Beautified lists and maps, grouped imports for easy merges in the future - no changed functionality!

* dtls/openssl.py: - Ordered constants according to header file from openSSL - Beautified __all__-list and map for _make_function() in order to easy merges in the future - Added a few returns in order to evaluate the success of the called methods * dtls/patch.py: Grouped imports in the following order - system, local * dtls/sslconnection.py: ssl protocol not hardcoded anymore for forked objects * dtls/x509.py: logger messages working again
2017-03-20 14:14:14 +01:00 · 2017-03-20 14:14:14 +01:00 · b4911f4949
parent 1c7bdcad16
commit b4911f4949
5 changed files with 305 additions and 270 deletions
--- a/12
+++ b/12
@ -1,3 +1,15 @@
 2017-03-17  Björn Freise  <mcfreis@gmx.net>
 	Beautified lists and maps, grouped imports for easy merges in the future - no changed functionality!
 	* dtls/openssl.py:
 		- Ordered constants according to header file from openSSL
 		- Beautified __all__-list and map for _make_function() in order to easy merges in the future
 		- Added a few returns in order to evaluate the success of the called methods
 	* dtls/patch.py: Grouped imports in the following order - system, local
 	* dtls/sslconnection.py: ssl protocol not hardcoded anymore for forked objects
 	* dtls/x509.py: logger messages working again
 2017-02-27  Ray Brown  <code@liquibits.com>
 	* dtls/openssl.py: support reading directly into given buffer instead of forcing buffer copy (for ssl module compatibility)
--- a/dtls/openssl.py
+++ b/dtls/openssl.py
@ -102,26 +102,31 @@ GEN_DIRNAME = 4
 NID_subject_alt_name = 85
 CRYPTO_LOCK = 1
-#
+#
-# Integer constants - internal
+# Integer constants - internal
-#
+#
-SSL_CTRL_SET_SESS_CACHE_MODE = 44
+SSL_CTRL_OPTIONS = 32
-SSL_CTRL_SET_READ_AHEAD = 41
+SSL_CTRL_SET_READ_AHEAD = 41
-SSL_CTRL_OPTIONS = 32
+SSL_CTRL_SET_SESS_CACHE_MODE = 44
-BIO_CTRL_INFO = 3
+
-BIO_CTRL_DGRAM_SET_CONNECTED = 32
+BIO_CTRL_INFO = 3
-BIO_CTRL_DGRAM_GET_PEER = 46
+BIO_CTRL_DGRAM_SET_CONNECTED = 32
-BIO_CTRL_DGRAM_SET_PEER = 44
+BIO_CTRL_DGRAM_SET_PEER = 44
-BIO_C_SET_NBIO = 102
+BIO_CTRL_DGRAM_GET_PEER = 46
-DTLS_CTRL_GET_TIMEOUT = 73
+
-DTLS_CTRL_HANDLE_TIMEOUT = 74
+BIO_C_SET_NBIO = 102
-DTLS_CTRL_LISTEN = 75
+
-X509_NAME_MAXLEN = 256
+DTLS_CTRL_GET_TIMEOUT = 73
-GETS_MAXLEN = 2048
+DTLS_CTRL_HANDLE_TIMEOUT = 74
-
+DTLS_CTRL_LISTEN = 75
-#
+
-# Parameter data types
+X509_NAME_MAXLEN = 256
-#
+GETS_MAXLEN = 2048
 #
 # Parameter data types
 #
 class c_long_parm(object):
    """Long integer paramter class
@ -467,130 +472,149 @@ def _make_function(name, lib, args, export=True, errcheck="default"):
    if errcheck:
        func.errcheck = errcheck
    globals()[glbl_name] = func
-
+
-_subst = {c_long_parm: c_long}
+_subst = {c_long_parm: c_long}
-_sigs = {}
+_sigs = {}
-__all__ = ["BIO_NOCLOSE", "BIO_CLOSE",
+__all__ = [
-           "SSLEAY_VERSION",
+    # Constants
-           "SSL_OP_NO_COMPRESSION",
+    "BIO_NOCLOSE", "BIO_CLOSE",
-           "SSL_VERIFY_NONE", "SSL_VERIFY_PEER",
+    "SSLEAY_VERSION",
-           "SSL_VERIFY_FAIL_IF_NO_PEER_CERT", "SSL_VERIFY_CLIENT_ONCE",
+    "SSL_OP_NO_COMPRESSION",
-           "SSL_SESS_CACHE_OFF", "SSL_SESS_CACHE_CLIENT",
+    "SSL_VERIFY_NONE", "SSL_VERIFY_PEER",
-           "SSL_SESS_CACHE_SERVER", "SSL_SESS_CACHE_BOTH",
+    "SSL_VERIFY_FAIL_IF_NO_PEER_CERT", "SSL_VERIFY_CLIENT_ONCE",
-           "SSL_SESS_CACHE_NO_AUTO_CLEAR", "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP",
