updates vagrant configs; updates server example, updates copyright year.

wrapper/python/wolfssl/.centos-provisioner.sh

@@ -2,7 +2,8 @@
 
 rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-6.noarch.rpm
 yum update
-yum install -y git autoconf libtool
+yum install -y \
+    git autoconf libtool libffi-devel python-devel python3-devel python-pip
 
 git clone https://github.com/wolfssl/wolfssl.git
 [ $? -ne 0 ] && echo "\n\nCouldn't download wolfssl.\n\n" && exit 1
@@ -18,9 +19,16 @@ mv wolfssl.conf /etc/ld.so.conf
 ldconfig
 
 popd
+
 rm -rf wolfssl
 
-yum install -y libffi-devel python-devel python-pip
+pushd /vagrant
 
-pip install wolfssl
-[ $? -ne 0 ] && echo "\n\nCouldn't install wolfssl.\n\n" && exit 1
+pip install -r requirements-testing.txt
+
+make check
+
+popd
+
+# pip install wolfssl
+# [ $? -ne 0 ] && echo "\n\nCouldn't install wolfssl.\n\n" && exit 1

wrapper/python/wolfssl/.gitignore

@@ -16,6 +16,3 @@ htmlcov/
 
 # Sphinx documentation
 docs/_build/
-
-# Virtual env
-.env

wrapper/python/wolfssl/.ubuntu-provisioner.sh

@@ -25,13 +25,9 @@ pushd /vagrant
 
 pip install -r requirements-testing.txt
 
-rm src/wolfssl/*.pyc
-rm -r src/wolfssl/*.egg-info/
-rm -r test/__pycache__/
-
-tox -r -e py27,py34 -- -v
+make check
 
 popd
 
-#pip install wolfssl
-#[ $? -ne 0 ] && echo -e "\n\nCouldn't install wolfssl.\n\n" && exit 1
+# pip install wolfssl
+# [ $? -ne 0 ] && echo -e "\n\nCouldn't install wolfssl.\n\n" && exit 1

wrapper/python/wolfssl/Makefile

@@ -0,0 +1,58 @@
+# Makefile
+#
+# Copyright (C) 2006-2017 wolfSSL Inc.
+#
+# This file is part of wolfSSL. (formerly known as CyaSSL)
+#
+# wolfSSL is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# wolfSSL is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+
+.PHONY : all clean clean-build clean-pyc clean-test install test upload
+
+# builds the module
+all :
+	python ./setup.py build
+
+#builds and installs the module
+install : all
+	python ./setup.py install
+
+## removes all build, test, coverage and Python artifacts
+clean : clean-test clean-build clean-pyc
+
+## removes test and coverage artifacts
+clean-test :
+	rm -rf .coverage .tox/ htmlcov/
+
+## removes build artifacts
+clean-build :
+	rm -rf build/ dist/ .eggs/
+	find . -name '*.egg-info' -exec rm -rf {} +
+	find . -name '*.egg' -exec rm -v {} +
+
+## removes Python file artifacts
+clean-pyc :
+	find src test -name '__pycache__' -exec rm -rf {} +
+	find src test -name '*.pyc' -exec rm -f {} +
+	find src test -name '*.pyo' -exec rm -f {} +
+
+# runs unit tests
+check : test
+
+test : clean-pyc
+	tox
+
+# publishes module at pypi
+upload : test
+	python ./setup.py sdist upload

wrapper/python/wolfssl/Vagrantfile

@@ -1,14 +1,17 @@
 # -*- mode: ruby -*-
 # vi: set ft=ruby :
-BOX = "ubuntu"
 VAGRANTFILE_API_VERSION = "2"
 
 Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
-    if BOX == "ubuntu"
-        config.vm.box = "ubuntu/trusty64"
-        config.vm.provision "shell", path: ".ubuntu-provisioner.sh"
-    else
-        config.vm.box = "moisesguimaraes/centos72-64"
-        config.vm.provision "shell", path: ".centos-provisioner.sh"
-    end
-end
+
+  config.vm.define "default" do |default|
+    default.vm.box = "ubuntu/trusty64"
+    default.vm.provision "shell", path: ".ubuntu-provisioner.sh"
+  end
+
+  config.vm.define "centos", autostart: false do |centos|
+    centos.vm.box = "moisesguimaraes/centos72-64"
+    centos.vm.provision "shell", path: ".centos-provisioner.sh"
+  end
+
+end

wrapper/python/wolfssl/examples/server.py

@@ -4,7 +4,7 @@
 #
 # server.py
 #
-# Copyright (C) 2006-2016 wolfSSL Inc.
+# Copyright (C) 2006-2017 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #
@@ -26,6 +26,7 @@
 
 import sys
 import socket
+import argparse
 
 try:
     import wolfssl
@@ -33,32 +34,121 @@ except ImportError:
     print("You must run 'python setup.py install' to use the examples")
     sys.exit()
 
