+++ /dev/null
-From bb7d7a803665005cc72ad68a388e9e937ff3d2f6 Mon Sep 17 00:00:00 2001
-From: Josef Schlehofer <pepe.schlehofer@gmail.com>
-Date: Sat, 23 Mar 2019 21:02:17 +0100
-Subject: [PATCH] support for mbedTLS
-
----
- INSTALL.rst | 4 ++--
- doc/thread-safety.rst | 2 +-
- setup.py | 28 +++++++++++++++++++++-------
- src/module.c | 6 ++++--
- src/pycurl.h | 7 ++++++-
- src/threadsupport.c | 39 +++++++++++++++++++++++++++++++++++++++
- 6 files changed, 73 insertions(+), 13 deletions(-)
-
-diff --git a/INSTALL.rst b/INSTALL.rst
-index 8ad8b4f..da70d25 100644
---- a/INSTALL.rst
-+++ b/INSTALL.rst
-@@ -53,7 +53,7 @@ It will then fail at runtime as follows::
-
- To fix this, you need to tell ``setup.py`` what SSL backend is used::
-
-- python setup.py --with-[openssl|gnutls|nss] install
-+ python setup.py --with-[openssl|gnutls|nss|mbedtls] install
-
- Note: as of PycURL 7.21.5, setup.py accepts ``--with-openssl`` option to
- indicate that libcurl is built against OpenSSL. ``--with-ssl`` is an alias
-@@ -85,7 +85,7 @@ environment variable::
- The same applies to the SSL backend, if you need to specify it (see the SSL
- note above)::
-
-- export PYCURL_SSL_LIBRARY=[openssl|gnutls|nss]
-+ export PYCURL_SSL_LIBRARY=[openssl|gnutls|nss|mbedtls]
- easy_install pycurl
-
-
-diff --git a/doc/thread-safety.rst b/doc/thread-safety.rst
-index 5ba3f3e..ae2b9e5 100644
---- a/doc/thread-safety.rst
-+++ b/doc/thread-safety.rst
-@@ -21,7 +21,7 @@ For Python programs using PycURL, this means:
- Python code *outside of a libcurl callback for the PycURL object in question*
- is unsafe.
-
--PycURL handles the necessary SSL locks for OpenSSL/LibreSSL, GnuTLS and NSS.
-+PycURL handles the necessary SSL locks for OpenSSL/LibreSSL, GnuTLS, NSS and mbedTLS.
-
- A special situation exists when libcurl uses the standard C library
- name resolver (i.e., not threaded nor c-ares resolver). By default libcurl
-diff --git a/setup.py b/setup.py
-index e1e6925..5ab437f 100644
---- a/setup.py
-+++ b/setup.py
-@@ -143,6 +143,7 @@ class ExtensionConfiguration(object):
- '--with-ssl': self.using_openssl,
- '--with-gnutls': self.using_gnutls,
- '--with-nss': self.using_nss,
-+ '--with-mbedtls': self.using_mbedtls,
- }
-
- def detect_ssl_option(self):
-@@ -152,20 +153,20 @@ class ExtensionConfiguration(object):
- if option != other_option:
- if scan_argv(self.argv, other_option) is not None:
- raise ConfigurationError('Cannot give both %s and %s' % (option, other_option))
--
-+
- return option
-
- def detect_ssl_backend(self):
- ssl_lib_detected = False
--
-+
- if 'PYCURL_SSL_LIBRARY' in os.environ:
- ssl_lib = os.environ['PYCURL_SSL_LIBRARY']
-- if ssl_lib in ['openssl', 'gnutls', 'nss']:
-+ if ssl_lib in ['openssl', 'gnutls', 'nss', 'mbedtls']:
- ssl_lib_detected = True
- getattr(self, 'using_%s' % ssl_lib)()
- else:
- raise ConfigurationError('Invalid value "%s" for PYCURL_SSL_LIBRARY' % ssl_lib)
--
-+
- option = self.detect_ssl_option()
- if option:
- ssl_lib_detected = True
-@@ -194,6 +195,10 @@ class ExtensionConfiguration(object):
- self.using_nss()
- ssl_lib_detected = True
- break
-+ if arg[2:] == 'mbedtls':
-+ self.using_nss()
-+ ssl_lib_detected = True
-+ break
-
- if not ssl_lib_detected and len(self.argv) == len(self.original_argv) \
- and not os.environ.get('PYCURL_CURL_CONFIG') \
-@@ -201,7 +206,7 @@ class ExtensionConfiguration(object):
- # this path should only be taken when no options or
- # configuration environment variables are given to setup.py
- ssl_lib_detected = self.detect_ssl_lib_on_centos6()
--
-+
- self.ssl_lib_detected = ssl_lib_detected
-
- def curl_config(self):
-@@ -301,7 +306,7 @@ class ExtensionConfiguration(object):
- if errtext:
- msg += ":\n" + errtext
- raise ConfigurationError(msg)
--
-+
- # hack
- self.sslhintbuf = sslhintbuf
-
-@@ -327,7 +332,7 @@ specify the SSL backend manually.''')
- self.library_dirs.append(arg[2:])
- else:
- self.extra_link_args.append(arg)
--
-+
- if not self.libraries:
- self.libraries.append("curl")
-
-@@ -354,6 +359,9 @@ specify the SSL backend manually.''')
- elif ssl_version.startswith('NSS/'):
- self.using_nss()
- ssl_lib_detected = True
-+ elif ssl_version.startswith('mbedTLS/'):
-+ self.using_mbedtls()
-+ ssl_lib_detected = 'mbedtls'
- return ssl_lib_detected
-
- def detect_ssl_lib_on_centos6(self):
-@@ -505,6 +513,11 @@ specify the SSL backend manually.''')
- self.libraries.append('ssl3')
- self.define_macros.append(('HAVE_CURL_SSL', 1))
-
-+ def using_mbedtls(self):
-+ self.define_macros.append(('HAVE_CURL_MBEDTLS', 1))
-+ self.libraries.append('mbedtls')
-+ self.define_macros.append(('HAVE_CURL_SSL', 1))
-+
- def get_bdist_msi_version_hack():
- # workaround for distutils/msi version requirement per
- # epydoc.sourceforge.net/stdlib/distutils.version.StrictVersion-class.html -
-@@ -871,6 +884,7 @@ PycURL Unix options:
- --with-ssl legacy alias for --with-openssl
- --with-gnutls libcurl is linked against GnuTLS
- --with-nss libcurl is linked against NSS
-+ --with-mbedtls libcurl is linked against mbedTLS
- '''
-
- windows_help = '''\
-diff --git a/src/module.c b/src/module.c
-index 2331ae8..7fdb25a 100644
---- a/src/module.c
-+++ b/src/module.c
-@@ -328,7 +328,7 @@ initpycurl(void)
- PyObject *collections_module = NULL;
- PyObject *named_tuple = NULL;
- PyObject *arglist = NULL;
--
-+
- assert(Curl_Type.tp_weaklistoffset > 0);
- assert(CurlMulti_Type.tp_weaklistoffset > 0);
- assert(CurlShare_Type.tp_weaklistoffset > 0);
-@@ -355,6 +355,8 @@ initpycurl(void)
- runtime_ssl_lib = "gnutls";
- } else if (!strncmp(vi->ssl_version, "NSS/", 4)) {
- runtime_ssl_lib = "nss";
-+ } else if (!strncmp(vi->ssl_version, "mbedTLS/", 2)) {
-+ runtime_ssl_lib = "mbedtls";
- } else {
- runtime_ssl_lib = "none/other";
- }
-@@ -461,7 +463,7 @@ initpycurl(void)
- /* constants for ioctl callback argument values */
- insint_c(d, "IOCMD_NOP", CURLIOCMD_NOP);
- insint_c(d, "IOCMD_RESTARTREAD", CURLIOCMD_RESTARTREAD);
--
-+
- /* opensocketfunction return value */
- insint_c(d, "SOCKET_BAD", CURL_SOCKET_BAD);
-
-diff --git a/src/pycurl.h b/src/pycurl.h
-index 65290f7..2294cb8 100644
---- a/src/pycurl.h
-+++ b/src/pycurl.h
-@@ -174,6 +174,11 @@ pycurl_inet_ntop (int family, void *addr, char *string, size_t string_size);
- # define COMPILE_SSL_LIB "gnutls"
- # elif defined(HAVE_CURL_NSS)
- # define COMPILE_SSL_LIB "nss"
-+# elif defined(HAVE_CURL_MBEDTLS)
-+# include <mbedtls/ssl.h>
-+# define PYCURL_NEED_SSL_TSL
-+# define PYCURL_NEED_MBEDTLS_TSL
-+# define COMPILE_SSL_LIB "mbedtls"
- # else
- # ifdef _MSC_VER
- /* sigh */
-@@ -190,7 +195,7 @@ pycurl_inet_ntop (int family, void *addr, char *string, size_t string_size);
- /* since we have no crypto callbacks for other ssl backends,
- * no reason to require users match those */
- # define COMPILE_SSL_LIB "none/other"
--# endif /* HAVE_CURL_OPENSSL || HAVE_CURL_GNUTLS || HAVE_CURL_NSS */
-+# endif /* HAVE_CURL_OPENSSL || HAVE_CURL_GNUTLS || HAVE_CURL_NSS || HAVE_CURL_MBEDTLS */
- #else
- # define COMPILE_SSL_LIB "none/other"
- #endif /* HAVE_CURL_SSL */
-diff --git a/src/threadsupport.c b/src/threadsupport.c
-index 6ca07f5..51abffd 100644
---- a/src/threadsupport.c
-+++ b/src/threadsupport.c
-@@ -232,6 +232,45 @@ pycurl_ssl_cleanup(void)
- }
- #endif
-
-+/* mbedTLS */
-+
-+#ifdef PYCURL_NEED_MBEDTLS_TSL
-+static int
-+pycurl_ssl_mutex_create(void **m)
-+{
-+ if ((*((PyThread_type_lock *) m) = PyThread_allocate_lock()) == NULL) {
-+ return -1;
-+ } else {
-+ return 0;
-+ }
-+}
-+
-+static int
-+pycurl_ssl_mutex_destroy(void **m)
-+{
-+ PyThread_free_lock(*((PyThread_type_lock *) m));
-+ return 0;
-+}
-+
-+static int
-+pycurl_ssl_mutex_lock(void **m)
-+{
-+ return !PyThread_acquire_lock(*((PyThread_type_lock *) m), 1);
-+}
-+
-+PYCURL_INTERNAL int
-+pycurl_ssl_init(void)
-+{
-+ return 0;
-+}
-+
-+PYCURL_INTERNAL void
-+pycurl_ssl_cleanup(void)
-+{
-+ return;
-+}
-+#endif
-+
- /*************************************************************************
- // CurlShareObject
- **************************************************************************/
---
-2.17.0.windows.1
-
projects / feed / packages.git / commitdiff