Beautified lists and maps, grouped imports for easy merges in the future - no changed functionality!

* dtls/openssl.py:
	- Ordered constants according to header file from openSSL
	- Beautified __all__-list and map for _make_function() in order to easy merges in the future
	- Added a few returns in order to evaluate the success of the called methods
* dtls/patch.py: Grouped imports in the following order - system, local
* dtls/sslconnection.py: ssl protocol not hardcoded anymore for forked objects
* dtls/x509.py: logger messages working again

ChangeLog

@@ -1,3 +1,15 @@
+2017-03-17  Björn Freise  <mcfreis@gmx.net>
+
+	Beautified lists and maps, grouped imports for easy merges in the future - no changed functionality!
+
+	* dtls/openssl.py:
+		- Ordered constants according to header file from openSSL
+		- Beautified __all__-list and map for _make_function() in order to easy merges in the future
+		- Added a few returns in order to evaluate the success of the called methods
+	* dtls/patch.py: Grouped imports in the following order - system, local
+	* dtls/sslconnection.py: ssl protocol not hardcoded anymore for forked objects
+	* dtls/x509.py: logger messages working again
+
 2017-02-27  Ray Brown  <code@liquibits.com>
 
 	* dtls/openssl.py: support reading directly into given buffer instead of forcing buffer copy (for ssl module compatibility)

dtls/openssl.py

@@ -105,20 +105,25 @@ CRYPTO_LOCK = 1
 #
 # Integer constants - internal
 #
-SSL_CTRL_SET_SESS_CACHE_MODE = 44
-SSL_CTRL_SET_READ_AHEAD = 41
 SSL_CTRL_OPTIONS = 32
+SSL_CTRL_SET_READ_AHEAD = 41
+SSL_CTRL_SET_SESS_CACHE_MODE = 44
+
 BIO_CTRL_INFO = 3
 BIO_CTRL_DGRAM_SET_CONNECTED = 32
-BIO_CTRL_DGRAM_GET_PEER = 46
 BIO_CTRL_DGRAM_SET_PEER = 44
+BIO_CTRL_DGRAM_GET_PEER = 46
+
 BIO_C_SET_NBIO = 102
+
 DTLS_CTRL_GET_TIMEOUT = 73
 DTLS_CTRL_HANDLE_TIMEOUT = 74
 DTLS_CTRL_LISTEN = 75
+
 X509_NAME_MAXLEN = 256
 GETS_MAXLEN = 2048
 
+
 #
 # Parameter data types
 #
@@ -470,85 +475,99 @@ def _make_function(name, lib, args, export=True, errcheck="default"):
 