-bind_socket = socket.socket()
-bind_socket.bind(('', 0))
-bind_socket.listen(5)
+def build_arg_parser():
+    parser = argparse.ArgumentParser(add_help=False)
 
-print("Server listening on port", bind_socket.getsockname()[1])
+    parser.add_argument(
+        "-?", "--help", action="help",
+        help="show this help message and exit"
+    )
 
-while True:
-    try:
-        secure_socket = None
+    parser.add_argument(
+        "-p", metavar="port", type=int, default=11111,
+        help="Port to listen on, not 0, default 11111"
+    )
 
-        new_socket, from_addr = bind_socket.accept()
+    parser.add_argument(
+        "-v", metavar="version", type=int, choices=[0, 1, 2, 3], default=3,
+        help="SSL version [0-3], SSLv3(0) - TLS1.2(3)), default 3"
+    )
 
-        secure_socket = wolfssl.wrap_socket(
-            new_socket,
-            server_side=True,
-            certfile="certs/server-cert.pem",
-            keyfile="certs/server-key.pem")
+    parser.add_argument(
+        "-l", metavar="ciphers", type=str, default="",
+        help="Cipher suite list (: delimited)"
+    )
 
-        print(secure_socket.read())
-        secure_socket.write(b"I hear you fa shizzle!")
+    parser.add_argument(
+        "-c", metavar="certificate", default="./certs/server-cert.pem",
+        help="Certificate file,           default ./certs/server-cert.pem"
+    )
 
-    except KeyboardInterrupt:
-        print()
-        break
+    parser.add_argument(
+        "-k", metavar="key", default="./certs/server-key.pem",
+        help="Key file,                   default ./certs/server-key.pem"
+    )
 
-    finally:
-        if secure_socket:
-            secure_socket.shutdown(socket.SHUT_RDWR)
-            secure_socket.close()
+    parser.add_argument(
+        "-A", metavar="ca_file", default="./certs/client-cert.pem",
+        help="Certificate Authority file, default ./certs/client-cert.pem"
+    )
+
+    parser.add_argument(
+        "-d", action="store_true",
+        help="Disable client cert check"
+    )
+
+    parser.add_argument(
+        "-b", action="store_true",
+        help="Bind to any interface instead of localhost only"
+    )
+
+    parser.add_argument(
+        "-i", action="store_true",
+        help="Loop indefinitely (allow repeated connections)"
+    )
+
+    return parser
+
+
+def get_method(index):
+    return (
+        wolfssl.PROTOCOL_SSLv3,
+        wolfssl.PROTOCOL_TLSv1,
+        wolfssl.PROTOCOL_TLSv1_1,
+        wolfssl.PROTOCOL_TLSv1_2
+    )[index]
+
+
+def main():
+    args = build_arg_parser().parse_args()
+    print(args)
+
+    bind_socket = socket.socket()
+    bind_socket.bind(("" if args.b else "localhost", args.p))
+    bind_socket.listen(5)
+
+    print("Server listening on port", bind_socket.getsockname()[1])
+
+    context = wolfssl.SSLContext(get_method(args.v), server_side=True)
+
+    context.load_cert_chain(args.c, args.k)
+
+    if args.d:
+        context.verify_mode = wolfssl.CERT_NONE
+    else:
+        context.verify_mode = wolfssl.CERT_REQUIRED
+        context.load_verify_locations(args.A)
+
+    if args.l:
+        context.set_ciphers(args.l)
+
+    while True:
+        try:
+            secure_socket = None
+
+            new_socket, from_addr = bind_socket.accept()
+
+            secure_socket = context.wrap_socket(new_socket)
+
+            print("Connection received from", from_addr)
+
+            print("\n", secure_socket.read(), "\n")
+            secure_socket.write(b"I hear you fa shizzle!")
+
+        except KeyboardInterrupt:
+            print()
+            break
+
+        finally:
+            if secure_socket:
+                secure_socket.shutdown(socket.SHUT_RDWR)
+                secure_socket.close()
+
+        if not args.i:
+            break
+
+    bind_socket.close()
+
+
+if __name__ == '__main__':
+    main()

