Library import 16 (#2433)

Co-authored-by: robot-piglet <robot-piglet@yandex-team.com>
Co-authored-by: deshevoy <deshevoy@yandex-team.com>
Co-authored-by: robot-contrib <robot-contrib@yandex-team.com>
Co-authored-by: thegeorg <thegeorg@yandex-team.com>
Co-authored-by: robot-ya-builder <robot-ya-builder@yandex-team.com>
Co-authored-by: svidyuk <svidyuk@yandex-team.com>
Co-authored-by: shadchin <shadchin@yandex-team.com>
Co-authored-by: robot-ratatosk <robot-ratatosk@yandex-team.com>
Co-authored-by: innokentii <innokentii@yandex-team.com>
Co-authored-by: arkady-e1ppa <arkady-e1ppa@yandex-team.com>
Co-authored-by: snermolaev <snermolaev@yandex-team.com>
Co-authored-by: dimdim11 <dimdim11@yandex-team.com>
Co-authored-by: kickbutt <kickbutt@yandex-team.com>
Co-authored-by: abdullinsaid <abdullinsaid@yandex-team.com>
Co-authored-by: korsunandrei <korsunandrei@yandex-team.com>
Co-authored-by: petrk <petrk@yandex-team.com>
Co-authored-by: miroslav2 <miroslav2@yandex-team.com>
Co-authored-by: serjflint <serjflint@yandex-team.com>
Co-authored-by: akhropov <akhropov@yandex-team.com>
Co-authored-by: prettyboy <prettyboy@yandex-team.com>
Co-authored-by: ilikepugs <ilikepugs@yandex-team.com>
Co-authored-by: hiddenpath <hiddenpath@yandex-team.com>
Co-authored-by: mikhnenko <mikhnenko@yandex-team.com>
Co-authored-by: spreis <spreis@yandex-team.com>
Co-authored-by: andreyshspb <andreyshspb@yandex-team.com>
Co-authored-by: dimaandreev <dimaandreev@yandex-team.com>
Co-authored-by: rashid <rashid@yandex-team.com>
Co-authored-by: robot-ydb-importer <robot-ydb-importer@yandex-team.com>
Co-authored-by: r-vetrov <r-vetrov@yandex-team.com>
Co-authored-by: ypodlesov <ypodlesov@yandex-team.com>
Co-authored-by: zaverden <zaverden@yandex-team.com>
Co-authored-by: vpozdyayev <vpozdyayev@yandex-team.com>
Co-authored-by: robot-cozmo <robot-cozmo@yandex-team.com>
Co-authored-by: v-korovin <v-korovin@yandex-team.com>
Co-authored-by: arikon <arikon@yandex-team.com>
Co-authored-by: khoden <khoden@yandex-team.com>
Co-authored-by: psydmm <psydmm@yandex-team.com>
Co-authored-by: robot-javacom <robot-javacom@yandex-team.com>
Co-authored-by: dtorilov <dtorilov@yandex-team.com>
Co-authored-by: sennikovmv <sennikovmv@yandex-team.com>
Co-authored-by: hcpp <hcpp@ydb.tech>

1 files changed, 245 insertions, 0 deletions

diff --git a/contrib/tools/python3/Modules/_ssl/cert.c b/contrib/tools/python3/Modules/_ssl/cert.c
new file mode 100644
index 0000000000..bda66dc4d9
--- /dev/null
+++ b/contrib/tools/python3/Modules/_ssl/cert.c
@@ -0,0 +1,245 @@
+#include "Python.h"
+#include "../_ssl.h"
+
+#include "openssl/err.h"
+#include "openssl/bio.h"
+#include "openssl/pem.h"
+#include "openssl/x509.h"
+
+/*[clinic input]
+module _ssl
+class _ssl.Certificate "PySSLCertificate *" "PySSLCertificate_Type"
+[clinic start generated code]*/
+/*[clinic end generated code: output=da39a3ee5e6b4b0d input=780fc647948cfffc]*/
+
+#include "clinic/cert.c.h"
+
+static PyObject *
+newCertificate(PyTypeObject *type, X509 *cert, int upref)