 _subst = {c_long_parm: c_long}
 _sigs = {}
-__all__ = ["BIO_NOCLOSE", "BIO_CLOSE",
+__all__ = [
-           "SSLEAY_VERSION",
+    # Constants
-           "SSL_OP_NO_COMPRESSION",
+    "BIO_NOCLOSE", "BIO_CLOSE",
-           "SSL_VERIFY_NONE", "SSL_VERIFY_PEER",
+    "SSLEAY_VERSION",
-           "SSL_VERIFY_FAIL_IF_NO_PEER_CERT", "SSL_VERIFY_CLIENT_ONCE",
+    "SSL_OP_NO_COMPRESSION",
-           "SSL_SESS_CACHE_OFF", "SSL_SESS_CACHE_CLIENT",
+    "SSL_VERIFY_NONE", "SSL_VERIFY_PEER",
-           "SSL_SESS_CACHE_SERVER", "SSL_SESS_CACHE_BOTH",
+    "SSL_VERIFY_FAIL_IF_NO_PEER_CERT", "SSL_VERIFY_CLIENT_ONCE",
-           "SSL_SESS_CACHE_NO_AUTO_CLEAR", "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP",
+    "SSL_SESS_CACHE_OFF", "SSL_SESS_CACHE_CLIENT",
-           "SSL_SESS_CACHE_NO_INTERNAL_STORE", "SSL_SESS_CACHE_NO_INTERNAL",
+    "SSL_SESS_CACHE_SERVER", "SSL_SESS_CACHE_BOTH",
-           "SSL_FILE_TYPE_PEM",
+    "SSL_SESS_CACHE_NO_AUTO_CLEAR", "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP",
-           "GEN_DIRNAME", "NID_subject_alt_name",
+    "SSL_SESS_CACHE_NO_INTERNAL_STORE", "SSL_SESS_CACHE_NO_INTERNAL",
-           "CRYPTO_LOCK",
+    "SSL_FILE_TYPE_PEM",
-           "CRYPTO_set_locking_callback",
+    "GEN_DIRNAME", "NID_subject_alt_name",
-           "DTLSv1_get_timeout", "DTLSv1_handle_timeout",
+    "CRYPTO_LOCK",
-           "DTLSv1_listen",
+    # Methods
-           "BIO_gets", "BIO_read", "BIO_get_mem_data",
+    "CRYPTO_set_locking_callback",
-           "BIO_dgram_set_connected",
+    "DTLSv1_get_timeout", "DTLSv1_handle_timeout",
-           "BIO_dgram_get_peer", "BIO_dgram_set_peer",
+    "DTLSv1_listen",
-           "BIO_set_nbio",
+    "BIO_gets", "BIO_read", "BIO_get_mem_data",
-           "SSL_CTX_set_session_cache_mode", "SSL_CTX_set_read_ahead",
+    "BIO_dgram_set_connected",
-           "SSL_CTX_set_options",
+    "BIO_dgram_get_peer", "BIO_dgram_set_peer",
-           "SSL_read", "SSL_write",
+    "BIO_set_nbio",
-           "SSL_CTX_set_cookie_cb",
+    "SSL_CTX_set_session_cache_mode", "SSL_CTX_set_read_ahead",
-           "OBJ_obj2txt", "decode_ASN1_STRING", "ASN1_TIME_print",
+    "SSL_CTX_set_options",
-           "X509_get_notAfter",
+    "SSL_read", "SSL_write",
-           "ASN1_item_d2i", "GENERAL_NAME_print",
+    "SSL_CTX_set_cookie_cb",
-           "sk_value",
+    "OBJ_obj2txt", "decode_ASN1_STRING", "ASN1_TIME_print",
-           "sk_pop_free",
+    "X509_get_notAfter",
-           "i2d_X509"]  # note: the following map adds to this list
+    "ASN1_item_d2i", "GENERAL_NAME_print",
+    "sk_value",
+    "sk_pop_free",
+    "i2d_X509",
+]  # note: the following map adds to this list
 
