Commit 90a624f0 authored by Joanne Hugé's avatar Joanne Hugé Committed by Tom Niget

python2 to python3: manual fixes

parent 4c99a59c
......@@ -11,6 +11,6 @@ Architecture: all
Depends: ${misc:Depends}, ${python:Depends}, python-pkg-resources, python-openssl (>= 0.13), openvpn (>= 2.4), openpvn (<< 2.5~), babeld (= v1.12.1-nxd3), iproute2 | iproute, openssl
Recommends: ${python:Recommends}, logrotate
Suggests: ${python:Suggests}, ndisc6
Conflicts: re6st-node
Replaces: re6st-node
Conflicts: re6st-node-py3
Replaces: re6st-node-py3
Description: resilient, scalable, IPv6 network application
#!/usr/bin/python2
#!/usr/bin/python
import argparse, math, nemu, os, re, signal
import socket, sqlite3, subprocess, sys, time, weakref
from collections import defaultdict
......
import json, logging, os, sqlite3, socket, subprocess, sys, time, zlib
import base64, json, logging, os, sqlite3, socket, subprocess, sys, time, zlib
from itertools import chain
from .registry import RegistryClient
from . import utils, version, x509
......@@ -65,7 +65,7 @@ class Cache(object):
@staticmethod
def _selectConfig(execute): # BBB: blob
return ((k, str(v) if type(v) is buffer else v)
return ((k, str(v) if type(v) is memoryview else v)
for k, v in execute("SELECT * FROM config"))
def _loadConfig(self, config):
......@@ -91,15 +91,15 @@ class Cache(object):
# TODO: When possible, the registry should be queried via the re6st.
x = json.loads(zlib.decompress(
self._registry.getNetworkConfig(self._prefix)))
base64 = x.pop('', ())
base64_list = x.pop('', ())
config = {}
for k, v in x.items():
k = str(k)
if k.startswith('babel_hmac'):
if v:
v = self._decrypt(v.decode('base64'))
elif k in base64:
v = v.decode('base64')
v = self._decrypt(base64.b64decode(v))
elif k in base64_list:
v = base64.b64decode(v)
elif isinstance(v, (list, dict)):
k += ':json'
v = json.dumps(v)
......@@ -131,7 +131,7 @@ class Cache(object):
# BBB: Use buffer because of http://bugs.python.org/issue13676
# on Python 2.6
db.executemany("INSERT OR REPLACE INTO config VALUES(?,?)",
((k, buffer(v) if k in base64 or
((k, memoryview(v) if k in base64_list or
k.startswith('babel_hmac') else v)
for k, v in config.items()))
self._loadConfig(iter(config.items()))
......@@ -229,7 +229,9 @@ class Cache(object):
" WHERE prefix=peer AND prefix!=? AND try=?"
def getPeerList(self, failed=0, __sql=_get_peer_sql % "prefix, address"
+ " ORDER BY RANDOM()"):
return self._db.execute(__sql, (self._prefix, failed))
#return self._db.execute(__sql, (self._prefix, failed))
r = self._db.execute(__sql, (self._prefix, failed))
return r
def getPeerCount(self, failed=0, __sql=_get_peer_sql % "COUNT(*)"):
return self._db.execute(__sql, (self._prefix, failed)).next()[0]
......@@ -237,7 +239,7 @@ class Cache(object):
logging.info('Getting Boot peer...')
try:
bootpeer = self._registry.getBootstrapPeer(self._prefix)
prefix, address = self._decrypt(bootpeer).split()
prefix, address = self._decrypt(bootpeer).decode().split()
except (socket.error, subprocess.CalledProcessError, ValueError) as e:
logging.warning('Failed to bootstrap (%s)',
e if bootpeer else 'no peer returned')
......@@ -273,6 +275,6 @@ class Cache(object):
def getCountry(self, ip):
try:
return self._registry.getCountry(self._prefix, ip)
return self._registry.getCountry(self._prefix, ip).decode()
except socket.error as e:
logging.warning('Failed to get country (%s)', ip)
......@@ -6,7 +6,7 @@ if 're6st' not in sys.modules:
sys.path[0] = os.path.dirname(os.path.dirname(sys.path[0]))
from re6st import registry, utils, x509
def create(path, text=None, mode=0666):
def create(path, text=None, mode=0o666):
fd = os.open(path, os.O_CREAT | os.O_WRONLY | os.O_TRUNC, mode)
try:
os.write(fd, text)
......@@ -68,12 +68,12 @@ def main():
fingerprint = binascii.a2b_hex(fingerprint)
if hashlib.new(alg).digest_size != len(fingerprint):
raise ValueError("wrong size")
except StandardError, e:
except Exception as e:
parser.error("invalid fingerprint: %s" % e)
if x509.fingerprint(ca, alg).digest() != fingerprint:
sys.exit("CA fingerprint doesn't match")
else:
print "WARNING: it is strongly recommended to use --fingerprint option."