wrapper/python/wolfssl/setup.py

@@ -3,7 +3,7 @@
 #
 # setup.py
 #
-# Copyright (C) 2006-2016 wolfSSL Inc.
+# Copyright (C) 2006-2017 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #

wrapper/python/wolfssl/src/wolfssl/__about__.py

@@ -2,7 +2,7 @@
 #
 # __about__.py
 #
-# Copyright (C) 2006-2016 wolfSSL Inc.
+# Copyright (C) 2006-2017 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #

wrapper/python/wolfssl/src/wolfssl/__init__.py

@@ -2,7 +2,7 @@
 #
 # __init__.py
 #
-# Copyright (C) 2006-2016 wolfSSL Inc.
+# Copyright (C) 2006-2017 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #

wrapper/python/wolfssl/src/wolfssl/_memory.py

@@ -2,7 +2,7 @@
 #
 # _memory.py
 #
-# Copyright (C) 2006-2016 wolfSSL Inc.
+# Copyright (C) 2006-2017 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #

wrapper/python/wolfssl/src/wolfssl/_methods.py

@@ -2,7 +2,7 @@
 #
 # _methods.py
 #
-# Copyright (C) 2006-2016 wolfSSL Inc.
+# Copyright (C) 2006-2017 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #

wrapper/python/wolfssl/src/wolfssl/build_ffi.py

@@ -2,7 +2,7 @@
 #
 # build_ffi.py
 #
-# Copyright (C) 2006-2016 wolfSSL Inc.
+# Copyright (C) 2006-2017 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #

wrapper/python/wolfssl/src/wolfssl/exceptions.py

@@ -2,7 +2,7 @@
 #
 # exceptions.py
 #
-# Copyright (C) 2006-2016 wolfSSL Inc.
+# Copyright (C) 2006-2017 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #

wrapper/python/wolfssl/src/wolfssl/utils.py

@@ -2,7 +2,7 @@
 #
 # utils.py
 #
-# Copyright (C) 2006-2016 wolfSSL Inc.
+# Copyright (C) 2006-2017 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #

wrapper/python/wolfssl/test/conftest.py

@@ -2,7 +2,7 @@
 #
 # conftest.py
 #
-# Copyright (C) 2006-2016 wolfSSL Inc.
+# Copyright (C) 2006-2017 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #

wrapper/python/wolfssl/test/test_client.py

@@ -2,7 +2,7 @@
 #
 # test_client.py
 #
-# Copyright (C) 2006-2016 wolfSSL Inc.
+# Copyright (C) 2006-2017 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #

wrapper/python/wolfssl/test/test_context.py

@@ -2,7 +2,7 @@
 #
 # test_context.py
 #
-# Copyright (C) 2006-2016 wolfSSL Inc.
+# Copyright (C) 2006-2017 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #

wrapper/python/wolfssl/test/test_methods.py

@@ -2,7 +2,7 @@
 #
 # test_methods.py
 #
-# Copyright (C) 2006-2016 wolfSSL Inc.
+# Copyright (C) 2006-2017 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #

wrapper/python/wolfssl/test/test_server.py

@@ -1,64 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# test_server.py
-#
-# Copyright (C) 2006-2016 wolfSSL Inc.
-#
-# This file is part of wolfSSL. (formerly known as CyaSSL)
-#
-# wolfSSL is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# wolfSSL is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
-
-# pylint: disable=missing-docstring, invalid-name, import-error
-
-import unittest
-import socket
-import ssl
-
-HOST = 'localhost'
-
-class SSLTest(unittest.TestCase):
-    provider = ssl
-
-    def setUp(self):
-        # server setup
-        self.server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-        self.server.bind((HOST, 0))
-        self.port = self.server.getsockname()[1]
-        self.server.listen(1)
-
-        # client setup
-        self.client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-
-    def tearDown(self):
-        self.server.close()
-        self.server = None
-
-        self.client.close()
-        self.client = None
-
-    def cleartext(self):
-        conn = self.server.accept()[0]
-        secure_server = self.provider.wrap_socket(
-            conn, server_side=True,
-            certfile="certs/server_cert.pem",
-            keyfile="certs/server_key.pem")
-
-        self.client.send(b"server, can you hear me?")
-        self.assertEqual(b"server, can you hear me?",
-                         secure_server.read(256))
-
-        conn.send(b"I hear you loud and clear, client.")
-        self.assertEqual(b"I hear you loud and clear, client.",
-                         self.client.recv(256))