 map(lambda x: _make_function(*x), (
-    ("SSL_library_init", libssl, ((c_int, "ret"),)),
+    ("SSL_library_init", libssl,
-    ("SSL_load_error_strings", libssl, ((None, "ret"),)),
+     ((c_int, "ret"),)),
-    ("SSLeay", libcrypto, ((c_long_parm, "ret"),)),
+    ("SSL_load_error_strings", libssl,
-    ("SSLeay_version", libcrypto, ((c_char_p, "ret"), (c_int, "t"))),
+     ((None, "ret"),)),
+    ("SSLeay", libcrypto,
+     ((c_long_parm, "ret"),)),
+    ("SSLeay_version", libcrypto,
+     ((c_char_p, "ret"), (c_int, "t"))),
     ("CRYPTO_set_locking_callback", libcrypto,
      ((None, "ret"), (c_void_p, "func")), False),
-    ("CRYPTO_get_id_callback", libcrypto, ((c_void_p, "ret"),), True, None),
+    ("CRYPTO_get_id_callback", libcrypto,
-    ("CRYPTO_num_locks", libcrypto, ((c_int, "ret"),)),
+     ((c_void_p, "ret"),), True, None),
-    ("DTLSv1_server_method", libssl, ((DTLSv1Method, "ret"),)),
+    ("CRYPTO_num_locks", libcrypto,
-    ("DTLSv1_client_method", libssl, ((DTLSv1Method, "ret"),)),
+     ((c_int, "ret"),)),
-    ("SSL_CTX_new", libssl, ((SSLCTX, "ret"), (DTLSv1Method, "meth"))),
+    ("DTLSv1_server_method", libssl,
-    ("SSL_CTX_free", libssl, ((None, "ret"), (SSLCTX, "ctx"))),
+     ((DTLSv1Method, "ret"),)),
+    ("DTLSv1_client_method", libssl,
+     ((DTLSv1Method, "ret"),)),
+    ("SSL_CTX_new", libssl,
+     ((SSLCTX, "ret"), (DTLSv1Method, "meth"))),
+    ("SSL_CTX_free", libssl,
+     ((None, "ret"), (SSLCTX, "ctx"))),
     ("SSL_CTX_set_cookie_generate_cb", libssl,
      ((None, "ret"), (SSLCTX, "ctx"), (c_void_p, "app_gen_cookie_cb")), False),
     ("SSL_CTX_set_cookie_verify_cb", libssl,
-     ((None, "ret"), (SSLCTX, "ctx"), (c_void_p, "app_verify_cookie_cb")),
+     ((None, "ret"), (SSLCTX, "ctx"), (c_void_p, "app_verify_cookie_cb")), False),
-     False),
+    ("SSL_new", libssl,
-    ("SSL_new", libssl, ((SSL, "ret"), (SSLCTX, "ctx"))),
+     ((SSL, "ret"), (SSLCTX, "ctx"))),
-    ("SSL_free", libssl, ((None, "ret"), (SSL, "ssl"))),
+    ("SSL_free", libssl,
+     ((None, "ret"), (SSL, "ssl"))),
     ("SSL_set_bio", libssl,
      ((None, "ret"), (SSL, "ssl"), (BIO, "rbio"), (BIO, "wbio"))),
-    ("BIO_new", libcrypto, ((BIO, "ret"), (BIO_METHOD, "type"))),
+    ("BIO_new", libcrypto,
-    ("BIO_s_mem", libcrypto, ((BIO_METHOD, "ret"),)),
+     ((BIO, "ret"), (BIO_METHOD, "type"))),
+    ("BIO_s_mem", libcrypto,
+     ((BIO_METHOD, "ret"),)),
     ("BIO_new_file", libcrypto,
      ((BIO, "ret"), (c_char_p, "filename"), (c_char_p, "mode"))),
     ("BIO_new_dgram", libcrypto,
      ((BIO, "ret"), (c_int, "fd"), (c_int, "close_flag"))),
-    ("BIO_free", libcrypto, ((c_int, "ret"), (BIO, "a"))),
+    ("BIO_free", libcrypto,
+     ((c_int, "ret"), (BIO, "a"))),
     ("BIO_gets", libcrypto,
-     ((c_int, "ret"), (BIO, "b"), (POINTER(c_char), "buf"), (c_int, "size")),
+     ((c_int, "ret"), (BIO, "b"), (POINTER(c_char), "buf"), (c_int, "size")), False),
-     False),
     ("BIO_read", libcrypto,
      ((c_int, "ret"), (BIO, "b"), (c_void_p, "buf"), (c_int, "len")), False),
     ("SSL_CTX_ctrl", libssl,
-     ((c_long_parm, "ret"), (SSLCTX, "ctx"), (c_int, "cmd"), (c_long, "larg"),
+     ((c_long_parm, "ret"), (SSLCTX, "ctx"), (c_int, "cmd"), (c_long, "larg"), (c_void_p, "parg")), False),
-      (c_void_p, "parg")), False),
     ("BIO_ctrl", libcrypto,
-     ((c_long_parm, "ret"), (BIO, "bp"), (c_int, "cmd"), (c_long, "larg"),