print("WARNING: it is strongly recommended to use --fingerprint option.")
network = x509.networkFromCa(ca)
if config.is_needed:
route, err = subprocess.Popen(('ip', '-6', '-o', 'route', 'get',
......@@ -92,16 +92,17 @@ def main():
with open(cert_path) as f:
cert = loadCert(f.read())
components = dict(cert.get_subject().get_components())
components = {k.decode(): v for k, v in components.items()}
for k in reserved:
components.pop(k, None)
except IOError, e:
except IOError as e:
if e.errno != errno.ENOENT:
raise
components = {}
if config.req:
components.update(config.req)
subj = req.get_subject()
for k, v in list(components.items()):
for k, v in components.items():
if k in reserved:
sys.exit(k + " field is reserved.")
if v:
......@@ -116,26 +117,26 @@ def main():
token = ''
elif not token:
if not config.email:
config.email = eval(input('Please enter your email address: '))
config.email = input('Please enter your email address: ')
s.requestToken(config.email)
token_advice = "Use --token to retry without asking a new token\n"
while not token:
token = eval(input('Please enter your token: '))
token = input('Please enter your token: ')
try:
with open(key_path) as f:
pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, f.read())
key = None
print "Reusing existing key."
except IOError, e:
print("Reusing existing key.")
except IOError as e:
if e.errno != errno.ENOENT:
raise
bits = ca.get_pubkey().bits()
print(("Generating %s-bit key ..." % bits))
print("Generating %s-bit key ..." % bits)
pkey = crypto.PKey()
pkey.generate_key(crypto.TYPE_RSA, bits)
key = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
create(key_path, key, 0600)
create(key_path, key, 0o600)
req.set_pubkey(pkey)
req.sign(pkey, 'sha512')
......@@ -143,8 +144,8 @@ def main():
# First make sure we can open certificate file for writing,
# to avoid using our token for nothing.
cert_fd = os.open(cert_path, os.O_CREAT | os.O_WRONLY, 0666)
print "Requesting certificate ..."
cert_fd = os.open(cert_path, os.O_CREAT | os.O_WRONLY, 0o666)
print("Requesting certificate ...")
if config.location:
cert = s.requestCertificate(token, req, location=config.location)
else:
......@@ -173,7 +174,7 @@ def main():
key_path)))
if not os.path.lexists(conf_path):
create(conf_path, """\
create(conf_path, ("""\
registry %s
ca %s
cert %s
......@@ -188,13 +189,13 @@ key %s
#O3
""" % (config.registry, ca_path, cert_path, key_path,
('country ' + config.location.split(',', 1)[0]) \
if config.location else ''))
print "Sample configuration file created."
if config.location else '')).encode())
print("Sample configuration file created.")