+    "SSL_SESS_CACHE_OFF", "SSL_SESS_CACHE_CLIENT",
-           "SSL_SESS_CACHE_NO_INTERNAL_STORE", "SSL_SESS_CACHE_NO_INTERNAL",
+    "SSL_SESS_CACHE_SERVER", "SSL_SESS_CACHE_BOTH",
-           "SSL_FILE_TYPE_PEM",
+    "SSL_SESS_CACHE_NO_AUTO_CLEAR", "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP",
-           "GEN_DIRNAME", "NID_subject_alt_name",
+    "SSL_SESS_CACHE_NO_INTERNAL_STORE", "SSL_SESS_CACHE_NO_INTERNAL",
-           "CRYPTO_LOCK",
+    "SSL_FILE_TYPE_PEM",
-           "CRYPTO_set_locking_callback",
+    "GEN_DIRNAME", "NID_subject_alt_name",
-           "DTLSv1_get_timeout", "DTLSv1_handle_timeout",
+    "CRYPTO_LOCK",
-           "DTLSv1_listen",
+    # Methods
-           "BIO_gets", "BIO_read", "BIO_get_mem_data",
+    "CRYPTO_set_locking_callback",
-           "BIO_dgram_set_connected",
+    "DTLSv1_get_timeout", "DTLSv1_handle_timeout",
-           "BIO_dgram_get_peer", "BIO_dgram_set_peer",
+    "DTLSv1_listen",
-           "BIO_set_nbio",
+    "BIO_gets", "BIO_read", "BIO_get_mem_data",
-           "SSL_CTX_set_session_cache_mode", "SSL_CTX_set_read_ahead",
+    "BIO_dgram_set_connected",
-           "SSL_CTX_set_options",
+    "BIO_dgram_get_peer", "BIO_dgram_set_peer",
-           "SSL_read", "SSL_write",
+    "BIO_set_nbio",
-           "SSL_CTX_set_cookie_cb",
+    "SSL_CTX_set_session_cache_mode", "SSL_CTX_set_read_ahead",
-           "OBJ_obj2txt", "decode_ASN1_STRING", "ASN1_TIME_print",
+    "SSL_CTX_set_options",
-           "X509_get_notAfter",
+    "SSL_read", "SSL_write",
-           "ASN1_item_d2i", "GENERAL_NAME_print",
+    "SSL_CTX_set_cookie_cb",
-           "sk_value",
+    "OBJ_obj2txt", "decode_ASN1_STRING", "ASN1_TIME_print",
-           "sk_pop_free",
+    "X509_get_notAfter",
-           "i2d_X509"]  # note: the following map adds to this list
+    "ASN1_item_d2i", "GENERAL_NAME_print",
-
+    "sk_value",
-map(lambda x: _make_function(*x), (
+    "sk_pop_free",
-    ("SSL_library_init", libssl, ((c_int, "ret"),)),
+    "i2d_X509",
-    ("SSL_load_error_strings", libssl, ((None, "ret"),)),
+]  # note: the following map adds to this list
-    ("SSLeay", libcrypto, ((c_long_parm, "ret"),)),
+
-    ("SSLeay_version", libcrypto, ((c_char_p, "ret"), (c_int, "t"))),
+map(lambda x: _make_function(*x), (
-    ("CRYPTO_set_locking_callback", libcrypto,
+    ("SSL_library_init", libssl,
-     ((None, "ret"), (c_void_p, "func")), False),
+     ((c_int, "ret"),)),
-    ("CRYPTO_get_id_callback", libcrypto, ((c_void_p, "ret"),), True, None),
+    ("SSL_load_error_strings", libssl,
-    ("CRYPTO_num_locks", libcrypto, ((c_int, "ret"),)),
+     ((None, "ret"),)),
-    ("DTLSv1_server_method", libssl, ((DTLSv1Method, "ret"),)),
+    ("SSLeay", libcrypto,
-    ("DTLSv1_client_method", libssl, ((DTLSv1Method, "ret"),)),
+     ((c_long_parm, "ret"),)),
-    ("SSL_CTX_new", libssl, ((SSLCTX, "ret"), (DTLSv1Method, "meth"))),
+    ("SSLeay_version", libcrypto,
-    ("SSL_CTX_free", libssl, ((None, "ret"), (SSLCTX, "ctx"))),
+     ((c_char_p, "ret"), (c_int, "t"))),
-    ("SSL_CTX_set_cookie_generate_cb", libssl,
+    ("CRYPTO_set_locking_callback", libcrypto,
-     ((None, "ret"), (SSLCTX, "ctx"), (c_void_p, "app_gen_cookie_cb")), False),
+     ((None, "ret"), (c_void_p, "func")), False),
-    ("SSL_CTX_set_cookie_verify_cb", libssl,
+    ("CRYPTO_get_id_callback", libcrypto,
-     ((None, "ret"), (SSLCTX, "ctx"), (c_void_p, "app_verify_cookie_cb")),
+     ((c_void_p, "ret"),), True, None),
-     False),
+    ("CRYPTO_num_locks", libcrypto,
-    ("SSL_new", libssl, ((SSL, "ret"), (SSLCTX, "ctx"))),
+     ((c_int, "ret"),)),
-    ("SSL_free", libssl, ((None, "ret"), (SSL, "ssl"))),
+    ("DTLSv1_server_method", libssl,
-    ("SSL_set_bio", libssl,
+     ((DTLSv1Method, "ret"),)),
-     ((None, "ret"), (SSL, "ssl"), (BIO, "rbio"), (BIO, "wbio"))),
+    ("DTLSv1_client_method", libssl,
-    ("BIO_new", libcrypto, ((BIO, "ret"), (BIO_METHOD, "type"))),
+     ((DTLSv1Method, "ret"),)),
-    ("BIO_s_mem", libcrypto, ((BIO_METHOD, "ret"),)),
+    ("SSL_CTX_new", libssl,
-    ("BIO_new_file", libcrypto,
+     ((SSLCTX, "ret"), (DTLSv1Method, "meth"))),
-     ((BIO, "ret"), (c_char_p, "filename"), (c_char_p, "mode"))),
+    ("SSL_CTX_free", libssl,
-    ("BIO_new_dgram", libcrypto,
+     ((None, "ret"), (SSLCTX, "ctx"))),
-     ((BIO, "ret"), (c_int, "fd"), (c_int, "close_flag"))),
+    ("SSL_CTX_set_cookie_generate_cb", libssl,
-    ("BIO_free", libcrypto, ((c_int, "ret"), (BIO, "a"))),
+     ((None, "ret"), (SSLCTX, "ctx"), (c_void_p, "app_gen_cookie_cb")), False),
-    ("BIO_gets", libcrypto,
+    ("SSL_CTX_set_cookie_verify_cb", libssl,
-     ((c_int, "ret"), (BIO, "b"), (POINTER(c_char), "buf"), (c_int, "size")),
+     ((None, "ret"), (SSLCTX, "ctx"), (c_void_p, "app_verify_cookie_cb")), False),
-     False),
+    ("SSL_new", libssl,
-    ("BIO_read", libcrypto,
+     ((SSL, "ret"), (SSLCTX, "ctx"))),
-     ((c_int, "ret"), (BIO, "b"), (c_void_p, "buf"), (c_int, "len")), False),
+    ("SSL_free", libssl,
-    ("SSL_CTX_ctrl", libssl,
+     ((None, "ret"), (SSL, "ssl"))),
-     ((c_long_parm, "ret"), (SSLCTX, "ctx"), (c_int, "cmd"), (c_long, "larg"),
+    ("SSL_set_bio", libssl,
-      (c_void_p, "parg")), False),
+     ((None, "ret"), (SSL, "ssl"), (BIO, "rbio"), (BIO, "wbio"))),
-    ("BIO_ctrl", libcrypto,
+    ("BIO_new", libcrypto,
-     ((c_long_parm, "ret"), (BIO, "bp"), (c_int, "cmd"), (c_long, "larg"),
+     ((BIO, "ret"), (BIO_METHOD, "type"))),
-      (c_void_p, "parg")), False),
+    ("BIO_s_mem", libcrypto,
-    ("SSL_ctrl", libssl,
+     ((BIO_METHOD, "ret"),)),
-     ((c_long_parm, "ret"), (SSL, "ssl"), (c_int, "cmd"), (c_long, "larg"),
+    ("BIO_new_file", libcrypto,
-      (c_void_p, "parg")), False),
+     ((BIO, "ret"), (c_char_p, "filename"), (c_char_p, "mode"))),
-    ("ERR_get_error", libcrypto, ((c_long_parm, "ret"),), False),
+    ("BIO_new_dgram", libcrypto,
-    ("ERR_error_string_n", libcrypto,
+     ((BIO, "ret"), (c_int, "fd"), (c_int, "close_flag"))),
-     ((None, "ret"), (c_ulong, "e"), (c_char_p, "buf"), (c_size_t, "len")),
+    ("BIO_free", libcrypto,
-     False),
+     ((c_int, "ret"), (BIO, "a"))),
-    ("SSL_get_error", libssl, ((c_int, "ret"), (SSL, "ssl"), (c_int, "ret")),
+    ("BIO_gets", libcrypto,
-     False, None),
+     ((c_int, "ret"), (BIO, "b"), (POINTER(c_char), "buf"), (c_int, "size")), False),
-    ("SSL_CTX_set_cipher_list", libssl,
+    ("BIO_read", libcrypto,
-     ((c_int, "ret"), (SSLCTX, "ctx"), (c_char_p, "str"))),
+     ((c_int, "ret"), (BIO, "b"), (c_void_p, "buf"), (c_int, "len")), False),
-    ("SSL_CTX_use_certificate_file", libssl,
+    ("SSL_CTX_ctrl", libssl,
     ((c_long_parm, "ret"), (SSLCTX, "ctx"), (c_int, "cmd"), (c_long, "larg"), (c_void_p, "parg")), False),
    ("BIO_ctrl", libcrypto,
     ((c_long_parm, "ret"), (BIO, "bp"), (c_int, "cmd"), (c_long, "larg"), (c_void_p, "parg")), False),
    ("SSL_ctrl", libssl,
     ((c_long_parm, "ret"), (SSL, "ssl"), (c_int, "cmd"), (c_long, "larg"), (c_void_p, "parg")), False),
    ("ERR_get_error", libcrypto,
     ((c_long_parm, "ret"),), False),
    ("ERR_error_string_n", libcrypto,
     ((None, "ret"), (c_ulong, "e"), (c_char_p, "buf"), (c_size_t, "len")), False),
    ("SSL_get_error", libssl,
     ((c_int, "ret"), (SSL, "ssl"), (c_int, "ret")), False, None),
    ("SSL_CTX_set_cipher_list", libssl,
     ((c_int, "ret"), (SSLCTX, "ctx"), (c_char_p, "str"))),
    ("SSL_CTX_use_certificate_file", libssl,
     ((c_int, "ret"), (SSLCTX, "ctx"), (c_char_p, "file"), (c_int, "type"))),
    ("SSL_CTX_use_certificate_chain_file", libssl,
     ((c_int, "ret"), (SSLCTX, "ctx"), (c_char_p, "file"))),
-    ("SSL_CTX_use_PrivateKey_file", libssl,
+    ("SSL_CTX_use_PrivateKey_file", libssl,
-     ((c_int, "ret"), (SSLCTX, "ctx"), (c_char_p, "file"), (c_int, "type"))),
+     ((c_int, "ret"), (SSLCTX, "ctx"), (c_char_p, "file"), (c_int, "type"))),
-    ("SSL_CTX_load_verify_locations", libssl,
+    ("SSL_CTX_load_verify_locations", libssl,
-     ((c_int, "ret"), (SSLCTX, "ctx"), (c_char_p, "CAfile"),
+     ((c_int, "ret"), (SSLCTX, "ctx"), (c_char_p, "CAfile"), (c_char_p, "CApath"))),
-      (c_char_p, "CApath"))),
+    ("SSL_CTX_set_verify", libssl,
-    ("SSL_CTX_set_verify", libssl,
+     ((None, "ret"), (SSLCTX, "ctx"), (c_int, "mode"), (c_void_p, "verify_callback", 1, None))),
-     ((None, "ret"), (SSLCTX, "ctx"), (c_int, "mode"),
+    ("SSL_accept", libssl,
-      (c_void_p, "verify_callback", 1, None))),
+     ((c_int, "ret"), (SSL, "ssl"))),
-    ("SSL_accept", libssl, ((c_int, "ret"), (SSL, "ssl"))),
+    ("SSL_connect", libssl,
-    ("SSL_connect", libssl, ((c_int, "ret"), (SSL, "ssl"))),
+     ((c_int, "ret"), (SSL, "ssl"))),
-    ("SSL_set_connect_state", libssl, ((None, "ret"), (SSL, "ssl"))),
+    ("SSL_set_connect_state", libssl,
-    ("SSL_set_accept_state", libssl, ((None, "ret"), (SSL, "ssl"))),
+     ((None, "ret"), (SSL, "ssl"))),
-    ("SSL_do_handshake", libssl, ((c_int, "ret"), (SSL, "ssl"))),
+    ("SSL_set_accept_state", libssl,
-    ("SSL_get_peer_certificate", libssl, ((X509, "ret"), (SSL, "ssl"))),
+     ((None, "ret"), (SSL, "ssl"))),
-    ("SSL_read", libssl,
+    ("SSL_do_handshake", libssl,
-     ((c_int, "ret"), (SSL, "ssl"), (c_void_p, "buf"), (c_int, "num")), False),
+     ((c_int, "ret"), (SSL, "ssl"))),
-    ("SSL_write", libssl,
+    ("SSL_get_peer_certificate", libssl,
-     ((c_int, "ret"), (SSL, "ssl"), (c_void_p, "buf"), (c_int, "num")), False),
+     ((X509, "ret"), (SSL, "ssl"))),
-    ("SSL_pending", libssl, ((c_int, "ret"), (SSL, "ssl")), True, None),
+    ("SSL_read", libssl,
-    ("SSL_shutdown", libssl, ((c_int, "ret"), (SSL, "ssl"))),
+     ((c_int, "ret"), (SSL, "ssl"), (c_void_p, "buf"), (c_int, "num")), False),
-    ("SSL_set_read_ahead", libssl,
+    ("SSL_write", libssl,
-     ((None, "ret"), (SSL, "ssl"), (c_int, "yes"))),
+     ((c_int, "ret"), (SSL, "ssl"), (c_void_p, "buf"), (c_int, "num")), False),
-    ("X509_free", libcrypto, ((None, "ret"), (X509, "a"))),
+    ("SSL_pending", libssl,
-    ("PEM_read_bio_X509_AUX", libcrypto,
+     ((c_int, "ret"), (SSL, "ssl")), True, None),
-     ((X509, "ret"), (BIO, "bp"), (c_void_p, "x", 1, None),
+    ("SSL_shutdown", libssl,
-      (c_void_p, "cb", 1, None), (c_void_p, "u", 1, None))),
+     ((c_int, "ret"), (SSL, "ssl"))),
-    ("OBJ_obj2txt", libcrypto,
+    ("SSL_set_read_ahead", libssl,
-     ((c_int, "ret"), (POINTER(c_char), "buf"), (c_int, "buf_len"),
+     ((None, "ret"), (SSL, "ssl"), (c_int, "yes"))),
-      (ASN1_OBJECT, "a"), (c_int, "no_name")), False),
+    ("X509_free", libcrypto,
-    ("CRYPTO_free", libcrypto, ((None, "ret"), (c_void_p, "ptr"))),
+     ((None, "ret"), (X509, "a"))),
-    ("ASN1_STRING_to_UTF8", libcrypto,
+    ("PEM_read_bio_X509_AUX", libcrypto,
-     ((c_int, "ret"), (POINTER(POINTER(c_ubyte)), "out"), (ASN1_STRING, "in")),
+     ((X509, "ret"), (BIO, "bp"), (c_void_p, "x", 1, None), (c_void_p, "cb", 1, None), (c_void_p, "u", 1, None))),
-     False),
+    ("OBJ_obj2txt", libcrypto,
-    ("X509_NAME_entry_count", libcrypto,
+     ((c_int, "ret"), (POINTER(c_char), "buf"), (c_int, "buf_len"), (ASN1_OBJECT, "a"), (c_int, "no_name")), False),
-     ((c_int, "ret"), (POINTER(X509_name_st), "name")), True, None),
+    ("CRYPTO_free", libcrypto,
-    ("X509_NAME_get_entry", libcrypto,
+     ((None, "ret"), (c_void_p, "ptr"))),
    ("ASN1_STRING_to_UTF8", libcrypto,
     ((c_int, "ret"), (POINTER(POINTER(c_ubyte)), "out"), (ASN1_STRING, "in")), False),
    ("X509_NAME_entry_count", libcrypto,
     ((c_int, "ret"), (POINTER(X509_name_st), "name")), True, None),
    ("X509_NAME_get_entry", libcrypto,
     ((POINTER(X509_NAME_ENTRY), "ret"), (POINTER(X509_name_st), "name"),
      (c_int, "loc")), True, errcheck_p),
    ("X509_NAME_ENTRY_get_object", libcrypto,
@ -599,40 +623,37 @@ map(lambda x: _make_function(*x), (
     ((ASN1_STRING, "ret"), (POINTER(X509_NAME_ENTRY), "ne"))),
    ("X509_get_subject_name", libcrypto,
     ((POINTER(X509_name_st), "ret"), (X509, "a")), True, errcheck_p),
-    ("ASN1_TIME_print", libcrypto,
+    ("ASN1_TIME_print", libcrypto,
-     ((c_int, "ret"), (BIO, "fp"), (ASN1_TIME, "a")), False),
+     ((c_int, "ret"), (BIO, "fp"), (ASN1_TIME, "a")), False),
-    ("X509_get_ext_by_NID", libcrypto,
+    ("X509_get_ext_by_NID", libcrypto,
-     ((c_int, "ret"), (X509, "x"), (c_int, "nid"), (c_int, "lastpos")),
+     ((c_int, "ret"), (X509, "x"), (c_int, "nid"), (c_int, "lastpos")), True, None),
-     True, None),
+    ("X509_get_ext", libcrypto,
-    ("X509_get_ext", libcrypto,
+     ((POINTER(X509_EXTENSION), "ret"), (X509, "x"), (c_int, "loc")), True, errcheck_p),
-     ((POINTER(X509_EXTENSION), "ret"), (X509, "x"), (c_int, "loc")),
+    ("X509V3_EXT_get", libcrypto,
-     True, errcheck_p),
+     ((POINTER(X509V3_EXT_METHOD), "ret"), (POINTER(X509_EXTENSION), "ext")), True, errcheck_p),
-    ("X509V3_EXT_get", libcrypto,
+    ("ASN1_item_d2i", libcrypto,
-     ((POINTER(X509V3_EXT_METHOD), "ret"), (POINTER(X509_EXTENSION), "ext")),
+     ((c_void_p, "ret"), (c_void_p, "val"), (POINTER(POINTER(c_ubyte)), "in"), (c_long, "len"), (c_void_p, "it")), False, None),
-     True, errcheck_p),
+    ("sk_num", libcrypto,
-    ("ASN1_item_d2i", libcrypto,
+     ((c_int, "ret"), (STACK, "stack")), True, None),
-     ((c_void_p, "ret"), (c_void_p, "val"), (POINTER(POINTER(c_ubyte)), "in"),
+    ("sk_value", libcrypto,
-      (c_long, "len"), (c_void_p, "it")), False, None),
+     ((c_void_p, "ret"), (STACK, "stack"), (c_int, "loc")), False),
-    ("sk_num", libcrypto, ((c_int, "ret"), (STACK, "stack")), True, None),
+    ("GENERAL_NAME_print", libcrypto,
-    ("sk_value", libcrypto,
+     ((c_int, "ret"), (BIO, "out"), (POINTER(GENERAL_NAME), "gen")), False),
-     ((c_void_p, "ret"), (STACK, "stack"), (c_int, "loc")), False),
+    ("sk_pop_free", libcrypto,
-    ("GENERAL_NAME_print", libcrypto,
+     ((None, "ret"), (STACK, "st"), (c_void_p, "func")), False),
-     ((c_int, "ret"), (BIO, "out"), (POINTER(GENERAL_NAME), "gen")), False),
+    ("i2d_X509_bio", libcrypto,
-    ("sk_pop_free", libcrypto,
+     ((c_int, "ret"), (BIO, "bp"), (X509, "x")), False),
-     ((None, "ret"), (STACK, "st"), (c_void_p, "func")), False),
+    ("SSL_get_current_cipher", libssl,
-    ("i2d_X509_bio", libcrypto, ((c_int, "ret"), (BIO, "bp"), (X509, "x")),
+     ((SSL_CIPHER, "ret"), (SSL, "ssl"))),
-     False),
+    ("SSL_CIPHER_get_name", libssl,
-    ("SSL_get_current_cipher", libssl, ((SSL_CIPHER, "ret"), (SSL, "ssl"))),
+     ((c_char_p, "ret"), (SSL_CIPHER, "cipher"))),
-    ("SSL_CIPHER_get_name", libssl,
+    ("SSL_CIPHER_get_version", libssl,
-     ((c_char_p, "ret"), (SSL_CIPHER, "cipher"))),
+     ((c_char_p, "ret"), (SSL_CIPHER, "cipher"))),
-    ("SSL_CIPHER_get_version", libssl,
+    ("SSL_CIPHER_get_bits", libssl,
-     ((c_char_p, "ret"), (SSL_CIPHER, "cipher"))),
+     ((c_int, "ret"), (SSL_CIPHER, "cipher"), (POINTER(c_int), "alg_bits", 1, None)), True, None),
-    ("SSL_CIPHER_get_bits", libssl,
+    ))
-     ((c_int, "ret"), (SSL_CIPHER, "cipher"),
+
-      (POINTER(c_int), "alg_bits", 1, None)), True, None),
+#
    ))
 #
 # Wrappers - functions generally equivalent to OpenSSL library macros
 #
 _rvoid_int_int_charp_int = CFUNCTYPE(None, c_int, c_int, c_char_p, c_int)
@ -647,21 +668,21 @@ def CRYPTO_set_locking_callback(locking_function):
    global _locking_cb  # for keep-alive
    _locking_cb = _rvoid_int_int_charp_int(py_locking_function)
    _CRYPTO_set_locking_callback(_locking_cb)
-
+
-def SSL_CTX_set_session_cache_mode(ctx, mode):
+def SSL_CTX_set_session_cache_mode(ctx, mode):
-    # Returns the previous value of mode
+    # Returns the previous value of mode
-    _SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, mode, None)
+    return _SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, mode, None)
-
+
-def SSL_CTX_set_read_ahead(ctx, m):
+def SSL_CTX_set_read_ahead(ctx, m):
-    # Returns the previous value of m
+    # Returns the previous value of m
-    _SSL_CTX_ctrl(ctx, SSL_CTRL_SET_READ_AHEAD, m, None)
+    return _SSL_CTX_ctrl(ctx, SSL_CTRL_SET_READ_AHEAD, m, None)
-
+
-def SSL_CTX_set_options(ctx, options):
+def SSL_CTX_set_options(ctx, options):
-    # Returns the new option bitmaks after adding the given options
+    # Returns the new option bitmaks after adding the given options
-    _SSL_CTX_ctrl(ctx, SSL_CTRL_OPTIONS, options, None)
+    return _SSL_CTX_ctrl(ctx, SSL_CTRL_OPTIONS, options, None)
-
+
-_rint_voidp_ubytep_uintp = CFUNCTYPE(c_int, c_void_p, POINTER(c_ubyte),
+_rint_voidp_ubytep_uintp = CFUNCTYPE(c_int, c_void_p, POINTER(c_ubyte),
-                                     POINTER(c_uint))
+                                     POINTER(c_uint))
 _rint_voidp_ubytep_uint = CFUNCTYPE(c_int, c_void_p, POINTER(c_ubyte), c_uint)
 def SSL_CTX_set_cookie_cb(ctx, generate, verify):
@ -690,25 +711,25 @@ def SSL_CTX_set_cookie_cb(ctx, generate, verify):
    _SSL_CTX_set_cookie_generate_cb(ctx, gen_cb)
    _SSL_CTX_set_cookie_verify_cb(ctx, ver_cb)
    return gen_cb, ver_cb
-
+
-def BIO_dgram_set_connected(bio, peer_address):
+def BIO_dgram_set_connected(bio, peer_address):
-    su = sockaddr_u_from_addr_tuple(peer_address)
+    su = sockaddr_u_from_addr_tuple(peer_address)
-    _BIO_ctrl(bio, BIO_CTRL_DGRAM_SET_CONNECTED, 0, byref(su))
+    return _BIO_ctrl(bio, BIO_CTRL_DGRAM_SET_CONNECTED, 0, byref(su))
-
+
-def BIO_dgram_get_peer(bio):
+def BIO_dgram_get_peer(bio):
-    su = sockaddr_u()
+    su = sockaddr_u()
    _BIO_ctrl(bio, BIO_CTRL_DGRAM_GET_PEER, 0, byref(su))
    return addr_tuple_from_sockaddr_u(su)
-
+
-def BIO_dgram_set_peer(bio, peer_address):
+def BIO_dgram_set_peer(bio, peer_address):
-    su = sockaddr_u_from_addr_tuple(peer_address)
+    su = sockaddr_u_from_addr_tuple(peer_address)
-    _BIO_ctrl(bio, BIO_CTRL_DGRAM_SET_PEER, 0, byref(su))
+    return _BIO_ctrl(bio, BIO_CTRL_DGRAM_SET_PEER, 0, byref(su))
-
+
-def BIO_set_nbio(bio, n):
+def BIO_set_nbio(bio, n):
-    _BIO_ctrl(bio, BIO_C_SET_NBIO, 1 if n else 0, None)
+    return _BIO_ctrl(bio, BIO_C_SET_NBIO, 1 if n else 0, None)
-
+
-def DTLSv1_get_timeout(ssl):
+def DTLSv1_get_timeout(ssl):
-    tv = TIMEVAL()
+    tv = TIMEVAL()
    ret = _SSL_ctrl(ssl, DTLS_CTRL_GET_TIMEOUT, 0, byref(tv))
    if ret != 1:
        return
@ -724,13 +745,13 @@ def DTLSv1_handle_timeout(ssl):
        return True
    # There was an error: either too many timeouts have occurred or a
    # retransmission failed
-    assert ret < 0
+    assert ret < 0
-    if ret > 0:
+    if ret > 0:
-        ret = -10
+        ret = -10
-    errcheck_p(ret, _SSL_ctrl, (ssl, DTLS_CTRL_HANDLE_TIMEOUT, 0, None))
+    return errcheck_p(ret, _SSL_ctrl, (ssl, DTLS_CTRL_HANDLE_TIMEOUT, 0, None))
-
+
-def DTLSv1_listen(ssl):
+def DTLSv1_listen(ssl):
-    su = sockaddr_u()
+    su = sockaddr_u()
    ret = _SSL_ctrl(ssl, DTLS_CTRL_LISTEN, 0, byref(su))
    errcheck_ord(ret, _SSL_ctrl, (ssl, DTLS_CTRL_LISTEN, 0, byref(su)))
    return addr_tuple_from_sockaddr_u(su)
--- a/dtls/patch.py
+++ b/dtls/patch.py
@ -31,22 +31,23 @@ has the following effects:
    * Direct instantiation of SSLSocket as well as instantiation through
      ssl.wrap_socket are supported
    * Invocation of the function get_server_certificate with a value of
-      PROTOCOL_DTLSv1 for the parameter ssl_version is supported
+      PROTOCOL_DTLSv1 for the parameter ssl_version is supported
-"""
+"""
-
+
-from socket import SOCK_DGRAM, socket, _delegate_methods, error as socket_error
+from socket import socket, getaddrinfo, _delegate_methods, error as socket_error
-from socket import AF_INET, SOCK_STREAM, SOCK_DGRAM, getaddrinfo
+from socket import AF_INET, SOCK_STREAM, SOCK_DGRAM
-from sslconnection import SSLConnection, PROTOCOL_DTLSv1, CERT_NONE
+from types import MethodType
-from sslconnection import DTLS_OPENSSL_VERSION_NUMBER, DTLS_OPENSSL_VERSION
+from weakref import proxy
-from sslconnection import DTLS_OPENSSL_VERSION_INFO
+import errno
-from err import raise_as_ssl_module_error
+
-from types import MethodType
+from sslconnection import SSLConnection, PROTOCOL_DTLSv1, CERT_NONE
-from weakref import proxy
+from sslconnection import DTLS_OPENSSL_VERSION_NUMBER, DTLS_OPENSSL_VERSION, DTLS_OPENSSL_VERSION_INFO
-import errno
+from err import raise_as_ssl_module_error
-
+
-def do_patch():
+
-    import ssl as _ssl  # import to be avoided if ssl module is never patched
+def do_patch():
-    global _orig_SSLSocket_init, _orig_get_server_certificate
+    import ssl as _ssl  # import to be avoided if ssl module is never patched
    global _orig_SSLSocket_init, _orig_get_server_certificate
    global ssl
    ssl = _ssl
    if hasattr(ssl, "PROTOCOL_DTLSv1"):
@ -73,13 +74,13 @@ def _get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
    If 'ssl_version' is specified, use it in the connection attempt.
    """
-    if ssl_version != PROTOCOL_DTLSv1:
+    if ssl_version != PROTOCOL_DTLSv1:
-        return _orig_get_server_certificate(addr, ssl_version, ca_certs)
+        return _orig_get_server_certificate(addr, ssl_version, ca_certs)
-
+
-    if (ca_certs is not None):
+    if ca_certs is not None:
-        cert_reqs = ssl.CERT_REQUIRED
+        cert_reqs = ssl.CERT_REQUIRED
-    else:
+    else:
-        cert_reqs = ssl.CERT_NONE
+        cert_reqs = ssl.CERT_NONE
    af = getaddrinfo(addr[0], addr[1])[0][0]
    s = ssl.wrap_socket(socket(af, SOCK_DGRAM),
                        ssl_version=ssl_version,
--- a/dtls/sslconnection.py
+++ b/dtls/sslconnection.py
@ -45,12 +45,13 @@ import socket
 import hmac
 import datetime
 from logging import getLogger
-from os import urandom
+from os import urandom
-from select import select
+from select import select
-from weakref import proxy
+from weakref import proxy
-from err import openssl_error, InvalidSocketError
+
-from err import raise_ssl_error
+from err import openssl_error, InvalidSocketError
-from err import SSL_ERROR_WANT_READ, SSL_ERROR_SYSCALL
+from err import raise_ssl_error
 from err import SSL_ERROR_WANT_READ, SSL_ERROR_SYSCALL
 from err import ERR_COOKIE_MISMATCH, ERR_NO_CERTS
 from err import ERR_NO_CIPHER, ERR_HANDSHAKE_TIMEOUT, ERR_PORT_UNREACHABLE
 from err import ERR_READ_TIMEOUT, ERR_WRITE_TIMEOUT
@ -331,12 +332,13 @@ class SSLConnection(object):
            ciphers = "DEFAULT"
        self._sock = sock
-        self._keyfile = keyfile
+        self._keyfile = keyfile
-        self._certfile = certfile
+        self._certfile = certfile
-        self._cert_reqs = cert_reqs
+        self._cert_reqs = cert_reqs
-        self._ca_certs = ca_certs
+        self._ssl_version = ssl_version
-        self._do_handshake_on_connect = do_handshake_on_connect
+        self._ca_certs = ca_certs
-        self._suppress_ragged_eofs = suppress_ragged_eofs
+        self._do_handshake_on_connect = do_handshake_on_connect
        self._suppress_ragged_eofs = suppress_ragged_eofs
        self._ciphers = ciphers
        self._handshake_done = False
        self._wbio_nb = self._rbio_nb = False
@ -459,13 +461,13 @@ class SSLConnection(object):
        if not self._pending_peer_address:
            if not self.listen():
-                _logger.debug("Accept returning without connection")
+                _logger.debug("Accept returning without connection")
-                return
+                return
-        new_conn = SSLConnection(self, self._keyfile, self._certfile, True,
+        new_conn = SSLConnection(self, self._keyfile, self._certfile, True,
-                                 self._cert_reqs, PROTOCOL_DTLSv1,
+                                 self._cert_reqs, self._ssl_version,
-                                 self._ca_certs, self._do_handshake_on_connect,
+                                 self._ca_certs, self._do_handshake_on_connect,
-                                 self._suppress_ragged_eofs, self._ciphers)
+                                 self._suppress_ragged_eofs, self._ciphers)
-        new_peer = self._pending_peer_address
+        new_peer = self._pending_peer_address
        self._pending_peer_address = None
        if self._do_handshake_on_connect:
            # Note that since that connection's socket was just created in its
--- a/dtls/x509.py
+++ b/dtls/x509.py
@ -40,24 +40,23 @@ _logger = getLogger(__name__)
 class _X509(_Rsrc):
    """Wrapper for the cryptographic library's X509 resource"""
    def __init__(self, value):
-        super(_X509, self).__init__(value)
+        super(_X509, self).__init__(value)
-
+
-    def __del__(self):
+    def __del__(self):
-        _logger.debug("Freeing X509: %d", self._value._as_parameter)
+        _logger.debug("Freeing X509: %d", self.raw)
-        X509_free(self._value)
+        X509_free(self._value)
-        self._value = None
+        self._value = None
-
+
 class _STACK(_Rsrc):
    """Wrapper for the cryptographic library's stacks"""
    def __init__(self, value):
-        super(_STACK, self).__init__(value)
+        super(_STACK, self).__init__(value)
-
+
-    def __del__(self):
+    def __del__(self):
-        _logger.debug("Freeing stack: %d", self._value._as_parameter)
+        _logger.debug("Freeing stack: %d", self.raw)
-        sk_pop_free(self._value)
+        sk_pop_free(self._value)
-        self._value = None
+        self._value = None
 def decode_cert(cert):
    """Convert an X509 certificate into a Python dictionary