Python3 fixes, native feature detection, cleanup

Author: cconlon

setup.py

@@ -23,7 +23,6 @@
 
 import os
 import sys
-import pip
 from setuptools import setup
 from setuptools.command.build_ext import build_ext
 
@@ -71,6 +70,7 @@ def build_extension(self, ext):
     package_dir={"":package_dir},
 
     zip_safe=False,
+    cffi_modules=["./src/wolfssl/_build_ffi.py:ffi"],
 
     keywords="wolfssl, wolfcrypt, security, cryptography",
     classifiers=[
@@ -87,7 +87,6 @@ def build_extension(self, ext):
     ],
 
     setup_requires=["cffi"],
-    cffi_modules=["./src/wolfssl/_build_ffi.py:ffi"],
     install_requires=["cffi"],
     test_suite="tests",
     tests_require=["tox", "pytest"],

src/wolfssl/__init__.py

@@ -249,8 +249,9 @@ def set_ciphers(self, ciphers):
         be selected (because compile-time options or other configuration
         forbids use of all the specified ciphers), an SSLError will be raised.
         """
+        cipherBytes = t2b(ciphers)
         ret = _lib.wolfSSL_CTX_set_cipher_list(self.native_object,
-                                               t2b(ciphers))
+                                               _ffi.new("char[]", cipherBytes))
 
         if ret != _SSL_SUCCESS:
             raise SSLError("Unable to set cipher list")
@@ -259,8 +260,11 @@ def use_sni(self, server_hostname):
         """
         Sets the SNI hostname, wraps native wolfSSL_CTX_UseSNI()
         """
+
+        sni = t2b(server_hostname)
+
         ret = _lib.wolfSSL_CTX_UseSNI(self.native_object, 0,
-                                      server_hostname, len(server_hostname))
+                                      sni, len(sni))
 
         if ret != _SSL_SUCCESS:
             raise SSLError("Unable to set wolfSSL CTX SNI")
@@ -421,8 +425,10 @@ def __init__(self, sock=None, keyfile=None, certfile=None,
         # match domain name / host name if set in context
         if server_hostname is not None:
             if self._context.check_hostname:
+
+                sni = _ffi.new("char[]", server_hostname.encode("utf-8"))
                 _lib.wolfSSL_check_domain_name(self.native_object,
-                                               server_hostname)
+                                               sni)
 
         if connected:
             try:
@@ -468,8 +474,11 @@ def use_sni(self, server_hostname):
         """
         Sets the SNI hostname, wraps native wolfSSL_UseSNI()
         """
+
+        sni = t2b(server_hostname)
+
         ret = _lib.wolfSSL_UseSNI(self.native_object, 0,
-                                  server_hostname, len(server_hostname))
+                                  sni, len(sni))
 
         if ret != _SSL_SUCCESS:
             raise SSLError("Unable to set wolfSSL SNI")

src/wolfssl/_build_ffi.py

@@ -26,6 +26,19 @@
 from cffi import FFI
 from wolfssl._build_wolfssl import wolfssl_inc_path, wolfssl_lib_path
 
+# open <wolfssl/options.h> header to parse for #define's
+# This will throw a FileNotFoundError if not able to find options.h
+optionsHeader = wolfssl_inc_path() + "/wolfssl/options.h"
+optionsHeaderStr = open(optionsHeader, 'r').read()
+
+# require HAVE_SNI (--enable-sni) in native lib
+if '#define HAVE_SNI' not in optionsHeaderStr:
+    raise SystemExit("wolfSSL needs to be compiled with --enable-sni")
+
+# require OPENSSL_EXTRA (--enable-opensslextra) in native lib
+if '#define OPENSSL_EXTRA' not in optionsHeaderStr:
+    raise SystemExit("wolfSSL needs to be compiled with --enable-opensslextra")
+
 ffi = FFI()
 
 ffi.set_source(
@@ -119,8 +132,8 @@
     int wolfSSL_UseSNI(void*, unsigned char, const void*, unsigned short);
     int wolfSSL_check_domain_name(void*, const char*);
     int wolfSSL_get_alert_history(void*, WOLFSSL_ALERT_HISTORY*);
-    char* wolfSSL_alert_type_string_long(int);
-    char* wolfSSL_alert_desc_string_long(int);
+    const char* wolfSSL_alert_type_string_long(int);
+    const char* wolfSSL_alert_desc_string_long(int);
 
     /**
      * WOLFSSL_X509 functions
@@ -132,4 +145,4 @@
 )
 
 if __name__ == "__main__":
-    ffi.compile(verbose=1)
+    ffi.compile(verbose=True)

src/wolfssl/utils.py

@@ -32,7 +32,7 @@
 
 def t2b(string):
     """
-    Converts text to bynary.
+    Converts text to binary.
     """
     if isinstance(string, _BINARY_TYPE):
         return string