+     ((c_long_parm, "ret"), (BIO, "bp"), (c_int, "cmd"), (c_long, "larg"), (c_void_p, "parg")), False),
-      (c_void_p, "parg")), False),
     ("SSL_ctrl", libssl,
-     ((c_long_parm, "ret"), (SSL, "ssl"), (c_int, "cmd"), (c_long, "larg"),
+     ((c_long_parm, "ret"), (SSL, "ssl"), (c_int, "cmd"), (c_long, "larg"), (c_void_p, "parg")), False),
-      (c_void_p, "parg")), False),
+    ("ERR_get_error", libcrypto,
-    ("ERR_get_error", libcrypto, ((c_long_parm, "ret"),), False),
+     ((c_long_parm, "ret"),), False),
     ("ERR_error_string_n", libcrypto,
-     ((None, "ret"), (c_ulong, "e"), (c_char_p, "buf"), (c_size_t, "len")),
+     ((None, "ret"), (c_ulong, "e"), (c_char_p, "buf"), (c_size_t, "len")), False),
-     False),
+    ("SSL_get_error", libssl,
-    ("SSL_get_error", libssl, ((c_int, "ret"), (SSL, "ssl"), (c_int, "ret")),
+     ((c_int, "ret"), (SSL, "ssl"), (c_int, "ret")), False, None),
-     False, None),
     ("SSL_CTX_set_cipher_list", libssl,
      ((c_int, "ret"), (SSLCTX, "ctx"), (c_char_p, "str"))),
     ("SSL_CTX_use_certificate_file", libssl,
@@ -558,36 +577,41 @@ map(lambda x: _make_function(*x), (
     ("SSL_CTX_use_PrivateKey_file", libssl,
      ((c_int, "ret"), (SSLCTX, "ctx"), (c_char_p, "file"), (c_int, "type"))),
     ("SSL_CTX_load_verify_locations", libssl,
-     ((c_int, "ret"), (SSLCTX, "ctx"), (c_char_p, "CAfile"),
+     ((c_int, "ret"), (SSLCTX, "ctx"), (c_char_p, "CAfile"), (c_char_p, "CApath"))),
-      (c_char_p, "CApath"))),
     ("SSL_CTX_set_verify", libssl,
-     ((None, "ret"), (SSLCTX, "ctx"), (c_int, "mode"),
+     ((None, "ret"), (SSLCTX, "ctx"), (c_int, "mode"), (c_void_p, "verify_callback", 1, None))),
-      (c_void_p, "verify_callback", 1, None))),
+    ("SSL_accept", libssl,
-    ("SSL_accept", libssl, ((c_int, "ret"), (SSL, "ssl"))),
+     ((c_int, "ret"), (SSL, "ssl"))),
-    ("SSL_connect", libssl, ((c_int, "ret"), (SSL, "ssl"))),
+    ("SSL_connect", libssl,
-    ("SSL_set_connect_state", libssl, ((None, "ret"), (SSL, "ssl"))),
+     ((c_int, "ret"), (SSL, "ssl"))),
-    ("SSL_set_accept_state", libssl, ((None, "ret"), (SSL, "ssl"))),
+    ("SSL_set_connect_state", libssl,
-    ("SSL_do_handshake", libssl, ((c_int, "ret"), (SSL, "ssl"))),
+     ((None, "ret"), (SSL, "ssl"))),
-    ("SSL_get_peer_certificate", libssl, ((X509, "ret"), (SSL, "ssl"))),
+    ("SSL_set_accept_state", libssl,
+     ((None, "ret"), (SSL, "ssl"))),
+    ("SSL_do_handshake", libssl,
+     ((c_int, "ret"), (SSL, "ssl"))),
+    ("SSL_get_peer_certificate", libssl,
+     ((X509, "ret"), (SSL, "ssl"))),
     ("SSL_read", libssl,
      ((c_int, "ret"), (SSL, "ssl"), (c_void_p, "buf"), (c_int, "num")), False),
     ("SSL_write", libssl,
      ((c_int, "ret"), (SSL, "ssl"), (c_void_p, "buf"), (c_int, "num")), False),
-    ("SSL_pending", libssl, ((c_int, "ret"), (SSL, "ssl")), True, None),
+    ("SSL_pending", libssl,
-    ("SSL_shutdown", libssl, ((c_int, "ret"), (SSL, "ssl"))),
+     ((c_int, "ret"), (SSL, "ssl")), True, None),
+    ("SSL_shutdown", libssl,
+     ((c_int, "ret"), (SSL, "ssl"))),
     ("SSL_set_read_ahead", libssl,
      ((None, "ret"), (SSL, "ssl"), (c_int, "yes"))),
-    ("X509_free", libcrypto, ((None, "ret"), (X509, "a"))),
+    ("X509_free", libcrypto,
+     ((None, "ret"), (X509, "a"))),
     ("PEM_read_bio_X509_AUX", libcrypto,
-     ((X509, "ret"), (BIO, "bp"), (c_void_p, "x", 1, None),
+     ((X509, "ret"), (BIO, "bp"), (c_void_p, "x", 1, None), (c_void_p, "cb", 1, None), (c_void_p, "u", 1, None))),
-      (c_void_p, "cb", 1, None), (c_void_p, "u", 1, None))),
     ("OBJ_obj2txt", libcrypto,
-     ((c_int, "ret"), (POINTER(c_char), "buf"), (c_int, "buf_len"),
+     ((c_int, "ret"), (POINTER(c_char), "buf"), (c_int, "buf_len"), (ASN1_OBJECT, "a"), (c_int, "no_name")), False),
-      (ASN1_OBJECT, "a"), (c_int, "no_name")), False),
+    ("CRYPTO_free", libcrypto,
-    ("CRYPTO_free", libcrypto, ((None, "ret"), (c_void_p, "ptr"))),
+     ((None, "ret"), (c_void_p, "ptr"))),
     ("ASN1_STRING_to_UTF8", libcrypto,
-     ((c_int, "ret"), (POINTER(POINTER(c_ubyte)), "out"), (ASN1_STRING, "in")),
+     ((c_int, "ret"), (POINTER(POINTER(c_ubyte)), "out"), (ASN1_STRING, "in")), False),
-     False),
     ("X509_NAME_entry_count", libcrypto,
      ((c_int, "ret"), (POINTER(X509_name_st), "name")), True, None),
     ("X509_NAME_get_entry", libcrypto,
@@ -602,34 +626,31 @@ map(lambda x: _make_function(*x), (
     ("ASN1_TIME_print", libcrypto,
      ((c_int, "ret"), (BIO, "fp"), (ASN1_TIME, "a")), False),
     ("X509_get_ext_by_NID", libcrypto,
-     ((c_int, "ret"), (X509, "x"), (c_int, "nid"), (c_int, "lastpos")),
+     ((c_int, "ret"), (X509, "x"), (c_int, "nid"), (c_int, "lastpos")), True, None),
-     True, None),
     ("X509_get_ext", libcrypto,
-     ((POINTER(X509_EXTENSION), "ret"), (X509, "x"), (c_int, "loc")),
+     ((POINTER(X509_EXTENSION), "ret"), (X509, "x"), (c_int, "loc")), True, errcheck_p),
-     True, errcheck_p),
     ("X509V3_EXT_get", libcrypto,
-     ((POINTER(X509V3_EXT_METHOD), "ret"), (POINTER(X509_EXTENSION), "ext")),
+     ((POINTER(X509V3_EXT_METHOD), "ret"), (POINTER(X509_EXTENSION), "ext")), True, errcheck_p),
-     True, errcheck_p),
     ("ASN1_item_d2i", libcrypto,
-     ((c_void_p, "ret"), (c_void_p, "val"), (POINTER(POINTER(c_ubyte)), "in"),
+     ((c_void_p, "ret"), (c_void_p, "val"), (POINTER(POINTER(c_ubyte)), "in"), (c_long, "len"), (c_void_p, "it")), False, None),
-      (c_long, "len"), (c_void_p, "it")), False, None),
+    ("sk_num", libcrypto,
-    ("sk_num", libcrypto, ((c_int, "ret"), (STACK, "stack")), True, None),
+     ((c_int, "ret"), (STACK, "stack")), True, None),
     ("sk_value", libcrypto,
      ((c_void_p, "ret"), (STACK, "stack"), (c_int, "loc")), False),
     ("GENERAL_NAME_print", libcrypto,
      ((c_int, "ret"), (BIO, "out"), (POINTER(GENERAL_NAME), "gen")), False),
     ("sk_pop_free", libcrypto,
      ((None, "ret"), (STACK, "st"), (c_void_p, "func")), False),
-    ("i2d_X509_bio", libcrypto, ((c_int, "ret"), (BIO, "bp"), (X509, "x")),
+    ("i2d_X509_bio", libcrypto,
-     False),
+     ((c_int, "ret"), (BIO, "bp"), (X509, "x")), False),
-    ("SSL_get_current_cipher", libssl, ((SSL_CIPHER, "ret"), (SSL, "ssl"))),
+    ("SSL_get_current_cipher", libssl,
+     ((SSL_CIPHER, "ret"), (SSL, "ssl"))),
     ("SSL_CIPHER_get_name", libssl,
      ((c_char_p, "ret"), (SSL_CIPHER, "cipher"))),
     ("SSL_CIPHER_get_version", libssl,
      ((c_char_p, "ret"), (SSL_CIPHER, "cipher"))),
     ("SSL_CIPHER_get_bits", libssl,
-     ((c_int, "ret"), (SSL_CIPHER, "cipher"),
+     ((c_int, "ret"), (SSL_CIPHER, "cipher"), (POINTER(c_int), "alg_bits", 1, None)), True, None),
-      (POINTER(c_int), "alg_bits", 1, None)), True, None),
     ))
 
 #
@@ -650,15 +671,15 @@ def CRYPTO_set_locking_callback(locking_function):
 
 def SSL_CTX_set_session_cache_mode(ctx, mode):
     # Returns the previous value of mode
-    _SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, mode, None)
+    return _SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, mode, None)
 
 def SSL_CTX_set_read_ahead(ctx, m):
     # Returns the previous value of m
-    _SSL_CTX_ctrl(ctx, SSL_CTRL_SET_READ_AHEAD, m, None)
+    return _SSL_CTX_ctrl(ctx, SSL_CTRL_SET_READ_AHEAD, m, None)
 
 def SSL_CTX_set_options(ctx, options):
     # Returns the new option bitmaks after adding the given options
-    _SSL_CTX_ctrl(ctx, SSL_CTRL_OPTIONS, options, None)
+    return _SSL_CTX_ctrl(ctx, SSL_CTRL_OPTIONS, options, None)
 
 _rint_voidp_ubytep_uintp = CFUNCTYPE(c_int, c_void_p, POINTER(c_ubyte),
                                      POINTER(c_uint))
@@ -693,7 +714,7 @@ def SSL_CTX_set_cookie_cb(ctx, generate, verify):
 
 def BIO_dgram_set_connected(bio, peer_address):
     su = sockaddr_u_from_addr_tuple(peer_address)
-    _BIO_ctrl(bio, BIO_CTRL_DGRAM_SET_CONNECTED, 0, byref(su))
+    return _BIO_ctrl(bio, BIO_CTRL_DGRAM_SET_CONNECTED, 0, byref(su))
 
 def BIO_dgram_get_peer(bio):
     su = sockaddr_u()
@@ -702,10 +723,10 @@ def BIO_dgram_get_peer(bio):
 
 def BIO_dgram_set_peer(bio, peer_address):
     su = sockaddr_u_from_addr_tuple(peer_address)
-    _BIO_ctrl(bio, BIO_CTRL_DGRAM_SET_PEER, 0, byref(su))
+    return _BIO_ctrl(bio, BIO_CTRL_DGRAM_SET_PEER, 0, byref(su))
 
 def BIO_set_nbio(bio, n):
-    _BIO_ctrl(bio, BIO_C_SET_NBIO, 1 if n else 0, None)
+    return _BIO_ctrl(bio, BIO_C_SET_NBIO, 1 if n else 0, None)
 
 def DTLSv1_get_timeout(ssl):
     tv = TIMEVAL()
@@ -727,7 +748,7 @@ def DTLSv1_handle_timeout(ssl):
     assert ret < 0
     if ret > 0:
         ret = -10
-    errcheck_p(ret, _SSL_ctrl, (ssl, DTLS_CTRL_HANDLE_TIMEOUT, 0, None))
+    return errcheck_p(ret, _SSL_ctrl, (ssl, DTLS_CTRL_HANDLE_TIMEOUT, 0, None))
 
 def DTLSv1_listen(ssl):
     su = sockaddr_u()

dtls/patch.py

@@ -34,16 +34,17 @@ has the following effects:
       PROTOCOL_DTLSv1 for the parameter ssl_version is supported
 """
 
