</var>)
<dd>
Send the <var>string</var> data to the Connection.
</dl>
<P>
-<dl><dt><b><a name='l2h-164'><tt class='method'>sendall</tt></a></b>(<var>string</var>)
+<dl><dt><b><a name='l2h-165'><tt class='method'>sendall</tt></a></b>(<var>string</var>)
<dd>
Send all of the <var>string</var> data to the Connection. This calls <tt class="method">send</tt>
repeatedly until all data is sent. If an error occurs, it's impossible to tell
@@ -191,40 +191,40 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-165'><tt class='method'>set_accept_state</tt></a></b>()
+<dl><dt><b><a name='l2h-166'><tt class='method'>set_accept_state</tt></a></b>()
<dd>
Set the connection to work in server mode. The handshake will be handled
automatically by read/write.
</dl>
<P>
-<dl><dt><b><a name='l2h-166'><tt class='method'>set_app_data</tt></a></b>(<var>data</var>)
+<dl><dt><b><a name='l2h-167'><tt class='method'>set_app_data</tt></a></b>(<var>data</var>)
<dd>
Associate <var>data</var> with this Connection object. <var>data</var> can be retrieved
later using the <tt class="method">get_app_data</tt> method.
</dl>
<P>
-<dl><dt><b><a name='l2h-167'><tt class='method'>set_connect_state</tt></a></b>()
+<dl><dt><b><a name='l2h-168'><tt class='method'>set_connect_state</tt></a></b>()
<dd>
Set the connection to work in client mode. The handshake will be handled
automatically by read/write.
</dl>
<P>
-<dl><dt><b><a name='l2h-168'><tt class='method'>setblocking</tt></a></b>(<var>flag</var>)
+<dl><dt><b><a name='l2h-169'><tt class='method'>setblocking</tt></a></b>(<var>flag</var>)
<dd>
Call the <tt class="method">setblocking</tt> method of the underlying socket.
</dl>
<P>
-<dl><dt><b><a name='l2h-169'><tt class='method'>setsockopt</tt></a></b>(<var>level, optname, value</var>)
+<dl><dt><b><a name='l2h-170'><tt class='method'>setsockopt</tt></a></b>(<var>level, optname, value</var>)
<dd>
Call the <tt class="method">setsockopt</tt> method of the underlying socket.
</dl>
<P>
-<dl><dt><b><a name='l2h-170'><tt class='method'>shutdown</tt></a></b>()
+<dl><dt><b><a name='l2h-171'><tt class='method'>shutdown</tt></a></b>()
<dd>
Send the shutdown message to the Connection. Returns true if the shutdown
message exchange is completed and false otherwise (in which case you call
@@ -233,40 +233,40 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-171'><tt class='method'>get_shutdown</tt></a></b>()
+<dl><dt><b><a name='l2h-172'><tt class='method'>get_shutdown</tt></a></b>()
<dd>
Get the shutdown state of the Connection. Returns a bitvector of either or
both of <var>SENT_SHUTDOWN</var> and <var>RECEIVED_SHUTDOWN</var>.
</dl>
<P>
-<dl><dt><b><a name='l2h-172'><tt class='method'>set_shutdown</tt></a></b>(<var>state</var>)
+<dl><dt><b><a name='l2h-173'><tt class='method'>set_shutdown</tt></a></b>(<var>state</var>)
<dd>
Set the shutdown state of the Connection. <var>state</var> is a bitvector of
either or both of <var>SENT_SHUTDOWN</var> and <var>RECEIVED_SHUTDOWN</var>.
</dl>
<P>
-<dl><dt><b><a name='l2h-173'><tt class='method'>sock_shutdown</tt></a></b>(<var>how</var>)
+<dl><dt><b><a name='l2h-174'><tt class='method'>sock_shutdown</tt></a></b>(<var>how</var>)
<dd>
Call the <tt class="method">shutdown</tt> method of the underlying socket.
</dl>
<P>
-<dl><dt><b><a name='l2h-174'><tt class='method'>state_string</tt></a></b>()
+<dl><dt><b><a name='l2h-175'><tt class='method'>state_string</tt></a></b>()
<dd>
Retrieve a verbose string detailing the state of the Connection.
</dl>
<P>
-<dl><dt><b><a name='l2h-175'><tt class='method'>want_read</tt></a></b>()
+<dl><dt><b><a name='l2h-176'><tt class='method'>want_read</tt></a></b>()
<dd>
Checks if more data has to be read from the transport layer to complete an
operation.
</dl>
<P>
-<dl><dt><b><a name='l2h-176'><tt class='method'>want_write</tt></a></b>()
+<dl><dt><b><a name='l2h-177'><tt class='method'>want_write</tt></a></b>()
<dd>
Checks if there is data to write to the transport layer to complete an
operation.
diff --git a/doc/html/openssl-context.html b/doc/html/openssl-context.html
index d85d51c..09531fd 100644
--- a/doc/html/openssl-context.html
+++ b/doc/html/openssl-context.html
@@ -101,34 +101,44 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-128'><tt class='method'>load_verify_locations</tt></a></b>(<var>pemfile</var>)
+<dl><dt><b><a name='l2h-128'><tt class='method'>load_verify_locations</tt></a></b>(<var>pemfile, capath</var>)
<dd>
-Specify where CA certificates for verification purposes are located. These are
-trusted certificates. Note that the certificates have to be in PEM format.
+Specify where CA certificates for verification purposes are located. These
+are trusted certificates. Note that the certificates have to be in PEM
+format. If capath is passed, it must be a directory prepared using the
+<code>c_rehash</code> tool included with OpenSSL. Either, but not both, of
+<var>pemfile</var> or <var>capath</var> may be <code>None</code>.
</dl>
<P>
-<dl><dt><b><a name='l2h-129'><tt class='method'>load_tmp_dh</tt></a></b>(<var>dhfile</var>)
+<dl><dt><b><a name='l2h-129'><tt class='method'>set_default_verify_paths</tt></a></b>()
+<dd>
+Specify that the platform provided CA certificates are to be used for
+verification purposes.
+</dl>
+
+<P>
+<dl><dt><b><a name='l2h-130'><tt class='method'>load_tmp_dh</tt></a></b>(<var>dhfile</var>)
<dd>
Load parameters for Ephemeral Diffie-Hellman from <var>dhfile</var>.
</dl>
<P>
-<dl><dt><b><a name='l2h-130'><tt class='method'>set_app_data</tt></a></b>(<var>data</var>)
+<dl><dt><b><a name='l2h-131'><tt class='method'>set_app_data</tt></a></b>(<var>data</var>)
<dd>
Associate <var>data</var> with this Context object. <var>data</var> can be retrieved
later using the <tt class="method">get_app_data</tt> method.
</dl>
<P>
-<dl><dt><b><a name='l2h-131'><tt class='method'>set_cipher_list</tt></a></b>(<var>ciphers</var>)
+<dl><dt><b><a name='l2h-132'><tt class='method'>set_cipher_list</tt></a></b>(<var>ciphers</var>)
<dd>
Set the list of ciphers to be used in this context. See the OpenSSL manual for
more information (e.g. ciphers(1))
</dl>
<P>
-<dl><dt><b><a name='l2h-132'><tt class='method'>set_info_callback</tt></a></b>(<var>callback</var>)
+<dl><dt><b><a name='l2h-133'><tt class='method'>set_info_callback</tt></a></b>(<var>callback</var>)
<dd>
Set the information callback to <var>callback</var>. This function will be called
from time to time during SSL handshakes.
@@ -139,14 +149,14 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-133'><tt class='method'>set_options</tt></a></b>(<var>options</var>)
+<dl><dt><b><a name='l2h-134'><tt class='method'>set_options</tt></a></b>(<var>options</var>)
<dd>
Add SSL options. Options you have set before are not cleared!
This method should be used with the <tt class="constant">OP_*</tt> constants.
</dl>
<P>
-<dl><dt><b><a name='l2h-134'><tt class='method'>set_passwd_cb</tt></a></b>(<var>callback</var><big>[</big><var>, userdata</var><big>]</big>)
+<dl><dt><b><a name='l2h-135'><tt class='method'>set_passwd_cb</tt></a></b>(<var>callback</var><big>[</big><var>, userdata</var><big>]</big>)
<dd>
Set the passphrase callback to <var>callback</var>. This function will be called
when a private key with a passphrase is loaded.
@@ -160,7 +170,7 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-135'><tt class='method'>set_session_id</tt></a></b>(<var>name</var>)
+<dl><dt><b><a name='l2h-136'><tt class='method'>set_session_id</tt></a></b>(<var>name</var>)
<dd>
Set the context <var>name</var> within which a session can be reused for this
Context object. This is needed when doing session resumption, because there is
@@ -169,7 +179,7 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-136'><tt class='method'>set_timeout</tt></a></b>(<var>timeout</var>)
+<dl><dt><b><a name='l2h-137'><tt class='method'>set_timeout</tt></a></b>(<var>timeout</var>)
<dd>
Set the timeout for newly created sessions for this Context object to
<var>timeout</var>. <var>timeout</var> must be given in (whole) seconds. The default
@@ -178,7 +188,7 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-137'><tt class='method'>set_verify</tt></a></b>(<var>mode, callback</var>)
+<dl><dt><b><a name='l2h-138'><tt class='method'>set_verify</tt></a></b>(<var>mode, callback</var>)
<dd>
Set the verification flags for this Context object to <var>mode</var> and specify
that <var>callback</var> should be used for verification callbacks. <var>mode</var>
@@ -193,39 +203,39 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-138'><tt class='method'>set_verify_depth</tt></a></b>(<var>depth</var>)
+<dl><dt><b><a name='l2h-139'><tt class='method'>set_verify_depth</tt></a></b>(<var>depth</var>)
<dd>
Set the maximum depth for the certificate chain verification that shall be
allowed for this Context object.
</dl>
<P>
-<dl><dt><b><a name='l2h-139'><tt class='method'>use_certificate</tt></a></b>(<var>cert</var>)
+<dl><dt><b><a name='l2h-140'><tt class='method'>use_certificate</tt></a></b>(<var>cert</var>)
<dd>
Use the certificate <var>cert</var> which has to be a X509 object.
</dl>
<P>
-<dl><dt><b><a name='l2h-140'><tt class='method'>add_extra_chain_cert</tt></a></b>(<var>cert</var>)
+<dl><dt><b><a name='l2h-141'><tt class='method'>add_extra_chain_cert</tt></a></b>(<var>cert</var>)
<dd>
Adds the certificate <var>cert</var>, which has to be a X509 object, to the
certificate chain presented together with the certificate.
</dl>
<P>
-<dl><dt><b><a name='l2h-141'><tt class='method'>use_certificate_chain_file</tt></a></b>(<var>file</var>)
+<dl><dt><b><a name='l2h-142'><tt class='method'>use_certificate_chain_file</tt></a></b>(<var>file</var>)
<dd>
Load a certificate chain from <var>file</var> which must be PEM encoded.