cn = x509.subnetFromCert(cert)
subnet = network + utils.binFromSubnet(cn)
print(("Your subnet: %s/%u (CN=%s)" \
% (utils.ipFromBin(subnet), len(subnet), cn)))
print("Your subnet: %s/%u (CN=%s)" \
% (utils.ipFromBin(subnet), len(subnet), cn))
if __name__ == "__main__":
main()
......@@ -53,11 +53,11 @@ class String(object):
@staticmethod
def encode(buffer, value):
buffer += value + "\0"
buffer += value + b'\x00'
@staticmethod
def decode(buffer, offset=0):
i = buffer.index("\0", offset)
i = buffer.index(0, offset)
return i + 1, buffer[offset:i]
......@@ -69,7 +69,7 @@ class Buffer(object):
def __iadd__(self, value):
self._buf += value
self._buf.extend(value)
return self
def __len__(self):
......@@ -104,21 +104,6 @@ class Buffer(object):
self._seek(r)
return value
try: # BBB: Python < 2.7.4 (http://bugs.python.org/issue10212)
uint16.unpack_from(bytearray(uint16.size))
except TypeError:
def unpack_from(self, struct):
r = self._r
x = r + struct.size
value = struct.unpack(buffer(self._buf)[r:x])
self._seek(x)
return value
def decode(self, decode):
r = self._r
size, value = decode(buffer(self._buf)[r:])
self._seek(r + size)
return value
# writing
def send(self, socket, *args):
......@@ -149,7 +134,7 @@ class Packet(object):
logging.trace('send %s%r', self.__class__.__name__,
(self.id,) + self.args)
offset = len(buffer)
buffer += '\0' * header.size
buffer += b'\x00' * header.size
r = self.request
if isinstance(r, Struct):
r.encode(buffer, self.args)
......@@ -209,7 +194,7 @@ class Babel(object):
except socket.error as e:
logging.debug("Can't connect to %r (%r)", self.socket_path, e)
return e
s.send("\1")
s.send(b'\x01')
s.setblocking(0)
del self.select
self.socket = s
......@@ -269,7 +254,7 @@ class Babel(object):
a = len(self.network)
for route in routes:
assert route.flags & 1, route # installed
if route.prefix.startswith('\0\0\0\0\0\0\0\0\0\0\xff\xff'):
if route.prefix.startswith(b'\0\0\0\0\0\0\0\0\0\0\xff\xff'):
continue
assert route.neigh_address == route.nexthop, route
address = route.neigh_address, route.ifindex
......
#!/usr/bin/python2 -S
#!/usr/bin/python -S
import os, sys
script_type = os.environ['script_type']
......@@ -13,5 +13,7 @@ if script_type == 'up':
if script_type == 'route-up':
import time
with open('/opt/openvpn_route_up.log', 'w+') as f:
f.write(repr(sys.argv))
os.write(int(sys.argv[1]), repr((os.environ['common_name'], time.time(),
int(os.environ['tls_serial_0']), os.environ['OPENVPN_external_ip'])))
int(os.environ['tls_serial_0']), os.environ['OPENVPN_external_ip'])).encode())
#!/usr/bin/python2 -S
#!/usr/bin/python -S
import os, sys
script_type = os.environ['script_type']
......@@ -10,7 +10,7 @@ os.write(fd, repr((script_type, (os.environ['common_name'], os.environ['dev'],
int(os.environ['tls_serial_0']), external_ip))))
if script_type == 'client-connect':
if os.read(fd, 1) == '\0':
if os.read(fd, 1) == b'\x00':
sys.exit(1)
# Send client its external ip address
with open(sys.argv[2], 'w') as f:
......
......@@ -43,7 +43,7 @@ def server(iface, max_clients, dh_path, fd, port, proto, encrypt, *args, **kw):
'--max-clients', str(max_clients),
'--port', str(port),
'--proto', proto,
*args, **kw)
*args, pass_fds=[fd], **kw)
def client(iface, address_list, encrypt, *args, **kw):
......
......@@ -27,7 +27,7 @@ from http.server import HTTPServer, BaseHTTPRequestHandler
from email.mime.text import MIMEText
from operator import itemgetter
from OpenSSL import crypto
from urllib.parse import splittype, splithost, unquote, urlencode
from urllib.parse import urlparse, unquote, urlencode
from . import ctl, tunnel, utils, version, x509
HMAC_HEADER = "Re6stHMAC"
......@@ -69,7 +69,7 @@ class RegistryServer(object):
# Parse community file
self.community_map = {}
if config.community:
if config.community:
with open(config.community) as x:
for x in x:
x = x.strip()
......@@ -91,7 +91,7 @@ class RegistryServer(object):
"name TEXT PRIMARY KEY NOT NULL",
"value")
self.prefix = self.getConfig("prefix", None)
self.version = str(self.getConfig("version", "\0")) # BBB: blob
self.version = str(self.getConfig("version", b'\x00')) # BBB: blob
utils.sqliteCreateTable(self.db, "token",
"token TEXT PRIMARY KEY NOT NULL",
"email TEXT NOT NULL",
......@@ -184,18 +184,16 @@ class RegistryServer(object):
config = json.dumps(kw, sort_keys=True)
if config != self.getConfig('last_config', None):
self.increaseVersion()
# BBB: Use buffer because of http://bugs.python.org/issue13676
# on Python 2.6
self.setConfig('version', buffer(self.version))
self.setConfig('version', self.version)
self.setConfig('last_config', config)
self.sendto(self.prefix, 0)
# The following entry lists values that are base64-encoded.
kw[''] = 'version',
kw['version'] = self.version.encode('base64')
kw['version'] = base64.b64encode(self.version)
self.network_config = kw
def increaseVersion(self):
x = utils.packInteger(1 + utils.unpackInteger(self.version)[0])
x = utils.packInteger(1 + utils.unpackInteger(self.version)[0:1])
self.version = x + self.cert.sign(x)
def sendto(self, prefix, code):
......@@ -203,12 +201,12 @@ class RegistryServer(object):
def recv(self, code):
try:
prefix, msg = self.sock.recv(1<<16).split('\0', 1)
prefix, msg = self.sock.recv(1<<16).split(b'\x00', 1)
int(prefix, 2)
except ValueError:
pass
else:
if msg and ord(msg[0]) == code:
if msg and msg[0:1] == code:
return prefix, msg[1:]
return None, None
......@@ -293,7 +291,7 @@ class RegistryServer(object):
with self.lock:
session = self.sessions[key]
for key, protocol in session:
if h == hmac.HMAC(key, request.path, hashlib.sha1).digest():
if h == hmac.HMAC(key, request.path.encode(), hashlib.sha1).digest():
break
else:
raise Exception("Wrong HMAC")
......@@ -349,14 +347,14 @@ class RegistryServer(object):
assert self.lock.locked()
return self.db.execute("SELECT cert FROM cert"
" WHERE prefix=? AND cert IS NOT NULL",
(client_prefix,)).next()[0]
(client_prefix,)).fetchone()[0]
@rpc_private
def isToken(self, token):
with self.lock:
if self.db.execute("SELECT 1 FROM token WHERE token = ?",
(token,)).fetchone():
return "1"
return b"1"
@rpc_private
def deleteToken(self, token):
......@@ -595,7 +593,7 @@ class RegistryServer(object):
hmac = [self.getConfig(k, None) for k in BABEL_HMAC]
for i, v in enumerate(v for v in hmac if v is not None):
config[('babel_hmac_sign', 'babel_hmac_accept')[i]] = \
v and x509.encrypt(cert, v).encode('base64')
v and base64.b64encode(x509.encrypt(cert, v))
return zlib.compress(json.dumps(config))
def _queryAddress(self, peer):
......@@ -615,7 +613,7 @@ class RegistryServer(object):
@rpc
def getCountry(self, cn, address):
country = self._geoiplookup(address)[0]
return None if country == '*' else country
return None if country == '*' else country.encode()
@rpc
def getBootstrapPeer(self, cn):
......@@ -673,7 +671,7 @@ class RegistryServer(object):
def newHMAC(self, i, key=None):
if key is None:
key = buffer(os.urandom(16))
key = os.urandom(16)
self.setConfig(BABEL_HMAC[i], key)
def delHMAC(self, i):
......@@ -696,10 +694,10 @@ class RegistryServer(object):
else:
# Initialization of HMAC on the network
self.newHMAC(1)
self.newHMAC(2, '')
self.newHMAC(2, b'')
self.increaseVersion()
self.setConfig('version', buffer(self.version))
self.network_config['version'] = self.version.encode('base64')
self.setConfig('version', self.version)
self.network_config['version'] = base64.b64encode(self.version)
self.sendto(self.prefix, 0)
@rpc_private
......@@ -736,9 +734,9 @@ class RegistryServer(object):
return
logging.info("%s %s", email, peer)
with self.lock:
msg = self._queryAddress(peer)
msg = self._queryAddress(peer).decode()
if msg:
return msg.split(',')[0]
return msg.split(',')[0].encode()
@rpc_private
def versions(self):
......@@ -805,8 +803,8 @@ class RegistryClient(object):
def __init__(self, url, cert=None, auto_close=True):
self.cert = cert
self.auto_close = auto_close
scheme, host = splittype(url)
host, path = splithost(host)
url_parsed = urlparse(url)
scheme, host, path = url_parsed.scheme, url_parsed.netloc, url_parsed.path
self._conn = dict(http=http.client.HTTPConnection,
https=http.client.HTTPSConnection,
)[scheme](unquote(host), timeout=60)
......@@ -834,7 +832,7 @@ class RegistryClient(object):
n = len(h) // 2
self.cert.verify(h[n:], h[:n])
key = self.cert.decrypt(h[:n])
h = hmac.HMAC(key, query, hashlib.sha1).digest()
h = hmac.HMAC(key, query.encode(), hashlib.sha1).digest()
key = hashlib.sha1(key).digest()
self._hmac = hashlib.sha1(key).digest()
else:
......
......@@ -72,7 +72,7 @@ class TestConf(unittest.TestCase):
# go back to original dir
os.chdir(self.origin_dir)
@patch("__builtin__.raw_input")
@patch("builtins.input")
def test_basic(self, mock_raw_input):
""" go through all the step
getCa, requestToken, requestCertificate
......
......@@ -146,13 +146,13 @@ class TestRegistryServer(unittest.TestCase):
params = {"cn" : prefix, "a" : 1, "b" : 2}
func.getcallargs.return_value = params
del func._private
func.return_value = result = "this_is_a_result"
key = "this_is_a_key"
func.return_value = result = b"this_is_a_result"
key = b"this_is_a_key"
self.server.sessions[prefix] = [(key, protocol)]
request = Mock()
request.path = "/func?a=1&b=2&cn=0000000011111111"
request.headers = {registry.HMAC_HEADER: base64.b64encode(
hmac.HMAC(key, request.path, hashlib.sha1).digest())}
hmac.HMAC(key, request.path.encode(), hashlib.sha1).digest())}
self.server.handle_request(request, method, params)
......@@ -213,7 +213,7 @@ class TestRegistryServer(unittest.TestCase):
res = self.server.hello(prefix, protocol=protocol)
# decrypt
length = len(res)/2
length = len(res) // 2
key, sign = res[:length], res[length:]
key = decrypt(pkey, key)
self.assertEqual(self.server.sessions[prefix][-1][0], key,
......
......@@ -57,9 +57,9 @@ class TestRegistryClient(unittest.TestCase):
h = hmac.HMAC(key, query, hashlib.sha1).digest()
key = hashlib.sha1(key).digest()
# response part
body = None
body = b'this is a body'
response = fakeResponse(body, http.client.NO_CONTENT)
response.msg = dict(Re6stHMAC=hmac.HMAC(key, body, hashlib.sha1).digest())
response.msg = dict(Re6stHMAC=base64.b64encode(hmac.HMAC(key, body, hashlib.sha1).digest()))
self.client._conn.getresponse.return_value = response
res = self.client.getNetworkConfig(cn)
......
......@@ -40,7 +40,7 @@ def generate_cert(ca, ca_key, csr, prefix, serial, not_after=None):
cert.gmtime_adj_notBefore(0)
if not_after:
cert.set_notAfter(
time.strftime("%Y%m%d%H%M%SZ", time.gmtime(not_after)))
time.strftime("%Y%m%d%H%M%SZ", time.gmtime(not_after)).encode())
else:
cert.gmtime_adj_notAfter(registry.RegistryServer.cert_duration)
subject = req.get_subject()
......@@ -57,9 +57,9 @@ def create_cert_file(pkey_file, cert_file, ca, ca_key, prefix, serial):
pkey, csr = generate_csr()
cert = generate_cert(ca, ca_key, csr, prefix, serial)
with open(pkey_file, 'w') as f:
f.write(pkey)
f.write(pkey.decode())
with open(cert_file, 'w') as f:
f.write(cert)
f.write(cert.decode())
return pkey, cert
......@@ -101,7 +101,7 @@ def serial2prefix(serial):
# pkey: private key
def decrypt(pkey, incontent):
with open("node.key", 'w') as f:
f.write(pkey)
f.write(pkey.decode())
args = "openssl rsautl -decrypt -inkey node.key".split()
p = subprocess.Popen(
args, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
......