-from socket import SOCK_DGRAM, socket, _delegate_methods, error as socket_error
+from socket import socket, getaddrinfo, _delegate_methods, error as socket_error
-from socket import AF_INET, SOCK_STREAM, SOCK_DGRAM, getaddrinfo
+from socket import AF_INET, SOCK_STREAM, SOCK_DGRAM
-from sslconnection import SSLConnection, PROTOCOL_DTLSv1, CERT_NONE
-from sslconnection import DTLS_OPENSSL_VERSION_NUMBER, DTLS_OPENSSL_VERSION
-from sslconnection import DTLS_OPENSSL_VERSION_INFO
-from err import raise_as_ssl_module_error
 from types import MethodType
 from weakref import proxy
 import errno
 
+from sslconnection import SSLConnection, PROTOCOL_DTLSv1, CERT_NONE
+from sslconnection import DTLS_OPENSSL_VERSION_NUMBER, DTLS_OPENSSL_VERSION, DTLS_OPENSSL_VERSION_INFO
+from err import raise_as_ssl_module_error
+
+
 def do_patch():
     import ssl as _ssl  # import to be avoided if ssl module is never patched
     global _orig_SSLSocket_init, _orig_get_server_certificate
@@ -76,7 +77,7 @@ def _get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
     if ssl_version != PROTOCOL_DTLSv1:
         return _orig_get_server_certificate(addr, ssl_version, ca_certs)
 
-    if (ca_certs is not None):
+    if ca_certs is not None:
         cert_reqs = ssl.CERT_REQUIRED
     else:
         cert_reqs = ssl.CERT_NONE

dtls/sslconnection.py

@@ -48,6 +48,7 @@ from logging import getLogger
 from os import urandom
 from select import select
 from weakref import proxy
+
 from err import openssl_error, InvalidSocketError
 from err import raise_ssl_error
 from err import SSL_ERROR_WANT_READ, SSL_ERROR_SYSCALL
@@ -334,6 +335,7 @@ class SSLConnection(object):
         self._keyfile = keyfile
         self._certfile = certfile
         self._cert_reqs = cert_reqs
+        self._ssl_version = ssl_version
         self._ca_certs = ca_certs
         self._do_handshake_on_connect = do_handshake_on_connect
         self._suppress_ragged_eofs = suppress_ragged_eofs
@@ -462,7 +464,7 @@ class SSLConnection(object):
                 _logger.debug("Accept returning without connection")
                 return
         new_conn = SSLConnection(self, self._keyfile, self._certfile, True,
-                                 self._cert_reqs, PROTOCOL_DTLSv1,
+                                 self._cert_reqs, self._ssl_version,
                                  self._ca_certs, self._do_handshake_on_connect,
                                  self._suppress_ragged_eofs, self._ciphers)
         new_peer = self._pending_peer_address

dtls/x509.py

@@ -43,7 +43,7 @@ class _X509(_Rsrc):
         super(_X509, self).__init__(value)
 
     def __del__(self):
-        _logger.debug("Freeing X509: %d", self._value._as_parameter)
+        _logger.debug("Freeing X509: %d", self.raw)
         X509_free(self._value)
         self._value = None
 
@@ -54,11 +54,10 @@ class _STACK(_Rsrc):
         super(_STACK, self).__init__(value)
 
     def __del__(self):
-        _logger.debug("Freeing stack: %d", self._value._as_parameter)
+        _logger.debug("Freeing stack: %d", self.raw)
         sk_pop_free(self._value)
         self._value = None
 
-
 def decode_cert(cert):
     """Convert an X509 certificate into a Python dictionary