</dl>
<P>
-<dl><dt><b><a name='l2h-142'><tt class='method'>use_privatekey</tt></a></b>(<var>pkey</var>)
+<dl><dt><b><a name='l2h-143'><tt class='method'>use_privatekey</tt></a></b>(<var>pkey</var>)
<dd>
Use the private key <var>pkey</var> which has to be a PKey object.
</dl>
<P>
-<dl><dt><b><a name='l2h-143'><tt class='method'>use_certificate_file</tt></a></b>(<var>file</var><big>[</big><var>, format</var><big>]</big>)
+<dl><dt><b><a name='l2h-144'><tt class='method'>use_certificate_file</tt></a></b>(<var>file</var><big>[</big><var>, format</var><big>]</big>)
<dd>
Load the first certificate found in <var>file</var>. The certificate must be in the
format specified by <var>format</var>, which is either <tt class="constant">FILETYPE_PEM</tt> or
@@ -233,7 +243,7 @@
</dl>
<P>
-<dl><dt><b><a name='l2h-144'><tt class='method'>use_privatekey_file</tt></a></b>(<var>file</var><big>[</big><var>, format</var><big>]</big>)
+<dl><dt><b><a name='l2h-145'><tt class='method'>use_privatekey_file</tt></a></b>(<var>file</var><big>[</big><var>, format</var><big>]</big>)
<dd>
Load the first private key found in <var>file</var>. The private key must be in the
format specified by <var>format</var>, which is either <tt class="constant">FILETYPE_PEM</tt> or
diff --git a/doc/html/openssl-rand.html b/doc/html/openssl-rand.html
index 2b03886..56e5c6e 100644
--- a/doc/html/openssl-rand.html
+++ b/doc/html/openssl-rand.html
@@ -60,7 +60,7 @@
<dd>
Mix bytes from <var>string</var> into the PRNG state. The <var>entropy</var> argument is
(the lower bound of) an estimate of how much randomness is contained in
-<var>string</var>, measured in bytes. For more information, see e.g. <a class="rfc" name="rfcref-1852"
+<var>string</var>, measured in bytes. For more information, see e.g. <a class="rfc" name="rfcref-1862"
href="http://www.ietf.org/rfc/rfc1750.txt">RFC 1750</a>.
</dl>
@@ -68,7 +68,7 @@
<dl><dt><b><a name='l2h-90'><tt class='function'>egd</tt></a></b>(<var>path</var><big>[</big><var>, bytes</var><big>]</big>)
<dd>
Query the Entropy Gathering Daemon<A NAME="tex2html2"
- HREF="#foot954"><SUP>2</SUP></A> on socket <var>path</var> for <var>bytes</var>
+ HREF="#foot962"><SUP>2</SUP></A> on socket <var>path</var> for <var>bytes</var>
bytes of random data and and uses <tt class="function">add</tt> to seed the PRNG. The default
value of <var>bytes</var> is 255.
</dl>
@@ -110,7 +110,7 @@
<P>
<BR><HR><H4>Footnotes</H4>
<DL>
-<DT><A NAME="foot954">... Daemon</A><A
+<DT><A NAME="foot962">... Daemon</A><A
href="openssl-rand.html#tex2html2"><SUP>2</SUP></A></DT>
<DD>See
<a class="url" href="http://www.lothar.com/tech/crypto/">http://www.lothar.com/tech/crypto/</a>
diff --git a/doc/html/openssl-ssl.html b/doc/html/openssl-ssl.html
index 2e2a545..90b9eb3 100644
--- a/doc/html/openssl-ssl.html
+++ b/doc/html/openssl-ssl.html
@@ -121,7 +121,7 @@
<dd>
Factory fucnction that creates a new Connection object given an SSL context and
a socket <A NAME="tex2html4"
- HREF="#foot957"><SUP>3</SUP></A> object.
+ HREF="#foot965"><SUP>3</SUP></A> object.
</dl>
<P>
@@ -188,7 +188,7 @@
<P>
<BR><HR><H4>Footnotes</H4>
<DL>
-<DT><A NAME="foot957">... socket</A><A
+<DT><A NAME="foot965">... socket</A><A
href="openssl-ssl.html#tex2html4"><SUP>3</SUP></A></DT>
<DD>Actually, all that is required is an object that
<i>behaves</i> like a socket, you could even use files, even though it'd be
diff --git a/doc/html/pyOpenSSL.how b/doc/html/pyOpenSSL.how
index 2464192..549a054 100644
--- a/doc/html/pyOpenSSL.how
+++ b/doc/html/pyOpenSSL.how
@@ -1 +1 @@
-+++ perl /home/exarkun/Projects/pyOpenSSL/trunk/doc/tools/node2label.pl *.html
++++ perl /home/exarkun/Projects/pyOpenSSL/branches/default-certificate-store/doc/tools/node2label.pl *.html
diff --git a/doc/pyOpenSSL.ps b/doc/pyOpenSSL.ps
index dcd109a..e54a77d 100644
--- a/doc/pyOpenSSL.ps
+++ b/doc/pyOpenSSL.ps
@@ -1,7 +1,7 @@
%!PS-Adobe-2.0
%%Creator: dvips(k) 5.96.1 Copyright 2007 Radical Eye Software
%%Title: pyOpenSSL.dvi
-%%CreationDate: Mon Sep 1 12:05:06 2008
+%%CreationDate: Sun Sep 7 21:06:56 2008
%%Pages: 15
%%PageOrder: Ascend
%%BoundingBox: 0 0 596 842
@@ -10,7 +10,7 @@
%DVIPSWebPage: (www.radicaleye.com)
%DVIPSCommandLine: dvips -N0 -o pyOpenSSL.ps pyOpenSSL
%DVIPSParameters: dpi=600
-%DVIPSSource: TeX output 2008.09.01:1205
+%DVIPSSource: TeX output 2008.09.07:2106
%%BeginProcSet: tex.pro 0 0
%!
/TeXDict 300 dict def TeXDict begin/N{def}def/B{bind def}N/S{exch}N/X{S
@@ -4569,7 +4569,7 @@
TeXDict begin 1 0 bop 0 83 3901 9 v 1890 451 a Fu(Python)64
b(Op)5 b(enSSL)64 b(Manual)3443 619 y Ft(Release)33 b(0.7)3189
974 y Fs(Ma)m(rtin)k(Sj\366gren)3231 1328 y Fr(Septem)n(b)r(er)28
-b(1,)f(2008)3301 1475 y Fq(ma)n(rtin@strakt.com)1781
+b(7,)f(2008)3301 1475 y Fq(ma)n(rtin@strakt.com)1781
1697 y Fp(Abstract)208 1841 y Fo(This)32 b(mo)r(dule)f(is)h(a)g(rather)
g(thin)f(wrapp)r(er)h(around)g(\(a)g(subset)f(of)6 b(\))32
b(the)g(Op)r(enSSL)e(library)-6 b(.)52 b(With)32 b(thin)f(wrapp)r(er)
@@ -5174,377 +5174,384 @@
b Fm(\))208 1268 y Fr(Read)33 b(a)g(\034le)h(with)g(PEM-formatted)g
(certi\034cates)f(that)h(will)g(b)r(e)g(sen)n(t)f(to)h(the)g(clien)n(t)
f(when)h(requesting)f(a)g(clien)n(t)208 1368 y(certi\034cate.)0
-1515 y Fm(load_verify_loca)o(ti)o(ons)o(\()p Fd(p)l(em\034le)6
-b Fm(\))208 1614 y Fr(Sp)r(ecify)24 b(where)f(CA)g(certi\034cates)g
-(for)g(v)n(eri\034cation)f(purp)r(oses)h(are)f(lo)r(cated.)35
-b(These)23 b(are)g(trusted)g(certi\034cates.)35 b(Note)208
-1714 y(that)27 b(the)h(certi\034cates)f(ha)n(v)n(e)f(to)i(b)r(e)g(in)g
-(PEM)g(format.)0 1861 y Fm(load_tmp_dh\()p Fd(dh\034le)6
-b Fm(\))208 1961 y Fr(Load)26 b(parameters)g(for)h(Ephemeral)g
-(Di\036e-Hellman)h(from)g Fd(dh\034le)6 b Fr(.)0 2107
-y Fm(set_app_data\()p Fd(data)g Fm(\))208 2207 y Fr(Asso)r(ciate)25
-b Fd(data)33 b Fr(with)27 b(this)f(Con)n(text)f(ob)5
-b(ject.)36 b Fd(data)e Fr(can)25 b(b)r(e)i(retriev)n(ed)d(later)i
-(using)f(the)i Fm(get_app_data)21 b Fr(metho)r(d.)0 2354
-y Fm(set_cipher_list\()o Fd(ciphers)7 b Fm(\))208 2454
-y Fr(Set)28 b(the)g(list)h(of)f(ciphers)f(to)h(b)r(e)g(used)g(in)g
+1515 y Fm(load_verify_loca)o(ti)o(ons)o(\()p Fd(p)l(em\034le,)24
+b(c)l(ap)l(ath)6 b Fm(\))208 1614 y Fr(Sp)r(ecify)24
+b(where)f(CA)g(certi\034cates)g(for)g(v)n(eri\034cation)f(purp)r(oses)h
+(are)f(lo)r(cated.)35 b(These)23 b(are)g(trusted)g(certi\034cates.)35
+b(Note)208 1714 y(that)c(the)g(certi\034cates)f(ha)n(v)n(e)f(to)i(b)r
+(e)g(in)g(PEM)h(format.)46 b(If)31 b(capath)f(is)h(passed,)f(it)i(m)n
+(ust)e(b)r(e)i(a)e(directory)f(prepared)208 1814 y(using)i(the)h
+Fm(c_rehash)c Fr(to)r(ol)j(included)h(with)g(Op)r(enSSL.)g(Either,)h
+(but)f(not)g(b)r(oth,)h(of)38 b Fd(p)l(em\034le)g Fr(or)31
+b Fd(c)l(ap)l(ath)39 b Fr(ma)n(y)31 b(b)r(e)208 1913
+y Fm(None)p Fr(.)0 2060 y Fm(set_default_veri)o(fy)o(_pa)o(th)o(s\()o
+(\))208 2160 y Fr(Sp)r(ecify)d(that)g(the)g(platform)f(pro)n(vided)f
+(CA)i(certi\034cates)f(are)f(to)i(b)r(e)g(used)f(for)g(v)n
+(eri\034cation)f(purp)r(oses.)0 2307 y Fm(load_tmp_dh\()p
+Fd(dh\034le)6 b Fm(\))208 2406 y Fr(Load)26 b(parameters)g(for)h
+(Ephemeral)g(Di\036e-Hellman)h(from)g Fd(dh\034le)6 b
+Fr(.)0 2553 y Fm(set_app_data\()p Fd(data)g Fm(\))208
+2653 y Fr(Asso)r(ciate)25 b Fd(data)33 b Fr(with)27 b(this)f(Con)n
+(text)f(ob)5 b(ject.)36 b Fd(data)e Fr(can)25 b(b)r(e)i(retriev)n(ed)d
+(later)i(using)f(the)i Fm(get_app_data)21 b Fr(metho)r(d.)0
+2800 y Fm(set_cipher_list\()o Fd(ciphers)7 b Fm(\))208
+2899 y Fr(Set)28 b(the)g(list)h(of)f(ciphers)f(to)h(b)r(e)g(used)g(in)g
(this)h(con)n(text.)37 b(See)28 b(the)h(Op)r(enSSL)f(man)n(ual)f(for)h
-(more)f(information)g(\(e.g.)208 2553 y(ciphers\(1\)\))0
-2700 y Fm(set_info_callbac)o(k\()o Fd(c)l(al)t(lb)l(ack)9
-b Fm(\))208 2800 y Fr(Set)33 b(the)f(information)g(callbac)n(k)f(to)i
+(more)f(information)g(\(e.g.)208 2999 y(ciphers\(1\)\))0
+3146 y Fm(set_info_callbac)o(k\()o Fd(c)l(al)t(lb)l(ack)9
+b Fm(\))208 3245 y Fr(Set)33 b(the)f(information)g(callbac)n(k)f(to)i
Fd(c)l(al)t(lb)l(ack)9 b Fr(.)54 b(This)32 b(function)h(will)g(b)r(e)g
(called)f(from)g(time)h(to)g(time)g(during)f(SSL)208
-2899 y(handshak)n(es.)49 b Fd(c)l(al)t(lb)l(ack)43 b
+3345 y(handshak)n(es.)49 b Fd(c)l(al)t(lb)l(ack)43 b
Fr(should)32 b(tak)n(e)g(three)g(argumen)n(ts:)45 b(a)32
b(Connection)g(ob)5 b(ject)32 b(and)g(t)n(w)n(o)g(in)n(tegers.)50
-b(The)32 b(\034rst)208 2999 y(in)n(teger)f(sp)r(eci\034es)g(where)h(in)
+b(The)32 b(\034rst)208 3445 y(in)n(teger)f(sp)r(eci\034es)g(where)h(in)
g(the)g(SSL)g(handshak)n(e)f(the)h(function)h(w)n(as)e(called,)h(and)g
-(the)g(other)g(the)g(return)f(co)r(de)208 3099 y(from)c(a)g(\(p)r
+(the)g(other)g(the)g(return)f(co)r(de)208 3544 y(from)c(a)g(\(p)r
(ossibly)g(failed\))h(in)n(ternal)f(function)h(call.)0
-3245 y Fm(set_options\()p Fd(options)7 b Fm(\))208 3345
+3691 y Fm(set_options\()p Fd(options)7 b Fm(\))208 3791
y Fr(A)n(dd)28 b(SSL)h(options.)38 b(Options)28 b(y)n(ou)f(ha)n(v)n(e)g
(set)i(b)r(efore)f(are)f(not)h(cleared!)38 b(This)28
b(metho)r(d)h(should)f(b)r(e)h(used)f(with)h(the)208
-3445 y Fm(OP_*)d Fr(constan)n(ts.)0 3591 y Fm(set_passwd_cb\()p
+3890 y Fm(OP_*)d Fr(constan)n(ts.)0 4037 y Fm(set_passwd_cb\()p
Fd(c)l(al)t(lb)l(ack)9 b Fc([)p Fd(,)25 b(user)l(data)19
-b Fc(])p Fm(\))208 3691 y Fr(Set)42 b(the)g(passphrase)f(callbac)n(k)f
+b Fc(])p Fm(\))208 4137 y Fr(Set)42 b(the)g(passphrase)f(callbac)n(k)f
(to)i Fd(c)l(al)t(lb)l(ack)9 b Fr(.)82 b(This)42 b(function)h(will)f(b)
r(e)g(called)g(when)g(a)g(priv)-5 b(ate)42 b(k)n(ey)f(with)h(a)208
-3791 y(passphrase)37 b(is)i(loaded.)70 b Fd(c)l(al)t(lb)l(ack)50
+4237 y(passphrase)37 b(is)i(loaded.)70 b Fd(c)l(al)t(lb)l(ack)50
b Fr(should)39 b(tak)n(e)f(a)g(b)r(o)r(olean)h(argumen)n(t)f
Fd(r)l(ep)l(e)l(at)47 b Fr(and)39 b(an)f(arbitrary)f(argumen)n(t)208
-3890 y Fd(data)f Fr(and)28 b(return)g(the)h(passphrase)e(en)n(tered)h
+4336 y Fd(data)f Fr(and)28 b(return)g(the)h(passphrase)e(en)n(tered)h
(b)n(y)g(the)h(user.)40 b(If)35 b Fd(r)l(ep)l(e)l(at)i
Fr(is)28 b(true)h(then)g Fd(c)l(al)t(lb)l(ack)39 b Fr(should)29
-b(ask)f(for)g(the)208 3990 y(passphrase)j(t)n(wice)j(and)g(mak)n(e)f
+b(ask)f(for)g(the)208 4436 y(passphrase)j(t)n(wice)j(and)g(mak)n(e)f
(sure)g(that)h(the)g(t)n(w)n(o)f(en)n(tries)g(are)g(equal.)55
b(The)34 b Fd(data)41 b Fr(argumen)n(t)33 b(is)h(the)g
-Fd(user)l(data)208 4090 y Fr(v)-5 b(ariable)25 b(passed)h(to)h(the)g
+Fd(user)l(data)208 4535 y Fr(v)-5 b(ariable)25 b(passed)h(to)h(the)g
Fm(set_passwd_cb)22 b Fr(metho)r(d.)37 b(If)27 b(an)g(error)e(o)r
(ccurs,)h Fd(c)l(al)t(lb)l(ack)37 b Fr(should)27 b(return)f(a)h(false)f
-(v)-5 b(alue)208 4189 y(\(e.g.)36 b(an)28 b(empt)n(y)f(string\).)0
-4336 y Fm(set_session_id\()p Fd(n)o(ame)6 b Fm(\))208
-4436 y Fr(Set)33 b(the)h(con)n(text)f Fd(name)39 b Fr(within)34
+(v)-5 b(alue)208 4635 y(\(e.g.)36 b(an)28 b(empt)n(y)f(string\).)0
+4782 y Fm(set_session_id\()p Fd(n)o(ame)6 b Fm(\))208
+4882 y Fr(Set)33 b(the)h(con)n(text)f Fd(name)39 b Fr(within)34
b(whic)n(h)f(a)g(session)f(can)h(b)r(e)h(reused)e(for)h(this)g(Con)n
-(text)g(ob)5 b(ject.)54 b(This)33 b(is)g(needed)208 4535
+(text)g(ob)5 b(ject.)54 b(This)33 b(is)g(needed)208 4981
y(when)e(doing)g(session)g(resumption,)h(b)r(ecause)g(there)f(is)h(no)f
(w)n(a)n(y)g(for)g(a)g(stored)g(session)f(to)i(kno)n(w)f(whic)n(h)g
-(Con)n(text)208 4635 y(ob)5 b(ject)27 b(it)h(is)f(asso)r(ciated)g
+(Con)n(text)208 5081 y(ob)5 b(ject)27 b(it)h(is)f(asso)r(ciated)g
(with.)37 b Fd(name)d Fr(ma)n(y)27 b(b)r(e)h(an)n(y)e(binary)h(data.)0
-4782 y Fm(set_timeout\()p Fd(time)l(out)8 b Fm(\))208
-4882 y Fr(Set)29 b(the)g(timeout)h(for)e(newly)h(created)f(sessions)g
+5228 y Fm(set_timeout\()p Fd(time)l(out)8 b Fm(\))208
+5327 y Fr(Set)29 b(the)g(timeout)h(for)e(newly)h(created)f(sessions)g
(for)h(this)g(Con)n(text)g(ob)5 b(ject)28 b(to)h Fd(time)l(out)8
-b Fr(.)41 b Fd(time)l(out)36 b Fr(m)n(ust)29 b(b)r(e)h(giv)n(en)208
-4981 y(in)f(\(whole\))f(seconds.)40 b(The)29 b(default)g(v)-5
-b(alue)28 b(is)h(300)e(seconds.)40 b(See)29 b(the)g(Op)r(enSSL)g(man)n
-(ual)f(for)g(more)g(information)208 5081 y(\(e.g.)36
-b(SSL_CTX_set_timeout\(3\)\).)0 5228 y Fm(set_verify\()p
-Fd(mo)l(de,)26 b(c)l(al)t(lb)l(ack)9 b Fm(\))208 5327
-y Fr(Set)36 b(the)h(v)n(eri\034cation)e(\035ags)g(for)h(this)h(Con)n
-(text)f(ob)5 b(ject)36 b(to)g Fd(mo)l(de)44 b Fr(and)36
-b(sp)r(ecify)g(that)h Fd(c)l(al)t(lb)l(ack)47 b Fr(should)36
-b(b)r(e)h(used)p 0 5549 3901 4 v 0 5649 a Fg(3.3)82 b
-Fm(SSL)26 b Fg(\026)i(An)g(interface)g(to)f(the)g(SSL-sp)r(eci\034c)h
-(pa)n(rts)f(of)h(Op)r(enSSL)1611 b(11)p eop end
+b Fr(.)41 b Fd(time)l(out)36 b Fr(m)n(ust)29 b(b)r(e)h(giv)n(en)p
+0 5549 3901 4 v 0 5649 a Fg(3.3)82 b Fm(SSL)26 b Fg(\026)i(An)g
+(interface)g(to)f(the)g(SSL-sp)r(eci\034c)h(pa)n(rts)f(of)h(Op)r(enSSL)
+1611 b(11)p eop end
%%Page: 12 12
-TeXDict begin 12 11 bop 208 83 a Fr(for)30 b(v)n(eri\034cation)g
+TeXDict begin 12 11 bop 208 83 a Fr(in)29 b(\(whole\))f(seconds.)40
+b(The)29 b(default)g(v)-5 b(alue)28 b(is)h(300)e(seconds.)40
+b(See)29 b(the)g(Op)r(enSSL)g(man)n(ual)f(for)g(more)g(information)208
+183 y(\(e.g.)36 b(SSL_CTX_set_timeout\(3\)\).)0 330 y
+Fm(set_verify\()p Fd(mo)l(de,)26 b(c)l(al)t(lb)l(ack)9
+b Fm(\))208 429 y Fr(Set)36 b(the)h(v)n(eri\034cation)e(\035ags)g(for)h
+(this)h(Con)n(text)f(ob)5 b(ject)36 b(to)g Fd(mo)l(de)44
+b Fr(and)36 b(sp)r(ecify)g(that)h Fd(c)l(al)t(lb)l(ack)47
+b Fr(should)36 b(b)r(e)h(used)208 529 y(for)30 b(v)n(eri\034cation)g
(callbac)n(ks.)45 b Fd(mo)l(de)38 b Fr(should)31 b(b)r(e)h(one)e(of)38
b Fm(VERIFY_NONE)26 b Fr(and)31 b Fm(VERIFY_PEER)p Fr(.)c(If)38
-b Fm(VERIFY_PEER)26 b Fr(is)208 183 y(used,)j Fd(mo)l(de)36
+b Fm(VERIFY_PEER)26 b Fr(is)208 628 y(used,)j Fd(mo)l(de)36
b Fr(can)29 b(b)r(e)g(OR:ed)g(with)g Fm(VERIFY_FAIL_IF_NO)o(_P)o(EE)o
(R_C)o(ER)o(T)23 b Fr(and)29 b Fm(VERIFY_CLIENT_O)o(NCE)22
-b Fr(to)29 b(further)208 282 y(con)n(trol)23 b(the)j(b)r(eha)n(viour.)
+b Fr(to)29 b(further)208 728 y(con)n(trol)23 b(the)j(b)r(eha)n(viour.)
34 b Fd(c)l(al)t(lb)l(ack)i Fr(should)25 b(tak)n(e)f(\034v)n(e)h
(argumen)n(ts:)34 b(A)25 b(Connection)g(ob)5 b(ject,)25
-b(an)g(X509)f(ob)5 b(ject,)25 b(and)208 382 y(three)e(in)n(teger)g(v)-5
+b(an)g(X509)f(ob)5 b(ject,)25 b(and)208 828 y(three)e(in)n(teger)g(v)-5
b(ariables,)23 b(whic)n(h)h(are)f(in)h(turn)g(p)r(oten)n(tial)g(error)d
(n)n(um)n(b)r(er,)k(error)c(depth)k(and)f(return)f(co)r(de.)35
-b Fd(c)l(al)t(lb)l(ack)208 482 y Fr(should)27 b(return)g(true)g(if)h(v)
+b Fd(c)l(al)t(lb)l(ack)208 927 y Fr(should)27 b(return)g(true)g(if)h(v)
n(eri\034cation)f(passes)f(and)h(false)h(otherwise.)0
-628 y Fm(set_verify_depth)o(\()p Fd(depth)6 b Fm(\))208
-728 y Fr(Set)36 b(the)g(maxim)n(um)f(depth)h(for)g(the)g(certi\034cate)
-f(c)n(hain)g(v)n(eri\034cation)f(that)i(shall)f(b)r(e)h(allo)n(w)n(ed)e
-(for)i(this)f(Con)n(text)208 828 y(ob)5 b(ject.)0 975
-y Fm(use_certificate\()o Fd(c)l(ert)j Fm(\))208 1074
-y Fr(Use)27 b(the)h(certi\034cate)f Fd(c)l(ert)35 b Fr(whic)n(h)28
-b(has)f(to)g(b)r(e)h(a)f(X509)g(ob)5 b(ject.)0 1221 y
-Fm(add_extra_chain_)o(ce)o(rt\()o Fd(c)l(ert)j Fm(\))208
-1321 y Fr(A)n(dds)32 b(the)h(certi\034cate)f Fd(c)l(ert)8
-b Fr(,)34 b(whic)n(h)f(has)f(to)g(b)r(e)i(a)e(X509)f(ob)5
+1074 y Fm(set_verify_depth)o(\()p Fd(depth)6 b Fm(\))208
+1174 y Fr(Set)36 b(the)g(maxim)n(um)f(depth)h(for)g(the)g
+(certi\034cate)f(c)n(hain)g(v)n(eri\034cation)f(that)i(shall)f(b)r(e)h
+(allo)n(w)n(ed)e(for)i(this)f(Con)n(text)208 1273 y(ob)5
+b(ject.)0 1420 y Fm(use_certificate\()o Fd(c)l(ert)j
+Fm(\))208 1520 y Fr(Use)27 b(the)h(certi\034cate)f Fd(c)l(ert)35
+b Fr(whic)n(h)28 b(has)f(to)g(b)r(e)h(a)f(X509)g(ob)5
+b(ject.)0 1667 y Fm(add_extra_chain_)o(ce)o(rt\()o Fd(c)l(ert)j
+Fm(\))208 1766 y Fr(A)n(dds)32 b(the)h(certi\034cate)f
+Fd(c)l(ert)8 b Fr(,)34 b(whic)n(h)f(has)f(to)g(b)r(e)i(a)e(X509)f(ob)5
b(ject,)34 b(to)f(the)g(certi\034cate)f(c)n(hain)g(presen)n(ted)g
-(together)208 1420 y(with)c(the)g(certi\034cate.)0 1567
+(together)208 1866 y(with)c(the)g(certi\034cate.)0 2013
y Fm(use_certificate_)o(ch)o(ain)o(_f)o(il)o(e\()p Fd(\034)o(le)6
-b Fm(\))208 1667 y Fr(Load)26 b(a)h(certi\034cate)g(c)n(hain)g(from)h
+b Fm(\))208 2113 y Fr(Load)26 b(a)h(certi\034cate)g(c)n(hain)g(from)h
Fd(\034le)34 b Fr(whic)n(h)27 b(m)n(ust)h(b)r(e)g(PEM)g(enco)r(ded.)0
-1814 y Fm(use_privatekey\()p Fd(pkey)7 b Fm(\))208 1913
+2259 y Fm(use_privatekey\()p Fd(pkey)7 b Fm(\))208 2359
y Fr(Use)27 b(the)h(priv)-5 b(ate)27 b(k)n(ey)h Fd(pkey)36
b Fr(whic)n(h)28 b(has)f(to)g(b)r(e)h(a)f(PKey)h(ob)5
-b(ject.)0 2075 y Fm(use_certificate_)o(fi)o(le\()o Fd(\034le)h
-Fc([)p Fd(,)24 b(format)d Fc(])p Fm(\))208 2174 y Fr(Load)i(the)h
+b(ject.)0 2520 y Fm(use_certificate_)o(fi)o(le\()o Fd(\034le)h
+Fc([)p Fd(,)24 b(format)d Fc(])p Fm(\))208 2620 y Fr(Load)i(the)h
(\034rst)g(certi\034cate)f(found)h(in)h Fd(\034le)6 b
Fr(.)36 b(The)24 b(certi\034cate)f(m)n(ust)h(b)r(e)h(in)f(the)g(format)
g(sp)r(eci\034ed)g(b)n(y)h Fd(format)8 b Fr(,)25 b(whic)n(h)208
-2274 y(is)i(either)g Fm(FILETYPE_PEM)c Fr(or)k Fm(FILETYPE_ASN1)p
+2720 y(is)i(either)g Fm(FILETYPE_PEM)c Fr(or)k Fm(FILETYPE_ASN1)p
Fr(.)k(The)d(default)g(is)f Fm(FILETYPE_PEM)p Fr(.)0
-2421 y Fm(use_privatekey_f)o(il)o(e\()p Fd(\034)o(le)6
-b Fc([)p Fd(,)25 b(format)20 b Fc(])p Fm(\))208 2520
+2866 y Fm(use_privatekey_f)o(il)o(e\()p Fd(\034)o(le)6
+b Fc([)p Fd(,)25 b(format)20 b Fc(])p Fm(\))208 2966
y Fr(Load)31 b(the)h(\034rst)g(priv)-5 b(ate)31 b(k)n(ey)g(found)i(in)f
Fd(\034le)6 b Fr(.)50 b(The)32 b(priv)-5 b(ate)32 b(k)n(ey)f(m)n(ust)h
(b)r(e)g(in)h(the)f(format)f(sp)r(eci\034ed)i(b)n(y)f
-Fd(format)8 b Fr(,)208 2620 y(whic)n(h)27 b(is)g(either)h
+Fd(format)8 b Fr(,)208 3066 y(whic)n(h)27 b(is)g(either)h
Fm(FILETYPE_PEM)22 b Fr(or)27 b Fm(FILETYPE_ASN1)p Fr(.)32
-b(The)27 b(default)h(is)g Fm(FILETYPE_PEM)p Fr(.)0 2876
-y Fg(Connection)e(objects)0 3077 y Fr(Connection)h(ob)5
+b(The)27 b(default)h(is)g Fm(FILETYPE_PEM)p Fr(.)0 3329
+y Fg(Connection)e(objects)0 3529 y Fr(Connection)h(ob)5
b(jects)27 b(ha)n(v)n(e)f(the)i(follo)n(wing)f(metho)r(ds:)0
-3224 y Fm(accept\(\))208 3323 y Fr(Call)33 b(the)g Fm(accept)e
+3676 y Fm(accept\(\))208 3776 y Fr(Call)33 b(the)g Fm(accept)e
Fr(metho)r(d)j(of)f(the)h(underlying)f(so)r(c)n(k)n(et)f(and)h(set)h
(up)g(SSL)f(on)g(the)h(returned)f(so)r(c)n(k)n(et,)h(using)f(the)208
-3423 y(Con)n(text)22 b(ob)5 b(ject)22 b(supplied)h(to)f(this)h
+3875 y(Con)n(text)22 b(ob)5 b(ject)22 b(supplied)h(to)f(this)h
(Connection)f(ob)5 b(ject)22 b(at)h(creation.)34 b(Returns)22
b(a)g(pair)g Fm(\()p Fd(c)l(onn)6 b Fm(,)43 b Fd(addr)l(ess)7
-b Fm(\))p Fr(.)36 b(where)208 3523 y Fd(c)l(onn)d Fr(is)28
+b Fm(\))p Fr(.)36 b(where)208 3975 y Fd(c)l(onn)d Fr(is)28
b(the)g(new)f(Connection)g(ob)5 b(ject)28 b(created,)e(and)i
Fd(addr)l(ess)35 b Fr(is)28 b(as)f(returned)g(b)n(y)g(the)h(so)r(c)n(k)
-n(et's)e Fm(accept)p Fr(.)0 3669 y Fm(bind\()p Fd(addr)l(ess)7
-b Fm(\))208 3769 y Fr(Call)27 b(the)h Fm(bind)e Fr(metho)r(d)i(of)f
-(the)h(underlying)f(so)r(c)n(k)n(et.)0 3916 y Fm(close\(\))208
-4016 y Fr(Call)i(the)h Fm(close)e Fr(metho)r(d)i(of)g(the)g(underlying)
+n(et's)e Fm(accept)p Fr(.)0 4122 y Fm(bind\()p Fd(addr)l(ess)7
+b Fm(\))208 4221 y Fr(Call)27 b(the)h Fm(bind)e Fr(metho)r(d)i(of)f
+(the)h(underlying)f(so)r(c)n(k)n(et.)0 4368 y Fm(close\(\))208
+4468 y Fr(Call)i(the)h Fm(close)e Fr(metho)r(d)i(of)g(the)g(underlying)
f(so)r(c)n(k)n(et.)43 b(Note:)e(If)31 b(y)n(ou)e(w)n(an)n(t)g(correct)f
-(SSL)i(closure,)f(y)n(ou)g(need)h(to)208 4115 y(call)d(the)h
-Fm(shutdown)c Fr(metho)r(d)k(\034rst.)0 4262 y Fm(connect\()p
-Fd(addr)l(ess)7 b Fm(\))208 4362 y Fr(Call)31 b(the)h
+(SSL)i(closure,)f(y)n(ou)g(need)h(to)208 4567 y(call)d(the)h
+Fm(shutdown)c Fr(metho)r(d)k(\034rst.)0 4714 y Fm(connect\()p
+Fd(addr)l(ess)7 b Fm(\))208 4814 y Fr(Call)31 b(the)h
Fm(connect)e Fr(metho)r(d)i(of)g(the)g(underlying)g(so)r(c)n(k)n(et)e
(and)i(set)g(up)g(SSL)h(on)e(the)i(so)r(c)n(k)n(et,)f(using)f(the)h
-(Con)n(text)208 4461 y(ob)5 b(ject)27 b(supplied)h(to)f(this)h
-(Connection)f(ob)5 b(ject)27 b(at)h(creation.)0 4608
-y Fm(connect_ex\()p Fd(addr)l(ess)7 b Fm(\))208 4708
+(Con)n(text)208 4914 y(ob)5 b(ject)27 b(supplied)h(to)f(this)h
+(Connection)f(ob)5 b(ject)27 b(at)h(creation.)0 5060
+y Fm(connect_ex\()p Fd(addr)l(ess)7 b Fm(\))208 5160
y Fr(Call)24 b(the)g Fm(connect_ex)c Fr(metho)r(d)25
b(of)f(the)h(underlying)f(so)r(c)n(k)n(et)f(and)h(set)g(up)h(SSL)f(on)g
(the)h(so)r(c)n(k)n(et,)f(using)g(the)g(Con)n(text)208
-4807 y(ob)5 b(ject)35 b(supplied)g(to)h(this)f(Connection)g(ob)5
+5260 y(ob)5 b(ject)35 b(supplied)g(to)h(this)f(Connection)g(ob)5
b(ject)36 b(at)f(creation.)59 b(Note)36 b(that)f(if)h(the)g
-Fm(connect_ex)31 b Fr(metho)r(d)36 b(of)g(the)208 4907
+Fm(connect_ex)31 b Fr(metho)r(d)36 b(of)g(the)208 5359
y(so)r(c)n(k)n(et)26 b(do)r(esn't)i(return)f(0,)g(SSL)h(w)n(on't)f(b)r
-(e)h(initialized.)0 5054 y Fm(do_handshake\(\))208 5154
-y Fr(P)n(erform)49 b(an)h(SSL)g(handshak)n(e)f(\(usually)h(called)g
-(after)f Fm(renegotiate)d Fr(or)j(one)h(of)57 b Fm(set_accept_stat)o(e)
-44 b Fr(or)208 5253 y Fm(set_accept_stat)o(e)p Fr(\).)31
-b(This)d(can)f(raise)f(the)i(same)f(exceptions)g(as)g
-Fm(send)f Fr(and)h Fm(recv)p Fr(.)0 5400 y Fm(fileno\(\))p
-0 5549 3901 4 v 0 5649 a Fg(12)2197 b(3)83 b Fm(OpenSSL)24
-b Fg(\026)k(Python)f(interface)h(to)f(Op)r(enSSL)p eop
-end
+(e)h(initialized.)p 0 5549 3901 4 v 0 5649 a Fg(12)2197
+b(3)83 b Fm(OpenSSL)24 b Fg(\026)k(Python)f(interface)h(to)f(Op)r
+(enSSL)p eop end
%%Page: 13 13
-TeXDict begin 13 12 bop 208 83 a Fr(Retriev)n(e)26 b(the)i(\034le)g
-(descriptor)e(n)n(um)n(b)r(er)i(for)f(the)h(underlying)e(so)r(c)n(k)n
-(et.)0 230 y Fm(listen\()p Fd(b)l(acklo)l(g)7 b Fm(\))208
-330 y Fr(Call)27 b(the)h Fm(listen)d Fr(metho)r(d)j(of)f(the)h
-(underlying)f(so)r(c)n(k)n(et.)0 476 y Fm(get_app_data\(\))208
-576 y Fr(Retriev)n(e)f(application)h(data)g(as)g(set)h(b)n(y)g
-Fm(set_app_data)p Fr(.)0 723 y Fm(get_cipher_list\()o(\))208
-823 y Fr(Retriev)n(e)23 b(the)h(list)g(of)g(ciphers)g(used)g(b)n(y)f
-(the)i(Connection)e(ob)5 b(ject.)36 b(W)-9 b(ARNING:)25
-b(This)f(API)h(has)e(c)n(hanged.)35 b(It)24 b(used)208
-922 y(to)j(tak)n(e)g(an)g(optional)g(parameter)f(and)h(just)h(return)g
-(a)f(string,)g(but)h(not)f(it)h(returns)f(the)h(en)n(tire)f(list)h(in)g
-(one)f(go.)0 1069 y Fm(get_context\(\))208 1169 y Fr(Retriev)n(e)f(the)
-i(Con)n(text)f(ob)5 b(ject)28 b(asso)r(ciated)e(with)i(this)g
-(Connection.)0 1316 y Fm(get_peer_certifi)o(ca)o(te\()o(\))208
-1415 y Fr(Retriev)n(e)e(the)i(other)f(side's)g(certi\034cate)g(\(if)i
-(an)n(y\))0 1562 y Fm(getpeername\(\))208 1662 y Fr(Call)e(the)h
-Fm(getpeername)23 b Fr(metho)r(d)28 b(of)f(the)h(underlying)f(so)r(c)n
-(k)n(et.)0 1808 y Fm(getsockname\(\))208 1908 y Fr(Call)g(the)h
+TeXDict begin 13 12 bop 0 83 a Fm(do_handshake\(\))208
+183 y Fr(P)n(erform)49 b(an)h(SSL)g(handshak)n(e)f(\(usually)h(called)g
+(after)f Fm(renegotiate)d Fr(or)j(one)h(of)57 b Fm(set_accept_stat)o(e)
+44 b Fr(or)208 282 y Fm(set_accept_stat)o(e)p Fr(\).)31
+b(This)d(can)f(raise)f(the)i(same)f(exceptions)g(as)g
+Fm(send)f Fr(and)h Fm(recv)p Fr(.)0 429 y Fm(fileno\(\))208
+529 y Fr(Retriev)n(e)f(the)i(\034le)g(descriptor)e(n)n(um)n(b)r(er)i
+(for)f(the)h(underlying)e(so)r(c)n(k)n(et.)0 676 y Fm(listen\()p
+Fd(b)l(acklo)l(g)7 b Fm(\))208 775 y Fr(Call)27 b(the)h
+Fm(listen)d Fr(metho)r(d)j(of)f(the)h(underlying)f(so)r(c)n(k)n(et.)0
+922 y Fm(get_app_data\(\))208 1022 y Fr(Retriev)n(e)f(application)h
+(data)g(as)g(set)h(b)n(y)g Fm(set_app_data)p Fr(.)0 1169
+y Fm(get_cipher_list\()o(\))208 1268 y Fr(Retriev)n(e)23
+b(the)h(list)g(of)g(ciphers)g(used)g(b)n(y)f(the)i(Connection)e(ob)5
+b(ject.)36 b(W)-9 b(ARNING:)25 b(This)f(API)h(has)e(c)n(hanged.)35
+b(It)24 b(used)208 1368 y(to)j(tak)n(e)g(an)g(optional)g(parameter)f
+(and)h(just)h(return)g(a)f(string,)g(but)h(not)f(it)h(returns)f(the)h
+(en)n(tire)f(list)h(in)g(one)f(go.)0 1515 y Fm(get_context\(\))208
+1614 y Fr(Retriev)n(e)f(the)i(Con)n(text)f(ob)5 b(ject)28
+b(asso)r(ciated)e(with)i(this)g(Connection.)0 1761 y
+Fm(get_peer_certifi)o(ca)o(te\()o(\))208 1861 y Fr(Retriev)n(e)e(the)i
+(other)f(side's)g(certi\034cate)g(\(if)i(an)n(y\))0 2008
+y Fm(getpeername\(\))208 2107 y Fr(Call)e(the)h Fm(getpeername)23
+b Fr(metho)r(d)28 b(of)f(the)h(underlying)f(so)r(c)n(k)n(et.)0
+2254 y Fm(getsockname\(\))208 2354 y Fr(Call)g(the)h
Fm(getsockname)23 b Fr(metho)r(d)28 b(of)f(the)h(underlying)f(so)r(c)n
-(k)n(et.)0 2072 y Fm(getsockopt\()p Fd(level,)f(optname)6
-b Fc([)p Fd(,)31 b(bu\035en)18 b Fc(])p Fm(\))208 2171
+(k)n(et.)0 2517 y Fm(getsockopt\()p Fd(level,)f(optname)6
+b Fc([)p Fd(,)31 b(bu\035en)18 b Fc(])p Fm(\))208 2617
y Fr(Call)27 b(the)h Fm(getsockopt)23 b Fr(metho)r(d)28
-b(of)g(the)g(underlying)f(so)r(c)n(k)n(et.)0 2318 y Fm(pending\(\))208
-2418 y Fr(Retriev)n(e)22 b(the)h(n)n(um)n(b)r(er)g(of)g(b)n(ytes)g
+b(of)g(the)g(underlying)f(so)r(c)n(k)n(et.)0 2764 y Fm(pending\(\))208
+2864 y Fr(Retriev)n(e)22 b(the)h(n)n(um)n(b)r(er)g(of)g(b)n(ytes)g
(that)h(can)e(b)r(e)i(safely)f(read)f(from)h(the)g(SSL)h(bu\033er)f(\()
-p Fd(not)g Fr(the)h(underlying)e(transp)r(ort)208 2517
-y(bu\033er\).)0 2664 y Fm(recv\()p Fd(bufsize)6 b Fm(\))208
-2764 y Fr(Receiv)n(e)30 b(data)h(from)g(the)h(Connection.)47
+p Fd(not)g Fr(the)h(underlying)e(transp)r(ort)208 2963
+y(bu\033er\).)0 3110 y Fm(recv\()p Fd(bufsize)6 b Fm(\))208
+3210 y Fr(Receiv)n(e)30 b(data)h(from)g(the)h(Connection.)47
b(The)31 b(return)g(v)-5 b(alue)31 b(is)h(a)e(string)h(represen)n(ting)
-f(the)h(data)g(receiv)n(ed.)47 b(The)208 2864 y(maxim)n(um)27
+f(the)h(data)g(receiv)n(ed.)47 b(The)208 3309 y(maxim)n(um)27
b(amoun)n(t)g(of)g(data)h(to)f(b)r(e)h(receiv)n(ed)e(at)i(once,)f(is)g
-(sp)r(eci\034ed)h(b)n(y)h Fd(bufsize)6 b Fr(.)0 3010
-y Fm(renegotiate\(\))208 3110 y Fr(Renegotiate)26 b(the)i(SSL)g
+(sp)r(eci\034ed)h(b)n(y)h Fd(bufsize)6 b Fr(.)0 3456
+y Fm(renegotiate\(\))208 3556 y Fr(Renegotiate)26 b(the)i(SSL)g
(session.)36 b(Call)27 b(this)h(if)g(y)n(ou)f(wish)g(to)h(c)n(hange)e
(cipher)h(suites)h(or)e(an)n(ything)h(lik)n(e)g(that.)0
-3257 y Fm(send\()p Fd(string)7 b Fm(\))208 3357 y Fr(Send)27
+3703 y Fm(send\()p Fd(string)7 b Fm(\))208 3802 y Fr(Send)27
b(the)h Fd(string)35 b Fr(data)27 b(to)h(the)g(Connection.)0
-3503 y Fm(sendall\()p Fd(string)7 b Fm(\))208 3603 y
+3949 y Fm(sendall\()p Fd(string)7 b Fm(\))208 4049 y
Fr(Send)30 b(all)f(of)h(the)g Fd(string)37 b Fr(data)29
b(to)g(the)h(Connection.)43 b(This)30 b(calls)f Fm(send)f
Fr(rep)r(eatedly)h(un)n(til)h(all)f(data)h(is)f(sen)n(t.)43
-b(If)30 b(an)208 3703 y(error)25 b(o)r(ccurs,)i(it's)h(imp)r(ossible)f
+b(If)30 b(an)208 4148 y(error)25 b(o)r(ccurs,)i(it's)h(imp)r(ossible)f
(to)g(tell)h(ho)n(w)f(m)n(uc)n(h)h(data)f(has)g(b)r(een)h(sen)n(t.)0
-3850 y Fm(set_accept_state)o(\(\))208 3949 y Fr(Set)20
+4295 y Fm(set_accept_state)o(\(\))208 4395 y Fr(Set)20
b(the)g(connection)f(to)h(w)n(ork)e(in)i(serv)n(er)e(mo)r(de.)34
b(The)20 b(handshak)n(e)f(will)h(b)r(e)g(handled)g(automatically)e(b)n
-(y)i(read/write.)0 4096 y Fm(set_app_data\()p Fd(data)6
-b Fm(\))208 4196 y Fr(Asso)r(ciate)39 b Fd(data)47 b
+(y)i(read/write.)0 4542 y Fm(set_app_data\()p Fd(data)6
+b Fm(\))208 4641 y Fr(Asso)r(ciate)39 b Fd(data)47 b
Fr(with)40 b(this)g(Connection)g(ob)5 b(ject.)73 b Fd(data)47
b Fr(can)39 b(b)r(e)i(retriev)n(ed)d(later)h(using)h(the)g
-Fm(get_app_data)208 4295 y Fr(metho)r(d.)0 4442 y Fm(set_connect_stat)o
-(e\()o(\))208 4542 y Fr(Set)21 b(the)g(connection)g(to)g(w)n(ork)e(in)i
+Fm(get_app_data)208 4741 y Fr(metho)r(d.)0 4888 y Fm(set_connect_stat)o
+(e\()o(\))208 4988 y Fr(Set)21 b(the)g(connection)g(to)g(w)n(ork)e(in)i
(clien)n(t)g(mo)r(de.)35 b(The)21 b(handshak)n(e)f(will)h(b)r(e)g
-(handled)g(automatically)f(b)n(y)h(read/write.)0 4689
-y Fm(setblocking\()p Fd(\035ag)7 b Fm(\))208 4788 y Fr(Call)27
+(handled)g(automatically)f(b)n(y)h(read/write.)0 5134
+y Fm(setblocking\()p Fd(\035ag)7 b Fm(\))208 5234 y Fr(Call)27
b(the)h Fm(setblocking)23 b Fr(metho)r(d)28 b(of)f(the)h(underlying)f
-(so)r(c)n(k)n(et.)0 4935 y Fm(setsockopt\()p Fd(level,)f(optname,)31
-b(value)6 b Fm(\))208 5035 y Fr(Call)27 b(the)h Fm(setsockopt)23
-b Fr(metho)r(d)28 b(of)g(the)g(underlying)f(so)r(c)n(k)n(et.)0
-5182 y Fm(shutdown\(\))208 5281 y Fr(Send)35 b(the)h(sh)n(utdo)n(wn)f
-(message)f(to)h(the)h(Connection.)60 b(Returns)35 b(true)g(if)h(the)g
-(sh)n(utdo)n(wn)e(message)g(exc)n(hange)g(is)208 5381
-y(completed)25 b(and)g(false)h(otherwise)e(\(in)i(whic)n(h)g(case)e(y)n
-(ou)h(call)g Fm(recv\(\))e Fr(or)i Fm(send\(\))e Fr(when)j(the)g
-(connection)f(b)r(ecomes)p 0 5549 3901 4 v 0 5649 a Fg(3.3)82
+(so)r(c)n(k)n(et.)0 5381 y Fm(setsockopt\()p Fd(level,)f(optname,)31
+b(value)6 b Fm(\))p 0 5549 3901 4 v 0 5649 a Fg(3.3)82
b Fm(SSL)26 b Fg(\026)i(An)g(interface)g(to)f(the)g(SSL-sp)r(eci\034c)h
(pa)n(rts)f(of)h(Op)r(enSSL)1611 b(13)p eop end
%%Page: 14 14
-TeXDict begin 14 13 bop 208 83 a Fr(readable/writeable.)0
-230 y Fm(get_shutdown\(\))208 330 y Fr(Get)70 b(the)g(sh)n(utdo)n(wn)f
+TeXDict begin 14 13 bop 208 83 a Fr(Call)27 b(the)h Fm(setsockopt)23
+b Fr(metho)r(d)28 b(of)g(the)g(underlying)f(so)r(c)n(k)n(et.)0
+230 y Fm(shutdown\(\))208 330 y Fr(Send)35 b(the)h(sh)n(utdo)n(wn)f
+(message)f(to)h(the)h(Connection.)60 b(Returns)35 b(true)g(if)h(the)g
+(sh)n(utdo)n(wn)e(message)g(exc)n(hange)g(is)208 429
+y(completed)25 b(and)g(false)h(otherwise)e(\(in)i(whic)n(h)g(case)e(y)n
+(ou)h(call)g Fm(recv\(\))e Fr(or)i Fm(send\(\))e Fr(when)j(the)g
+(connection)f(b)r(ecomes)208 529 y(readable/writeable.)0
+676 y Fm(get_shutdown\(\))208 775 y Fr(Get)70 b(the)g(sh)n(utdo)n(wn)f
(state)g(of)h(the)g(Connection.)162 b(Returns)69 b(a)h(bitv)n(ector)e
-(of)i(either)f(or)g(b)r(oth)h(of)208 429 y Fd(SENT_SHUTDO)n(WN)39
-b Fr(and)27 b Fd(RECEIVED_SHUTDO)n(WN)14 b Fr(.)0 576
-y Fm(set_shutdown\()p Fd(state)6 b Fm(\))208 676 y Fr(Set)21
+(of)i(either)f(or)g(b)r(oth)h(of)208 875 y Fd(SENT_SHUTDO)n(WN)39
+b Fr(and)27 b Fd(RECEIVED_SHUTDO)n(WN)14 b Fr(.)0 1022
+y Fm(set_shutdown\()p Fd(state)6 b Fm(\))208 1121 y Fr(Set)21
b(the)g(sh)n(utdo)n(wn)g(state)g(of)g(the)g(Connection.)34
b Fd(state)27 b Fr(is)21 b(a)g(bitv)n(ector)f(of)h(either)g(or)f(b)r
-(oth)i(of)27 b Fd(SENT_SHUTDO)n(WN)208 775 y Fr(and)g
-Fd(RECEIVED_SHUTDO)n(WN)14 b Fr(.)0 922 y Fm(sock_shutdown\()p
-Fd(how)9 b Fm(\))208 1022 y Fr(Call)27 b(the)h Fm(shutdown)c
+(oth)i(of)27 b Fd(SENT_SHUTDO)n(WN)208 1221 y Fr(and)g
+Fd(RECEIVED_SHUTDO)n(WN)14 b Fr(.)0 1368 y Fm(sock_shutdown\()p
+Fd(how)9 b Fm(\))208 1468 y Fr(Call)27 b(the)h Fm(shutdown)c
Fr(metho)r(d)k(of)g(the)g(underlying)e(so)r(c)n(k)n(et.)0
-1169 y Fm(state_string\(\))208 1268 y Fr(Retriev)n(e)g(a)i(v)n(erb)r
+1614 y Fm(state_string\(\))208 1714 y Fr(Retriev)n(e)g(a)i(v)n(erb)r
(ose)e(string)g(detailing)i(the)g(state)f(of)h(the)f(Connection.)0
-1415 y Fm(want_read\(\))208 1515 y Fr(Chec)n(ks)f(if)i(more)f(data)g
+1861 y Fm(want_read\(\))208 1961 y Fr(Chec)n(ks)f(if)i(more)f(data)g
(has)g(to)h(b)r(e)g(read)e(from)i(the)f(transp)r(ort)g(la)n(y)n(er)f
-(to)h(complete)h(an)f(op)r(eration.)0 1662 y Fm(want_write\(\))208
-1761 y Fr(Chec)n(ks)f(if)i(there)g(is)f(data)g(to)h(write)f(to)g(the)h
+(to)h(complete)h(an)f(op)r(eration.)0 2107 y Fm(want_write\(\))208
+2207 y Fr(Chec)n(ks)f(if)i(there)g(is)f(data)g(to)h(write)f(to)g(the)h
(transp)r(ort)f(la)n(y)n(er)f(to)h(complete)h(an)f(op)r(eration.)0
-2083 y Fs(4)114 b(Internals)0 2312 y Fr(W)-7 b(e)25 b(ran)g(in)n(to)f
+2529 y Fs(4)114 b(Internals)0 2758 y Fr(W)-7 b(e)25 b(ran)g(in)n(to)f
(three)h(main)g(problems)f(dev)n(eloping)g(this:)36 b(Exceptions,)25
b(callbac)n(ks)f(and)h(accessing)e(so)r(c)n(k)n(et)h(metho)r(ds.)36
-b(This)0 2412 y(is)27 b(what)h(this)g(c)n(hapter)e(is)i(ab)r(out.)0
-2691 y Fk(4.1)97 b(Exceptions)0 2892 y Fr(W)-7 b(e)52
+b(This)0 2857 y(is)27 b(what)h(this)g(c)n(hapter)e(is)i(ab)r(out.)0
+3137 y Fk(4.1)97 b(Exceptions)0 3338 y Fr(W)-7 b(e)52
b(realized)f(early)g(that)h(most)g(of)g(the)g(exceptions)f(w)n(ould)h
(b)r(e)g(raised)f(b)n(y)h(the)g(I/O)f(functions)h(of)g(Op)r(enSSL,)0
-2991 y(so)d(it)i(felt)f(natural)f(to)h(mimic)g(Op)r(enSSL's)g(error)e
+3437 y(so)d(it)i(felt)f(natural)f(to)h(mimic)g(Op)r(enSSL's)g(error)e
(co)r(de)i(system,)55 b(translating)48 b(them)j(in)n(to)e(Python)i
-(exceptions.)0 3091 y(This)30 b(naturally)e(giv)n(es)h(us)h(the)g
+(exceptions.)0 3537 y(This)30 b(naturally)e(giv)n(es)h(us)h(the)g
(exceptions)f Fm(SSL.ZeroReturnEr)o(ro)o(r)p Fr(,)24
b Fm(SSL.WantReadError)o Fr(,)h Fm(SSL.WantWriteEr)o(ro)o(r)p
-Fr(,)0 3191 y Fm(SSL.WantX509Look)o(up)o(Err)o(or)c Fr(and)27
-b Fm(SSL.SysCallError)p Fr(.)0 3338 y(F)-7 b(or)27 b(more)g
+Fr(,)0 3636 y Fm(SSL.WantX509Look)o(up)o(Err)o(or)c Fr(and)27
+b Fm(SSL.SysCallError)p Fr(.)0 3783 y(F)-7 b(or)27 b(more)g
(information)g(ab)r(out)g(this,)h(see)f(section)g(3.3.)0
-3617 y Fk(4.2)97 b(Callbacks)0 3818 y Fr(There)34 b(are)f(a)h(n)n(um)n
+4063 y Fk(4.2)97 b(Callbacks)0 4263 y Fr(There)34 b(are)f(a)h(n)n(um)n
(b)r(er)g(of)h(problems)e(with)i(callbac)n(ks.)56 b(First)34
b(of)g(all,)i(Op)r(enSSL)f(is)f(written)h(as)e(a)h(C)h(library)-7
-b(,)34 b(it's)h(not)0 3917 y(mean)n(t)26 b(to)g(ha)n(v)n(e)e(Python)j
+b(,)34 b(it's)h(not)0 4363 y(mean)n(t)26 b(to)g(ha)n(v)n(e)e(Python)j
(callbac)n(ks,)d(so)i(a)f(w)n(a)n(y)g(around)g(that)h(is)g(needed.)36
b(Another)26 b(problem)f(is)h(thread)g(supp)r(ort.)36
-b(A)26 b(lot)0 4017 y(of)h(the)g(Op)r(enSSL)g(I/O)e(functions)i(can)g
+b(A)26 b(lot)0 4463 y(of)h(the)g(Op)r(enSSL)g(I/O)e(functions)i(can)g
(blo)r(c)n(k)f(if)h(the)g(so)r(c)n(k)n(et)f(is)g(in)h(blo)r(c)n(king)f
(mo)r(de,)h(and)g(then)g(y)n(ou)f(w)n(an)n(t)g(other)g(Python)0
-4117 y(threads)c(to)g(b)r(e)h(able)f(to)g(do)g(other)g(things.)35
+4562 y(threads)c(to)g(b)r(e)h(able)f(to)g(do)g(other)g(things.)35
b(The)22 b(real)g(trouble)g(is)g(if)h(y)n(ou'v)n(e)e(released)g(the)h
(thread)g(lo)r(c)n(k)g(to)g(do)g(a)g(p)r(oten)n(tially)0
-4216 y(blo)r(c)n(king)27 b(op)r(eration,)f(and)i(the)g(op)r(eration)e
+4662 y(blo)r(c)n(king)27 b(op)r(eration,)f(and)i(the)g(op)r(eration)e
(calls)h(a)g(callbac)n(k.)35 b(Then)28 b(w)n(e)f(m)n(ust)h(tak)n(e)f
-(the)h(thread)f(lo)r(c)n(k)g(bac)n(k)3475 4186 y Fl(4)3511
-4216 y Fr(.)0 4363 y(There)d(are)f(t)n(w)n(o)g(solutions)h(to)g(the)h
+(the)h(thread)f(lo)r(c)n(k)g(bac)n(k)3475 4632 y Fl(4)3511
+4662 y Fr(.)0 4809 y(There)d(are)f(t)n(w)n(o)g(solutions)h(to)g(the)h
(\034rst)f(problem,)g(b)r(oth)h(of)f(whic)n(h)g(are)f(necessary)-7
b(.)34 b(The)25 b(\034rst)f(solution)f(to)h(use)h(is)f(if)g(the)h(C)0
-4463 y(callbac)n(k)i(allo)n(ws)f(\021userdata\021)33
+4908 y(callbac)n(k)i(allo)n(ws)f(\021userdata\021)33
b(to)28 b(b)r(e)h(passed)e(to)h(it)g(\(an)g(arbitrary)e(p)r(oin)n(ter)i
(normally\).)37 b(This)28 b(is)g(great!)37 b(W)-7 b(e)28
-b(can)g(set)g(our)0 4562 y(Python)i(function)g(ob)5 b(ject)29
+b(can)g(set)g(our)0 5008 y(Python)i(function)g(ob)5 b(ject)29
b(as)f(the)i(real)f(userdata)f(and)h(em)n(ulate)g(userdata)f(for)h(the)
h(Python)f(function)h(in)g(another)e(w)n(a)n(y)-7 b(.)0
-4662 y(The)24 b(other)g(solution)g(can)g(b)r(e)h(used)g(if)g(an)f(ob)5
+5108 y(The)24 b(other)g(solution)g(can)g(b)r(e)h(used)g(if)g(an)f(ob)5
b(ject)24 b(with)h(an)f(\021app_data\021)29 b(system)c(alw)n(a)n(ys)d
(is)j(passed)e(to)h(the)h(callbac)n(k.)35 b(F)-7 b(or)0
-4762 y(example,)26 b(the)h(SSL)f(ob)5 b(ject)26 b(in)h(Op)r(enSSL)f
+5207 y(example,)26 b(the)h(SSL)f(ob)5 b(ject)26 b(in)h(Op)r(enSSL)f
(has)g(app_data)f(functions)i(and)f(in)h(e.g.)36 b(the)26
-b(v)n(eri\034cation)f(callbac)n(ks,)g(y)n(ou)g(can)0
-4861 y(retriev)n(e)i(the)i(related)f(SSL)h(ob)5 b(ject.)39
-b(What)29 b(w)n(e)g(do)f(is)g(to)h(set)f(our)g(wrapp)r(er)g
-Fm(Connection)c Fr(ob)5 b(ject)28 b(as)g(app_data)g(for)g(the)0
-4961 y(SSL)g(ob)5 b(ject,)27 b(and)h(w)n(e)f(can)g(easily)g(\034nd)h
-(the)g(Python)g(callbac)n(k.)0 5108 y(The)42 b(other)g(problem)g(is)g
-(also)f(partially)h(solv)n(ed)f(b)n(y)h(app_data.)80
-b(Since)43 b(w)n(e're)e(asso)r(ciating)g(our)g(wrapp)r(er)h(ob)5
-b(jects)0 5207 y(with)44 b(the)f(\021real\021)49 b(ob)5
-b(jects,)46 b(w)n(e)d(can)g(easily)f(access)g(data)g(from)h(the)h
-Fm(Connection)39 b Fr(ob)5 b(ject.)83 b(The)43 b(solution)g(then)g(is)p
-0 5277 1560 4 v 92 5330 a Fi(4)127 5354 y Fh(I'm)22 b(not)j(sure)f(wh)n
-(y)g(this)g(is)f(necessary)-6 b(,)25 b(but)f(otherwise)h(I)f(get)h(a)e
+b(v)n(eri\034cation)f(callbac)n(ks,)g(y)n(ou)g(can)p
+0 5280 1560 4 v 92 5333 a Fi(4)127 5357 y Fh(I'm)d(not)j(sure)f(wh)n(y)
+g(this)g(is)f(necessary)-6 b(,)25 b(but)f(otherwise)h(I)f(get)h(a)e
(segmen)n(tation)i(violation)f(on)g Fa(PyEval_CallObject)p
0 5549 3901 4 v 0 5649 a Fg(14)3368 b(4)83 b(Internals)p
eop end
%%Page: 15 15
-TeXDict begin 15 14 bop 0 83 a Fr(to)35 b(simply)h(include)g(a)f
-Fm(PyThreadState)c Fr(v)-5 b(ariable)34 b(in)i(the)g
-Fm(Connection)31 b Fr(declaration,)37 b(and)e(write)g(macros)f(similar)
-h(to)0 183 y Fm(Py_BEGIN_ALLOW_T)o(HR)o(EAD)o(S)26 b
-Fr(and)33 b Fm(Py_END_ALLOW_TH)o(REA)o(DS)26 b Fr(that)33
-b(allo)n(ws)e(sp)r(ecifying)h(of)h(the)g Fm(PyThreadState)27
-b Fr(v)-5 b(ari-)0 282 y(able)23 b(to)g(use.)35 b(No)n(w)23
-b(w)n(e)g(can)g(simply)g(\021b)r(egin)g(allo)n(w)f(threads\021)29
-b(b)r(efore)23 b(a)g(p)r(oten)n(tially)g(blo)r(c)n(king)f(op)r
-(eration,)h(and)g(\021end)g(allo)n(w)0 382 y(threads\021)33
-b(b)r(efore)28 b(calling)e(a)i(callbac)n(k.)0 662 y Fk(4.3)97
-b(A)m(cessing)35 b(So)s(ck)m(et)e(Metho)s(ds)0 862 y
-Fr(W)-7 b(e)27 b(quic)n(kly)e(sa)n(w)h(the)g(b)r(ene\034t)h(of)g
-(wrapping)e(so)r(c)n(k)n(et)g(metho)r(ds)h(in)h(the)g
-Fm(SSL.Connection)20 b Fr(class,)26 b(for)g(an)g(easy)f(transition)0
-962 y(in)n(to)e(using)f(SSL.)h(The)g(problem)f(here)h(is)f(that)h(the)h
-Fm(socket)c Fr(mo)r(dule)j(lac)n(ks)f(a)g(C)h(API,)h(and)e(all)h(the)g
-(metho)r(ds)g(are)f(declared)0 1061 y(static.)36 b(One)27
-b(approac)n(h)d(w)n(ould)i(b)r(e)h(to)f(ha)n(v)n(e)g
-Fm(OpenSSL)d Fr(as)j(a)g(submo)r(dule)h(to)f(the)h Fm(socket)d
-Fr(mo)r(dule,)j(placing)f(all)g(the)h(co)r(de)0 1161
-y(in)j(`)p Fq(so)r(ck)n(etmo)r(dule.c)p Fr(',)h(but)f(this)g(is)g(ob)n
-(viously)e(not)i(a)f(go)r(o)r(d)g(solution,)h(since)g(y)n(ou)f(migh)n
-(t)g(not)h(w)n(an)n(t)f(to)h(imp)r(ort)g(tonnes)f(of)0
-1261 y(extra)f(stu\033)h(y)n(ou're)e(not)i(going)e(to)i(use)f(when)h
+TeXDict begin 15 14 bop 0 83 a Fr(retriev)n(e)27 b(the)i(related)f(SSL)
+h(ob)5 b(ject.)39 b(What)29 b(w)n(e)g(do)f(is)g(to)h(set)f(our)g(wrapp)
+r(er)g Fm(Connection)c Fr(ob)5 b(ject)28 b(as)g(app_data)g(for)g(the)0
+183 y(SSL)g(ob)5 b(ject,)27 b(and)h(w)n(e)f(can)g(easily)g(\034nd)h
+(the)g(Python)g(callbac)n(k.)0 330 y(The)42 b(other)g(problem)g(is)g
+(also)f(partially)h(solv)n(ed)f(b)n(y)h(app_data.)80
+b(Since)43 b(w)n(e're)e(asso)r(ciating)g(our)g(wrapp)r(er)h(ob)5
+b(jects)0 429 y(with)44 b(the)f(\021real\021)49 b(ob)5
+b(jects,)46 b(w)n(e)d(can)g(easily)f(access)g(data)g(from)h(the)h
+Fm(Connection)39 b Fr(ob)5 b(ject.)83 b(The)43 b(solution)g(then)g(is)0
+529 y(to)35 b(simply)h(include)g(a)f Fm(PyThreadState)c
+Fr(v)-5 b(ariable)34 b(in)i(the)g Fm(Connection)31 b
+Fr(declaration,)37 b(and)e(write)g(macros)f(similar)h(to)0
+628 y Fm(Py_BEGIN_ALLOW_T)o(HR)o(EAD)o(S)26 b Fr(and)33
+b Fm(Py_END_ALLOW_TH)o(REA)o(DS)26 b Fr(that)33 b(allo)n(ws)e(sp)r
+(ecifying)h(of)h(the)g Fm(PyThreadState)27 b Fr(v)-5
+b(ari-)0 728 y(able)23 b(to)g(use.)35 b(No)n(w)23 b(w)n(e)g(can)g
+(simply)g(\021b)r(egin)g(allo)n(w)f(threads\021)29 b(b)r(efore)23
+b(a)g(p)r(oten)n(tially)g(blo)r(c)n(king)f(op)r(eration,)h(and)g
+(\021end)g(allo)n(w)0 828 y(threads\021)33 b(b)r(efore)28
+b(calling)e(a)i(callbac)n(k.)0 1107 y Fk(4.3)97 b(A)m(cessing)35
+b(So)s(ck)m(et)e(Metho)s(ds)0 1308 y Fr(W)-7 b(e)27 b(quic)n(kly)e(sa)n
+(w)h(the)g(b)r(ene\034t)h(of)g(wrapping)e(so)r(c)n(k)n(et)g(metho)r(ds)
+h(in)h(the)g Fm(SSL.Connection)20 b Fr(class,)26 b(for)g(an)g(easy)f
+(transition)0 1407 y(in)n(to)e(using)f(SSL.)h(The)g(problem)f(here)h
+(is)f(that)h(the)h Fm(socket)c Fr(mo)r(dule)j(lac)n(ks)f(a)g(C)h(API,)h
+(and)e(all)h(the)g(metho)r(ds)g(are)f(declared)0 1507
+y(static.)36 b(One)27 b(approac)n(h)d(w)n(ould)i(b)r(e)h(to)f(ha)n(v)n
+(e)g Fm(OpenSSL)d Fr(as)j(a)g(submo)r(dule)h(to)f(the)h
+Fm(socket)d Fr(mo)r(dule,)j(placing)f(all)g(the)h(co)r(de)0
+1607 y(in)j(`)p Fq(so)r(ck)n(etmo)r(dule.c)p Fr(',)h(but)f(this)g(is)g
+(ob)n(viously)e(not)i(a)f(go)r(o)r(d)g(solution,)h(since)g(y)n(ou)f
+(migh)n(t)g(not)h(w)n(an)n(t)f(to)h(imp)r(ort)g(tonnes)f(of)0
+1706 y(extra)f(stu\033)h(y)n(ou're)e(not)i(going)e(to)i(use)f(when)h
(imp)r(orting)f(the)i Fm(socket)c Fr(mo)r(dule.)40 b(The)29
-b(other)f(approac)n(h)e(is)j(to)f(someho)n(w)0 1360 y(get)33
+b(other)f(approac)n(h)e(is)j(to)f(someho)n(w)0 1806 y(get)33
b(a)g(p)r(oin)n(ter)g(to)h(the)f(metho)r(d)h(to)g(b)r(e)f(called,)i
(either)e(the)h(C)g(function,)h(or)e(a)g(callable)f(Python)i(ob)5
-b(ject.)54 b(This)34 b(is)f(not)0 1460 y(really)26 b(a)i(go)r(o)r(d)f
+b(ject.)54 b(This)34 b(is)f(not)0 1906 y(really)26 b(a)i(go)r(o)r(d)f
(solution)g(either,)g(since)g(there's)h(a)f(lot)g(of)h(lo)r(okups)f(in)
-n(v)n(olv)n(ed.)0 1607 y(The)h(w)n(a)n(y)f(it)h(w)n(orks)e(is)i(that)h
+n(v)n(olv)n(ed.)0 2052 y(The)h(w)n(a)n(y)f(it)h(w)n(orks)e(is)i(that)h
(y)n(ou)e(ha)n(v)n(e)g(to)g(supply)h(a)g(\020)7 b Fm(socket)p
Fr(-lik)n(e\021)31 b(transp)r(ort)c(ob)5 b(ject)28 b(to)f(the)i
-Fm(SSL.Connection)p Fr(.)j(The)0 1706 y(only)24 b(requiremen)n(t)f(of)i
+Fm(SSL.Connection)p Fr(.)j(The)0 2152 y(only)24 b(requiremen)n(t)f(of)i
(this)f(ob)5 b(ject)24 b(is)h(that)f(it)h(has)f(a)g Fm(fileno\(\))d
Fr(metho)r(d)k(that)f(returns)g(a)g(\034le)g(descriptor)f(that's)i(v)-5
-b(alid)24 b(at)0 1806 y(the)g(C)g(lev)n(el)f(\(i.e.)36
+b(alid)24 b(at)0 2252 y(the)g(C)g(lev)n(el)f(\(i.e.)36
b(y)n(ou)23 b(can)h(use)f(the)i(system)e(calls)g(read)g(and)h(write\).)
35 b(If)25 b(y)n(ou)e(w)n(an)n(t)g(to)h(use)f(the)h Fm(connect\(\))c
-Fr(or)j Fm(accept\(\))0 1906 y Fr(metho)r(ds)29 b(of)h(the)f
+Fr(or)j Fm(accept\(\))0 2351 y Fr(metho)r(ds)29 b(of)h(the)f
Fm(SSL.Connection)24 b Fr(ob)5 b(ject,)29 b(the)h(transp)r(ort)e(ob)5
b(ject)29 b(has)f(to)h(supply)h(suc)n(h)f(metho)r(ds)g(to)r(o.)41
-b(Apart)29 b(from)0 2005 y(them,)c(an)n(y)e(metho)r(d)h(lo)r(okups)f
+b(Apart)29 b(from)0 2451 y(them,)c(an)n(y)e(metho)r(d)h(lo)r(okups)f
(in)h(the)f Fm(SSL.Connection)18 b Fr(ob)5 b(ject)24
b(that)f(fail)h(are)f(passed)f(on)i(to)f(the)h(underlying)f(transp)r
-(ort)0 2105 y(ob)5 b(ject.)0 2252 y(F)-7 b(uture)25 b(c)n(hanges)f
+(ort)0 2551 y(ob)5 b(ject.)0 2697 y(F)-7 b(uture)25 b(c)n(hanges)f
(migh)n(t)h(b)r(e)g(to)g(allo)n(w)f(Python-lev)n(el)g(transp)r(ort)g
(ob)5 b(jects,)25 b(that)g(instead)g(of)g(ha)n(ving)g
-Fm(fileno\(\))d Fr(metho)r(ds,)0 2351 y(ha)n(v)n(e)h
+Fm(fileno\(\))d Fr(metho)r(ds,)0 2797 y(ha)n(v)n(e)h
Fm(read\(\))g Fr(and)h Fm(write\(\))e Fr(metho)r(ds,)k(so)e(more)f(adv)
-5 b(anced)24 b(features)h(of)f(Python)h(can)g(b)r(e)g(used.)35
-b(This)25 b(w)n(ould)f(probably)0 2451 y(en)n(tail)36
+b(This)25 b(w)n(ould)f(probably)0 2897 y(en)n(tail)36
b(some)g(sort)g(of)g(Op)r(enSSL)h(\020BIOs\021,)g(but)g(con)n(v)n
(erting)e(Python)i(strings)e(bac)n(k)h(and)g(forth)g(is)h(exp)r(ensiv)n
-(e,)h(so)e(this)0 2551 y(shouldn't)f(b)r(e)h(used)f(unless)g(necessary)
+(e,)h(so)e(this)0 2996 y(shouldn't)f(b)r(e)h(used)f(unless)g(necessary)
-7 b(.)57 b(Other)35 b(nice)g(things)g(w)n(ould)g(b)r(e)g(to)g(b)r(e)h
(able)e(to)h(pass)g(in)g(di\033eren)n(t)g(transp)r(ort)0
-2650 y(ob)5 b(jects)41 b(for)g(reading)f(and)h(writing,)j(but)e(then)g
+3096 y(ob)5 b(jects)41 b(for)g(reading)f(and)h(writing,)j(but)e(then)g
(the)g Fm(fileno\(\))c Fr(metho)r(d)k(of)47 b Fm(SSL.Connection)36
-b Fr(b)r(ecomes)41 b(virtually)0 2750 y(useless.)36 b(Also,)27
+b Fr(b)r(ecomes)41 b(virtually)0 3196 y(useless.)36 b(Also,)27
b(should)h(the)g(metho)r(d)g(resolution)e(b)r(e)i(used)g(on)f(the)h
(read-transp)r(ort)d(or)i(the)h(write-transp)r(ort?)p
0 5549 3901 4 v 0 5649 a Fg(4.3)82 b(A)n(cessing)26 b(So)r(ck)n(et)h
diff --git a/doc/pyOpenSSL.txt b/doc/pyOpenSSL.txt
index 28e20d1..c32377b 100644
--- a/doc/pyOpenSSL.txt
+++ b/doc/pyOpenSSL.txt
@@ -663,10 +663,17 @@
Read a file with PEM-formatted certificates that will be sent to
the client when requesting a client certificate.
- load_verify_locations(pemfile)
+ load_verify_locations(pemfile, capath)
Specify where CA certificates for verification purposes are
located. These are trusted certificates. Note that the
- certificates have to be in PEM format.
+ certificates have to be in PEM format. If capath is passed, it
+ must be a directory prepared using the c_rehash tool included
+ with OpenSSL. Either, but not both, of pemfile or capath may be
+ None.
+
+ set_default_verify_paths()
+ Specify that the platform provided CA certificates are to be
+ used for verification purposes.
load_tmp_dh(dhfile)
Load parameters for Ephemeral Diffie-Hellman from dhfile.