+{
+    PySSLCertificate *self;
+
+    assert(type != NULL && type->tp_alloc != NULL);
+    assert(cert != NULL);
+
+    self = (PySSLCertificate *) type->tp_alloc(type, 0);
+    if (self == NULL) {
+        return NULL;
+    }
+    if (upref == 1) {
+        X509_up_ref(cert);
+    }
+    self->cert = cert;
+    self->hash = -1;
+
+    return (PyObject *) self;
+}
+
+static PyObject *
+_PySSL_CertificateFromX509(_sslmodulestate *state, X509 *cert, int upref)
+{
+    return newCertificate(state->PySSLCertificate_Type, cert, upref);
+}
+
+static PyObject*
+_PySSL_CertificateFromX509Stack(_sslmodulestate *state, STACK_OF(X509) *stack, int upref)
+{
+    int len, i;
+    PyObject *result = NULL;
+
+    len = sk_X509_num(stack);
+    result = PyList_New(len);
+    if (result == NULL) {
+        return NULL;
+    }
+    for (i = 0; i < len; i++) {
+        X509 *cert = sk_X509_value(stack, i);
+        PyObject *ocert = _PySSL_CertificateFromX509(state, cert, upref);
+        if (ocert == NULL) {
+            Py_DECREF(result);
+            return NULL;
+        }
+        PyList_SetItem(result, i, ocert);
+    }
+    return result;
+}
+
+/*[clinic input]
+_ssl.Certificate.public_bytes
+    format: int(c_default="PY_SSL_ENCODING_PEM") = Encoding.PEM
+
+[clinic start generated code]*/
+
+static PyObject *
+_ssl_Certificate_public_bytes_impl(PySSLCertificate *self, int format)
+/*[clinic end generated code: output=c01ddbb697429e12 input=4d38c45e874b0e64]*/
+{
+    BIO *bio;
+    int retcode;
+    PyObject *result;
+    _sslmodulestate *state = get_state_cert(self);
+
+    bio = BIO_new(BIO_s_mem());
+    if (bio == NULL) {
+        PyErr_SetString(state->PySSLErrorObject,
+                        "failed to allocate BIO");
+        return NULL;
+    }
+    switch(format) {
+    case PY_SSL_ENCODING_PEM:
+        retcode = PEM_write_bio_X509(bio, self->cert);
+        break;
+    case PY_SSL_ENCODING_PEM_AUX:
+        retcode = PEM_write_bio_X509_AUX(bio, self->cert);
+        break;
+    case PY_SSL_ENCODING_DER:
+        retcode = i2d_X509_bio(bio, self->cert);
+        break;
+    default:
+        PyErr_SetString(PyExc_ValueError, "Unsupported format");
+        BIO_free(bio);
+        return NULL;
+    }
+    if (retcode != 1) {
+        BIO_free(bio);
+        _setSSLError(state, NULL, 0, __FILE__, __LINE__);
+        return NULL;
+    }
+    if (format == PY_SSL_ENCODING_DER) {
+        result = _PySSL_BytesFromBIO(state, bio);
+    } else {
+        result = _PySSL_UnicodeFromBIO(state, bio, "error");
+    }
+    BIO_free(bio);
+    return result;
+}
+
+
+/*[clinic input]
+_ssl.Certificate.get_info
+
+[clinic start generated code]*/
+
+static PyObject *
+_ssl_Certificate_get_info_impl(PySSLCertificate *self)
+/*[clinic end generated code: output=0f0deaac54f4408b input=ba2c1694b39d0778]*/
+{
+    return _decode_certificate(get_state_cert(self), self->cert);
+}
+
+static PyObject*
+_x509name_print(_sslmodulestate *state, X509_NAME *name, int indent, unsigned long flags)
+{
+    PyObject *res;
+    BIO *biobuf;
+
+    biobuf = BIO_new(BIO_s_mem());
+    if (biobuf == NULL) {
+        PyErr_SetString(PyExc_MemoryError, "failed to allocate BIO");
+        return NULL;
+    }
+
+    if (X509_NAME_print_ex(biobuf, name, indent, flags) <= 0) {
+        _setSSLError(state, NULL, 0, __FILE__, __LINE__);
+        BIO_free(biobuf);
+        return NULL;
+    }
+    res = _PySSL_UnicodeFromBIO(state, biobuf, "strict");
+    BIO_free(biobuf);
+    return res;
+}
+
+/* ************************************************************************
+ * PySSLCertificate_Type
+ */
+
+static PyObject *
+certificate_repr(PySSLCertificate *self)
+{
+    PyObject *osubject, *result;
+
+    /* subject string is ASCII encoded, UTF-8 chars are quoted */
+    osubject = _x509name_print(
+        get_state_cert(self),
+        X509_get_subject_name(self->cert),
+        0,
+        XN_FLAG_RFC2253
+    );
+    if (osubject == NULL)
+        return NULL;
+    result = PyUnicode_FromFormat(
+        "<%s '%U'>",
+        Py_TYPE(self)->tp_name, osubject
+    );
+    Py_DECREF(osubject);
+    return result;
+}
+
+static Py_hash_t
+certificate_hash(PySSLCertificate *self)
+{
+    if (self->hash == (Py_hash_t)-1) {
+        unsigned long hash;
+        hash = X509_subject_name_hash(self->cert);
+        if ((Py_hash_t)hash == (Py_hash_t)-1) {
+            self->hash = -2;
+        } else {
+            self->hash = (Py_hash_t)hash;
+        }
+    }
+    return self->hash;
+}
+
+static PyObject *
+certificate_richcompare(PySSLCertificate *self, PyObject *other, int op)
+{
+    int cmp;
+    _sslmodulestate *state = get_state_cert(self);
+
+    if (Py_TYPE(other) != state->PySSLCertificate_Type) {
+        Py_RETURN_NOTIMPLEMENTED;
+    }
+    /* only support == and != */
+    if ((op != Py_EQ) && (op != Py_NE)) {
+        Py_RETURN_NOTIMPLEMENTED;
+    }
+    cmp = X509_cmp(self->cert, ((PySSLCertificate*)other)->cert);
+    if (((op == Py_EQ) && (cmp == 0)) || ((op == Py_NE) && (cmp != 0))) {
+        Py_RETURN_TRUE;
+    } else {
+        Py_RETURN_FALSE;
+    }
+}
+
+static void
+certificate_dealloc(PySSLCertificate *self)
+{
+    PyTypeObject *tp = Py_TYPE(self);
+    X509_free(self->cert);
+    Py_TYPE(self)->tp_free(self);
+    Py_DECREF(tp);
+}
+
+static PyMethodDef certificate_methods[] = {
+    /* methods */
+    _SSL_CERTIFICATE_PUBLIC_BYTES_METHODDEF
+    _SSL_CERTIFICATE_GET_INFO_METHODDEF
+    {NULL, NULL}
+};
+
+static PyType_Slot PySSLCertificate_slots[] = {
+    {Py_tp_dealloc, certificate_dealloc},
+    {Py_tp_repr, certificate_repr},
+    {Py_tp_hash, certificate_hash},
+    {Py_tp_richcompare, certificate_richcompare},
+    {Py_tp_methods, certificate_methods},
+    {0, 0},
+};
+
+static PyType_Spec PySSLCertificate_spec = {
+    "_ssl.Certificate",
+    sizeof(PySSLCertificate),
+    0,
+    Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
+    PySSLCertificate_slots,
+};