......@@ -94,7 +94,7 @@ class Connection(object):
'--remap-usr1', 'SIGTERM',
'--ping-exit', str(tm.timeout),
'--route-up', '%s %u' % (plib.ovpn_client, tm.write_sock.fileno()),
*tm.ovpn_args)
*tm.ovpn_args, pass_fds=[tm.write_sock.fileno()])
tm.resetTunnelRefresh()
self._retry += 1
......@@ -169,7 +169,7 @@ class TunnelKiller(object):
if (self.address, self.ifindex) in tm.ctl.locked:
self.state = 'locked'
self.timeout = time.time() + 2 * tm.timeout
tm.sendto(self.peer, '\2' if self.client else '\3')
tm.sendto(self.peer, b'\2' if self.client else b'\3')
else:
self.timeout = 0
......@@ -359,13 +359,13 @@ class BaseTunnelManager(object):
to = address[:2]
if address[0] == '::1':
try:
prefix, msg = msg.split('\0', 1)
prefix, msg = msg.split(b'\0', 1)
int(prefix, 2)
except ValueError:
return
if msg:
self._forward = to
code = ord(msg[0])
code = msg[0]
if prefix == self._prefix:
msg = self._processPacket(msg)
if msg:
......@@ -397,7 +397,7 @@ class BaseTunnelManager(object):
address, exc_info=1)
return
peer.version = self._version \
if self._sendto(to, '\0' + self._version, peer) else ''
if self._sendto(to, b'\0' + self._version, peer) else b''
return
if seqno:
h = x509.fingerprint(self.cert.cert).digest()
......@@ -444,10 +444,11 @@ class BaseTunnelManager(object):
# We got a valid and non-empty message. Always reply
# something so that the sender knows we're still connected.
answer = self._processPacket(msg, peer.prefix)
self._sendto(to, msg[0] + answer if answer else "", peer)
self._sendto(to, msg[0:1] + answer.encode() if answer else b'', peer)
def _processPacket(self, msg, peer=None):
c = ord(msg[0])
c = msg[0]
msg = msg[1:]
code = c & 0x7f
if c > 0x7f and msg:
......@@ -456,6 +457,7 @@ class BaseTunnelManager(object):
elif code == 1: # address
if msg:
if peer:
msg = msg.decode()
self.cache.addPeer(peer, msg)
try:
self._connecting.remove(peer)
......@@ -526,7 +528,7 @@ class BaseTunnelManager(object):
if peer.prefix != prefix:
self.sendto(prefix, None)
elif (peer.version < self._version and
self.sendto(prefix, '\0' + self._version)):
self.sendto(prefix, b'\0' + self._version)):
peer.version = self._version
def broadcastNewVersion(self):
......@@ -635,7 +637,7 @@ class BaseTunnelManager(object):
logging.error("%s. Flushing...", msg)
subprocess.call(("ip", "-6", "route", "flush", "cached"))
self.sendto(self.cache.registry_prefix,
'\7%s (%s)' % (msg, os.uname()[2]))
b'\7%s (%s)' % (msg, os.uname()[2]))
break
def _updateCountry(self, address):
......@@ -957,7 +959,7 @@ class TunnelManager(BaseTunnelManager):
address = self.cache.getAddress(peer)
if address:
count -= self._makeTunnel(peer, address)
elif self.sendto(peer, '\1'):
elif self.sendto(peer, b'\1'):
self._connecting.add(peer)
count -= 1
elif distant_peers is None:
......
......@@ -6,9 +6,9 @@ import sys, textwrap, threading, time, traceback
# and then socket.SOCK_CLOEXEC will be useless.
# (We already follow the good practice that consists in not
# relying on the GC for the closing of file descriptors.)
socket.SOCK_CLOEXEC = 0x80000
#socket.SOCK_CLOEXEC = 0x80000
HMAC_LEN = len(hashlib.sha1('').digest())
HMAC_LEN = len(hashlib.sha1(b'').digest())
class ReexecException(Exception):
pass
......@@ -180,8 +180,10 @@ class Popen(subprocess.Popen):
t = threading.Timer(5, self.kill)
t.start()
# PY3: use waitid(WNOWAIT) and call self.poll() after t.cancel()
r = self.wait()
#r = self.wait()
r = self.waitid(WNOWAIT) # PY3
t.cancel()
self.poll() # PY3
return r
......@@ -270,9 +272,9 @@ def packInteger(i):
raise OverflowError
def unpackInteger(x):
n = ord(x[0]) >> 5
n = x[0] >> 5
try:
i, = struct.unpack("!Q", '\0' * (7 - n) + x[:n+1])
i, = struct.unpack("!Q", b'\0' * (7 - n) + x[:n+1])
except struct.error:
return
return sum((32 << 8 * i for i in range(n)),
......
......@@ -40,4 +40,4 @@ protocol = 8
min_protocol = 1
if __name__ == "__main__":
print version
print(version)
......@@ -14,23 +14,23 @@ def subnetFromCert(cert):
return cert.get_subject().CN
def notBefore(cert):
return calendar.timegm(time.strptime(cert.get_notBefore(),'%Y%m%d%H%M%SZ'))
return calendar.timegm(time.strptime(cert.get_notBefore().decode(),'%Y%m%d%H%M%SZ'))
def notAfter(cert):
return calendar.timegm(time.strptime(cert.get_notAfter(),'%Y%m%d%H%M%SZ'))
return calendar.timegm(time.strptime(cert.get_notAfter().decode(),'%Y%m%d%H%M%SZ'))
def openssl(*args):
def openssl(*args, fds=[]):
return utils.Popen(('openssl',) + args,
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
stderr=subprocess.PIPE, pass_fds=fds)
def encrypt(cert, data):
r, w = os.pipe()
try:
threading.Thread(target=os.write, args=(w, cert)).start()
p = openssl('rsautl', '-encrypt', '-certin',
'-inkey', '/proc/self/fd/%u' % r)
'-inkey', '/proc/self/fd/%u' % r, fds=[r])
out, err = p.communicate(data)
finally:
os.close(r)
......@@ -96,7 +96,7 @@ class Cert(object):
self.key = crypto.load_privatekey(crypto.FILETYPE_PEM, f.read())
if cert:
with open(cert) as f:
self.cert = self.loadVerify(f.read())
self.cert = self.loadVerify(f.read().encode())
@property
def prefix(self):
......@@ -143,6 +143,7 @@ class Cert(object):
"error running openssl, assuming cert is invalid")
# BBB: With old versions of openssl, detailed
# error is printed to standard output.
out, err = out.decode(), err.decode()
for err in err, out:
for x in err.splitlines():
if x.startswith('error '):
......@@ -166,7 +167,7 @@ class Cert(object):
def verifyVersion(self, version):
try:
n = 1 + (ord(version[0]) >> 5)
n = 1 + (version[0] >> 5)
self.verify(version[n:], version[:n])
except (IndexError, crypto.Error):
raise VerifyError(None, None, 'invalid network version')
......@@ -206,7 +207,7 @@ class Peer(object):
_key = newHmacSecret()
serial = None
stop_date = float('inf')
version = ''
version = b''
def __init__(self, prefix):
self.prefix = prefix
......@@ -229,11 +230,11 @@ class Peer(object):
try:
# Always assume peer is not old, in case it has just upgraded,
# else we would be stuck with the old protocol.
msg = ('\0\0\0\1'
msg = (b'\0\0\0\1'
+ PACKED_PROTOCOL
+ fingerprint(self.cert).digest())
except AttributeError:
msg = '\0\0\0\0'
msg = b'\0\0\0\0'
return msg + crypto.dump_certificate(crypto.FILETYPE_ASN1, cert)
def hello0Sent(self):
......@@ -246,7 +247,7 @@ class Peer(object):
self._i = self._j = 2
self._last = 0
self.protocol = protocol
return ''.join(('\0\0\0\2', PACKED_PROTOCOL if protocol else '',
return b''.join((b'\0\0\0\2', PACKED_PROTOCOL if protocol else b'',
h, cert.sign(h)))
def _hmac(self, msg):
......
......@@ -21,7 +21,7 @@ Requires: python-setuptools
BuildRequires: python3-devel
%endif
Recommends: python-miniupnpc
Conflicts: re6st-node
Conflicts: re6st-node-py3
%description
......
......@@ -7,7 +7,9 @@ from setuptools.command import sdist as _sdist, build_py as _build_py
from distutils import log
version = {"__file__": "re6st/version.py"}
execfile(version["__file__"], version)
with open(version["__file__"]) as f:
code = compile(f.read(), version["__file__"], 'exec')
exec(code, version)
def copy_file(self, infile, outfile, *args, **kw):
if infile == version["__file__"]:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment