Context Navigation

← Previous Changeset
Next Changeset →

Changeset 6837

Timestamp:

21/04/10 16:40:42 (11 years ago)

Author:

pjkersha

Message:

Fixing peer cert verification

Location:

TI12-security/trunk/MyProxyClient

Files:

: 6 edited
: 2 copied

.project (copied) (copied from TI12-security/branches/MyProxyClient-pyopenssl/.project)
.pydevproject (copied) (copied from TI12-security/branches/MyProxyClient-pyopenssl/.pydevproject) (1 diff)
myproxy/client.py (modified) (14 diffs)
myproxy/test/proxy.crt (modified) (1 diff)
myproxy/test/proxy.key (modified) (1 diff)
myproxy/test/test_myproxyclient.py (modified) (4 diffs)
myproxy/utils/openssl.py (modified) (12 diffs)
setup.py (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

TI12-security/trunk/MyProxyClient/.pydevproject

r6835	r6837
4	4	<pydev_project>
5	5	<pydev_pathproperty name="org.python.pydev.PROJECT_SOURCE_PATH">
6		<path>/MyProxyClient~~-pyopenssl~~</path>
	6	<path>/MyProxyClient</path>
7	7	</pydev_pathproperty>
8	8	<pydev_property name="org.python.pydev.PYTHON_PROJECT_VERSION">python 2.6</pydev_property>

TI12-security/trunk/MyProxyClient/myproxy/client.py

-                      r6829
+                      r6837
 Major re-write of an original class.   This updated version implements methods
 with SSL calls with M2Crypto rather use calls to myproxy client executables as
+with SSL calls with PyOpenSSL rather use calls to myproxy client executables as
 in the original.  This version is adapted and extended from an original
 program myproxy_logon by Tom Uram <turam@mcs.anl.gov>
 …
 import os
 import socket
-from M2Crypto import X509, RSA, EVP, m2, BIO, SSL, util
 import base64
+import re
+import traceback
 from ConfigParser import SafeConfigParser
+from OpenSSL import crypto, SSL
 from myproxy.utils.openssl import OpenSSLConfig, OpenSSLConfigError
 …
+class _HostCheck(SSL.Checker.Checker):
+    """Override SSL.Checker.Checker to allow additional check of MyProxy
+    server identity.  If hostname doesn't match, allow match of host's
+    Distinguished Name against MYPROXY_SERVER_DN setting"""
+class MyProxyServerSSLCertVerification(object):
+    """Check MyProxy server identity.  If hostname doesn't match, allow match of
+    host's Distinguished Name against MYPROXY_SERVER_DN setting"""
+    DN_LUT = {
+        'commonName':               'CN',
+        'organisationalUnitName':   'OU',
+        'organisation':             'O',
+        'countryName':              'C',
+        'emailAddress':             'EMAILADDRESS',
+        'localityName':             'L',
+        'stateOrProvinceName':      'ST',
+        'streetAddress':            'STREET',
+        'domainComponent':          'DC',
+        'userid':                   'UID'
+    }
+    PARSER_RE_STR = '/(%s)=' % '|'.join(DN_LUT.keys() + DN_LUT.values())
+    PARSER_RE = re.compile(PARSER_RE_STR)
     def __init__(self,
                  myProxyServerDN=os.environ.get('MYPROXY_SERVER_DN'),
 …
         this keyword to '' or None to override and omit the prefix"""
+        SSL.Checker.Checker.__init__(self, **kw)
+        self.myProxyServerDN = myProxyServerDN
+        # Allow for quoted DN
+        myProxyServerDN = myProxyServerDN.strip('"')
+        dnFields = self.__class__.PARSER_RE.split(myProxyServerDN)
+        if len(dnFields) < 2:
+            raise MyProxyClientError('Error parsing DN string: "%s"' %
+                                     myProxyServerDN)
+        self.myProxyServerDN = zip(dnFields[1::2], dnFields[2::2])
+        self.myProxyServerDN.sort()
         self.cnHostPfx = cnHostPfx
+    def __call__(self, peerCert, host=None):
+        """Carry out checks on server ID
+    def __call__(self, connection, peerCert, errorStatus, errorDepth,
+                 successStatus):
+        """Verify MyProxy server certificate
+        @type connection: OpenSSL.SSL.Connection
+        @param connection: SSL connection object
         @type peerCert: basestring
         @param peerCert: MyProxy server host certificate as M2Crypto.X509.X509
+        @param peerCert: MyProxy server host certificate as OpenSSL.crypto.X509
         instance
+        @type host: basestring
+        @param host: name of host to check
+        @type errorStatus: int
+        @param errorStatus: error code to return if verification fails
+        @type errorDepth: int
+        @param errorDepth:
+        @type successStatus: int
+        @param successStatus:
+        @rtype: int
+        @return: status code
         """
+        # Globus host certificate has a "host/" prefix - see explanation in
+        # __init__.__doc__
+        cnHostPfx = isinstance(self.cnHostPfx, basestring) \
+                    and self.cnHostPfx or ''
+        host = None or cnHostPfx + self.host
+        try:
+            SSL.Checker.Checker.__call__(self, peerCert, host=host)
+        except SSL.Checker.WrongHost, e:
+            # Try match against DN set from MYPROXY_SERVER_DN / config
+            # file setting
+            peerCertDN = '/'+peerCert.get_subject().as_text().replace(', ','/')
+            # If they match drop the exception and return all OK instead
+            if peerCertDN != self.myProxyServerDN:
+                raise
+        return True
+        return errorStatus
+        if peerCert.has_expired():
+            # Any expired certificate in the chain should result in an error
+            if log.getEffectiveLevel() == logging.DEBUG:
+                log.debug('Certificate %r in peer certificate chain has ',
+                          'expired', peerCert.get_subject())
+            return errorStatus
+        elif errorDepth == 0:
+            # Only interested in DN of last certificate in the chain - this must
+            # match the expected MyProxy Server DN setting
+            peerCertDN = peerCert.get_subject().get_components()
+            peerCertDN.sort()
+            if peerCertDN == self.myProxyServerDN:
+                return successStatus
+            else:
+                return errorStatus
+        else:
+            return successStatus
 …
         validation of MyProxy server certificate.
         Set to None to make M2Crypto.SSL.Context.load_verify_locations ignore
+        Set to None to make OpenSSL.SSL.Context.load_verify_locations ignore
         this parameter
 …
         not needed in the case of a proxy private key
         """
         # Must be version 3 for MyProxy
         context = SSL.Context(protocol='sslv3')
+        context = SSL.Context(SSL.SSLv3_METHOD)
         if self.caCertFilePath or self.caCertDir:
+            context.load_verify_locations(cafile=self.caCertFilePath,
+                                          capath=self.caCertDir)
+            # Stop if peer's certificate can't be verified
+            context.set_allow_unknown_ca(False)
+        else:
+            context.set_allow_unknown_ca(True)
+            context.load_verify_locations(self.caCertFilePath, self.caCertDir)
         if ownerCertFile:
             try:
+                context.load_cert_chain(ownerCertFile,
+                                    keyfile=ownerKeyFile,
+                                    callback=lambda *ar, **kw: ownerPassphrase)
+            except Exception, e:
+                context.use_certificate_chain_file(ownerCertFile)
+                def pwdCallback(passphraseMaxLen,
+                                promptPassphraseTwice,
+                                passphrase):
+                    if len(passphrase) > passphraseMaxLen:
+                        log.error('Passphrase length %d is greater than the '
+                                  'maximum length allowed %d',
+                                  len(passphrase), passphraseMaxLen)
+                        return ''
+                    return passphrase
+                context.set_passwd_cb(pwdCallback, ownerPassphrase)
+                context.use_privatekey_file(ownerKeyFile)
+            except Exception:
                 raise MyProxyClientConfigError("Loading certificate "
                                                "and private key for SSL "
                                                "connection [also check CA "
+                                               "certificate settings]: %s" % e)
+            # Verify peer's certificate
+            context.set_verify(SSL.verify_peer, 1)
+                                               "certificate settings]: %s" %
+                                               traceback.format_exc())
+        # Verify peer's (MyProxy server) certificate
+        context.set_verify(SSL.VERIFY_PEER|SSL.VERIFY_FAIL_IF_NO_PEER_CERT,
+                           MyProxyServerSSLCertVerification())
 …
         # globus doesn't handle this case, apparently, and instead
         # chokes in proxy delegation code
         context.set_options(m2.SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
+        context.set_options(SSL.OP_DONT_INSERT_EMPTY_FRAGMENTS)
         # connect to myproxy server
         conn = SSL.Connection(context, sock=socket.socket())
+        conn = SSL.Connection(context, socket.socket())
         # Check server host identity - if host doesn't match use explicit
         # 'serverDN'
         # host/<hostname> one
         hostCheck = _HostCheck(host=self.hostname,
                                myProxyServerDN=self.serverDN,
                                cnHostPfx=self.serverCNPrefix)
         conn.set_post_connection_check_callback(hostCheck)
+#        hostCheck = _HostCheck(host=self.hostname,
+#                               myProxyServerDN=self.serverDN,
+#                               cnHostPfx=self.serverCNPrefix)
+#        conn.set_post_connection_check_callback(hostCheck)
         return conn
     def _createKeys(self, nBitsForKey=PRIKEY_NBITS):
+    def _createKeyPair(self, nBitsForKey=PRIKEY_NBITS):
         """Generate key pair and return as PEM encoded string
         @type nBitsForKey: int
 …
         @return: public/private key pair
         """
         keyPair = RSA.gen_key(nBitsForKey, 65537L,#m2.RSA_F4,
                               callback=lambda *arg, **kw: None)
+        keyPair = crypto.PKey()
+        keyPair.generate_key(crypto.TYPE_RSA, nBitsForKey)
         return keyPair
 …
         # Check all required certifcate request DN parameters are set
         # Create certificate request
         req = X509.Request()
+        certReq = crypto.X509Req()
         # Create public key object
+        pubKey = EVP.PKey()
+        pubKey.assign_rsa(keyPair)
+        certReq.set_pubkey(keyPair)
         # Add the public key to the request
+        req.set_version(0)
+        req.set_pubkey(pubKey)
+        defaultReqDN = self._openSSLConfig.reqDN
+        # Set DN
+        x509Name = X509.X509_Name()
+        x509Name.CN = CN
+        if defaultReqDN:
+            x509Name.OU = defaultReqDN['OU']
+            x509Name.O = defaultReqDN['O']
+        req.set_subject_name(x509Name)
+        req.sign(pubKey, messageDigest)
+        return req.as_der()
+        certReq.sign(keyPair, messageDigest)
+        derCertReq = crypto.dump_certificate_request(crypto.FILETYPE_ASN1,
+                                                     certReq)
+        return derCertReq
     def _deserializeResponse(self, msg, *fieldNames):
 …
         @return list containing the equivalent to the input in PEM format"""
         pemCerts = []
+        pemCerts = []
         dat = inputDat
         while dat:
+        while dat:
             # find start of cert, get length
             ind = dat.find('\x30\x82')
 …
             # extract der-format cert, and convert to pem
             derCert = dat[ind:ind+len+4]
+            x509 = X509.load_cert_der_string(derCert)
+            pemCert = x509.as_pem()
+            x509Cert = crypto.load_certificate(crypto.FILETYPE_ASN1, derCert)
+            pemCert = crypto.dump_certificate(crypto.FILETYPE_PEM, x509Cert)
             pemCerts.append(pemCert)
 …
         # Send certificate and private key
         certTxt = X509.load_cert(certFile).as_pem()
+        certTxt = open(certFile).read()
         keyTxt = open(keyFile).read()
 …
             # If no key pair was passed, generate here
             if keyPair is None:
                 keyPair = self._createKeys(nBitsForKey=nBitsForKey)
+                keyPair = self._createKeyPair(nBitsForKey=nBitsForKey)
             certReq = self._createCertReq(username, keyPair)
         if keyPair is not None:
+            pemKeyPair = keyPair.as_pem(cipher=None,
+                                        callback=util.no_passphrase_callback)
+            pemKeyPair = crypto.dump_privatekey(crypto.FILETYPE_PEM, keyPair)
         # Set-up SSL connection
 …
             for tries in range(MyProxyClient.MAX_RECV_TRIES):
                 dat += conn.recv(MyProxyClient.SERVER_RESP_BLK_SIZE)
         except SSL.SSLError:
+        except SSL.SysCallError:
             # Expect this exception when response content exhausted
             pass

TI12-security/trunk/MyProxyClient/myproxy/test/proxy.crt

-                      r6829
+                      r6837
 -----BEGIN CERTIFICATE-----
 MIICfDCCAeWgAwIBAgIEFEquwTANBgkqhkiG9w0BAQUFADAlMRAwDgYDVQQKEwdH
 YWJyaWVsMREwDwYDVQQDEwh0ZXN0dXNlcjAeFw0xMDA0MjEwOTI5MDNaFw0xMDA0
 MjIwMzM0MDNaMDkxEDAOBgNVBAoTB0dhYnJpZWwxETAPBgNVBAMTCHRlc3R1c2Vy
 MRIwEAYDVQQDEwkzNDA0Mzg3MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDySWTRVbS6L5T9UUoTpARD+Jk6H8NFp9Y1TjFWPaKySKa9ep0Gdj0vM83B
+Hz0U2R6FgdoaTBFIB2pbugjbm3pl8FIRZKaq7gdO6otmC21Y5XpjVA0s/fgyBG
+y0iKqG78lSDnaBmVyaCra+2a7kkqsxGwUCMAlnxmZPqsHKXuRozRwTassH+BdUIt
+A3oUe7M1PQLo3e5hwJWg/7igRHc7kHItaSRUcXeZ7RNnY/DNSU6ww/ovWFZajqpt
+cCyFpmRZ6nPx2jhxWyKvu8xi+NeKlkwc9mmqcWdJD1iRomQWNJAgG85Bm2oZSlMV
+xJwMoiEZRxNk1yzBTMlqRW+Tcu69AgMBAAGjITAfMB0GCCsGAQUFBwEOAQH/BA4w
+DDAKBggrBgEFBQcVATANBgkqhkiG9w0BAQUFAAOBgQDcbaaHn/fP61V97xl+24v/
+qFaFG4F415QD6o7ZTV0o1dub1ygXO5FaVBYgDa7bxV72qZw24rxbLs5fxVkKBAWc
+HYidDjG9FlDcgEC43Y6NSyugvuoPowBx/IPdRe2e/ub0qbZrAm7Xz8mNJKfVXkV8
 vhj9yMRFrxmIyqFVoSI+QA==
+MIICfTCCAeagAwIBAgIEeVU+zzANBgkqhkiG9w0BAQUFADAlMRAwDgYDVQQKEwdH
+YWJyaWVsMREwDwYDVQQDEwh0ZXN0dXNlcjAeFw0xMDA0MjExNTMxMjVaFw0xMDA0
+MjIwOTM2MjVaMDoxEDAOBgNVBAoTB0dhYnJpZWwxETAPBgNVBAMTCHRlc3R1c2Vy
+MRMwEQYDVQQDEwoyMDM1NjI5Nzc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEA3xsYzad74OW10LnCPO+DRZDbhin7/L1E8XKdPKrmau0Gt1HrpEiXsAa4
+WwhdCJZ/i/eDwRCNQDvcqQ6O4fBpyl3pk3LOjZOHsZir1ya8pODOjhfQI4hRY1Da
+R7PIh2woa13qFj0lTlaeYMEtxcC6Mp1q/wdnAzIJtQgXlVlPfB4cnQBFp8q5+8RO
+ZGe8ie2yHT9mo02ymoKwtWHUJbhLc7LFkV1D9/GdtmfrfyOd8oOleGM9p29omtA8
+qnnaj2oqr5XvEFu3ThxSC0Y3QI16QKJCdK+0PyEtj5NZ3OqtYK+GnkgLftKfjUL
+c078kBWkcwS042lIMhmgAjM0hD7ZwIDAQABoyEwHzAdBggrBgEFBQcBDgEB/wQO
+MAwwCgYIKwYBBQUHFQEwDQYJKoZIhvcNAQEFBQADgYEAlyn+pgDT0AuKZpBRdLLN
+lbNBVlVrOz1tBvBpyuuzhuS8GpAO7AJb8FuvyWNqXPSjSXzzm6CDFX0pXKuaA0VM
+QZ/gG61o1ky2xhbJfgMxousIyu32YlPfUrmv5xM7pgl3NCuK67fJMC13hjq+RkT1
+wDMNhY1ngTo1sxV8UnKjcx0=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----

TI12-security/trunk/MyProxyClient/myproxy/test/proxy.key

-                      r6829
+                      r6837
 -----BEGIN RSA PRIVATE KEY-----
+MAMCAQA=
+MIIEpQIBAAKCAQEA3xsYzad74OW10LnCPO+DRZDbhin7/L1E8XKdPKrmau0Gt1Hr
+pEiXsAa4WwhdCJZ/i/eDwRCNQDvcqQ6O4fBpyl3pk3LOjZOHsZir1ya8pODOjhfQ
+I4hRY1DaR7PIh2woa13qFj0lTlaeYMEtxcC6Mp1q/wdnAzIJtQgXlVlPfB4cnQBF
+p8q5+8ROZGe8ie2yHT9mo02ymoKwtWHUJbhLc7LFkV1D9/GdtmfrfyOd8oOleGM9
+p29omtA80qnnaj2oqr5XvEFu3ThxSC0Y3QI16QKJCdK+0PyEtj5NZ3OqtYK+Gnkg
+LftKfjUL1c078kBWkcwS042lIMhmgAjM0hD7ZwIDAQABAoIBAQDMuCiCTPS24RF8
+fXdmQsDJzKoi6dN3jpT8mJb/XDIiW2yWOm1nSdUmiIQRxBLaFn7jCDO1rGJwVn2c
+AufJGrl4H8R8sBQohP82T0kfG0RuZnoimGc8s5E6+K3SrX2MBgrwujRaQ7E/uOuL
+DLfbhYVVfGz5puk3XWra2poJSPJOh/vigFF9mrKUSMNHr9wfRr9nPCMBLv7MUkwW
+OsrFCEQpm75myJT82mWiGaKrSz8y4rvrPq2XhalnJ0DeeXFB3wU+h90McG3tL1PT
+cKoPfU9yYtTBgxJHwFnrjS87jg8RgExm9PX03VPzErXjHbTpl3z9PGU2asNhCOv
++Qjsj/jBAoGBAPnhuzgJqnYEWDzs6D3QM3EorD4I2lhi+6cURqD6C0AbFyQjvXqG
++mD46Vn9Vdymzcf8pXtT0QHmrfZWBoRB/SeuhOr6YblQdH9YaNSXojtixp0S4O5
+oYDjRiwKpny0oB4c71QXPezoMNELdhb5x8HoZKvBRW8TOFTID029yE3TAoGBAOSR
+iHekrljQLNyk0DnVZymRQIdkmW1gWyvr7q8rdWzxaxEE+VamO8CtQhUYyk9cuD8m
++r/P+cquLcEpKJhpP8DuOte2g5cPtlHnMNnCoAIkCFYLUpU9ynhNO4I0bq+cSnkQ
+Fwy6DhquW5efNFCltDUO/Ucp8Xo2ot8Y+sDbBudAoGBAOCEzxgxryStEK9lWeK4
+YJBLMD/o6m7COUTNNgzLvjISZT+GkWg3KZcCdxeWid3Rzt6/6NKHUFJa1sxcEAoT
+xWco+x5Tt9cJxJMuLH13tBMqBHN3jKZFs3RAQTuvMhoYnUmRTATtgSmNEtexiaBp
+O+/hpBqi5IVB6rpaq015uTEbAoGBAODjmGQvsiNMYHeP6hidMe2iLt2IS7VkUxA6
+CRRtLBJOzstmG3X4BV6kmhpr09KWJeptDdZgaSPUkMw3FOww0jufqmHIAF1HZlnb
+oSMA7bJthY4zgcO5klcflmeb8zPyEQxhXI+Svw2TZHOFoEW8wOsjhwK6eRCu9Si8
+QqwyVO5AoGAf6j/gey0WC0iOKfqCyMLdNo+M89ZVn4IFkhfoi6DwCK267cijame
+DcLmr0Za8pGkCIxPlOk7Pogjpd1nPNqhjJp0xZlLMZE+e1/T6OMPE4rFvZBwekC7
+L8tXaFgdgISSCpi6wRCS5omokEY4QpYVtJJmowwLTwnq4GO0Cl6pjG8=
 -----END RSA PRIVATE KEY-----

TI12-security/trunk/MyProxyClient/myproxy/test/test_myproxyclient.py

-                      r6829
+                      r6837
 from os import path
 from M2Crypto import X509
+from OpenSSL import crypto
 from myproxy.client import CaseSensitiveConfigParser, MyProxyClient
 …
         print "proxy credentials:"
         print ''.join(creds)
         open(proxyCertFile, 'w').write(creds[0]+''.join(creds[2:]))
+        open(proxyCertFile, 'w').write(creds[0]+''.join(creds[2:]))
         open(proxyKeyFile, 'w').write(creds[1])
 …
         credExists, errorTxt, fields = self.clnt.info(
                                      thisSection['username'],
                                      path.expandvars(thisSection['ownerCertFile']),
                                      path.expandvars(thisSection['ownerKeyFile']),
                                      ownerPassphrase=ownerPassphrase)
+                                 thisSection['username'],
+                                 path.expandvars(thisSection['ownerCertFile']),
+                                 path.expandvars(thisSection['ownerKeyFile']),
+                                 ownerPassphrase=ownerPassphrase)
         print "test3Info... "
         print "credExists: %s" % credExists
 …
             if fileName.endswith('.0'):
                 # test parsing certificate
+                cert = X509.load_cert_string(fileContents, X509.FORMAT_PEM)
+                cert = crypto.load_certificate(crypto.FILETYPE_PEM,
+                                               fileContents)
                 self.assert_(cert)
                 self.assert_(isinstance(cert, X509.X509))
+                self.assert_(isinstance(cert, crypto.X509))
                 subj = cert.get_subject()
                 self.assert_(subj)

TI12-security/trunk/MyProxyClient/myproxy/utils/openssl.py

-                      r5048
+                      r6837
 __contact__ = "Philip.Kershaw@stfc.ac.uk"
 __revision__ = '$Id:openssl.py 4643 2008-12-15 14:53:53Z pjkersha $'
 import re
 import os
 from ConfigParser import SafeConfigParser
-from M2Crypto.X509 import X509_Name
 …
     @cvar _gridCASubDir: sub-directory of globus user for CA settings"""
+    _certReqDNParamName = X509_Name.nid.keys()
+    _certReqDNParamName = (
+        'countryName',
+        'C',
+        'stateOrProvinceName',
+        'ST',
+        'localityName',
+        'L'
+        'organizationName',
+        'O',
+        'organizationalUnitName',
+        'OU',
+        'commonName',
+        'CN',
+        'emailAddress'
+    )
     _caDirPat = re.compile('\$dir')
     _gridCASubDir = os.path.join(".globus", "simpleCA")
     def __init__(self, filePath=None, caDir=None):
         """Initial OpenSSL configuration optionally setting a file path to
 …
         self._filePath = filePath
     def _getFilePath(self):
         """Get property method
 …
                         fset=_setFilePath,
                         doc="file path for configuration file")
     def setCADir(self, caDir):
         """Set property method
 …
         self._caDir = caDir
     def _getCADir(self):
         """Get property method
 …
                      doc="directory path for CA configuration files")
     def _getReqDN(self):
         """Get property method
 …
         @return reqDN: Distinguished Name for certificate request"""
         return self._reqDN
     def _setReqDN(self, reqDN):
 …
         self._reqDN = reqDN
     reqDN = property(fget=_getReqDN,
 …
         self._setReqDN()
     def _filtOptVal(self, optVal):
         """For option value, filter out comments and substitute $dir with
 …
         else:
             # Leave $dir in place as no CA directory has been set
+            return filtVal
+            return filtVal
     def readfp(self, fp):
 …
         parsing errors"""
         raise NotImplementedError("Use read method instead")
     def _setReqDN(self):
 …
         except Exception, e:
             raise OpenSSLConfigError('Setting content of Distinguished Name '
                                      'from file "%s": %s' %(self._filePath,e))
+                                     'from file "%s": %s' % (self._filePath, e))

TI12-security/trunk/MyProxyClient/setup.py

-                      r6069
+                      r6837
 """Distribution Utilities setup program for MyProxy Client Package
 NERC Data Grid Project
+NERC DataGrid Project
 """
 __author__ = "P J Kershaw"
 __date__ = "12/12/08"
 __copyright__ = "(C) 2009 Science and Technology Facilities Council"
+__copyright__ = "(C) 2010 Science and Technology Facilities Council"
 __license__ = """BSD - See LICENSE file in top-level directory
 …
 setup(
     name =                      'MyProxyClient',
     version =                   '0.9.0',
     description =               'MyProxy Client',
     long_description =          'Pure Python implementation of MyProxy client interface',
     author =                    'Philip Kershaw',
     author_email =              'Philip.Kershaw@stfc.ac.uk',
     maintainer =                'Philip Kershaw',
     maintainer_email =          'Philip.Kershaw@stfc.ac.uk',
     url =                   'http://proj.badc.rl.ac.uk/ndg/wiki/Security/MyProxyClient',
     platforms =             ['POSIX', 'Linux', 'Windows'],
     install_requires =      ['M2Crypto'],
     license =               __license__,
     test_suite =            'test',
     packages =              find_packages(),
     package_data =          {
         'test': ['*.cfg', '*.conf', '*.crt', '*.key', 'README']
+    name =              'MyProxyClient',
+    version =           '0.9.1',
+    description =       'MyProxy Client',
+    long_description =  'Pure Python implementation of MyProxy client interface',
+    author =            'Philip Kershaw',
+    author_email =      'Philip.Kershaw@stfc.ac.uk',
+    maintainer =        'Philip Kershaw',
+    maintainer_email =  'Philip.Kershaw@stfc.ac.uk',
+    url =               'http://proj.badc.rl.ac.uk/ndg/wiki/Security/MyProxyClient',
+    platforms =         ['POSIX', 'Linux', 'Windows'],
+    install_requires =  ['PyOpenSSL'],
+    license =           __license__,
+    test_suite =        'myproxy.test',
+    packages =          find_packages(),
+    package_data =      {
+        'myproxy.test': ['*.cfg', '*.conf', '*.crt', '*.key', 'README']
     },
     classifiers=[
+    classifiers = [
         'Development Status :: 4 - Beta',
         'Environment :: Console',

Note: See TracChangeset for help on using the changeset viewer.

Download in other formats: