add get_peer_cert_chain and get_signature_algorithm

These new methods need test cases added to test/test_ssl.py

Test for get_peer_cert_chain is added to test/test_ssl.py,
and test for get_signature_algorithm is added to test/test_crypto.py.

The patch is generated from pyOpenSSL ver. 0.9.

I found a bug in my patch and tried to fix the bug, but i can't.
Anyone can help me?

The bug is in get_peer_cert_chain.
This method returns the tuple which the connected server showed us.
In test/test_ssl.py we checked the contents of tuple and it pass.
But the next script exit with SEGMENTATION FAULT.

----------------------------------------------------------------------
from OpenSSL.SSL import SSLv23_METHOD, Context, Connection
from socket import socket

def get_cert_chain(address, port=443):
    context = Context(SSLv23_METHOD)
    client = socket()
    client.connect((address, port))
    clientSSL = Connection(context, client)
    clientSSL.set_connect_state()
    clientSSL.do_handshake()

    return clientSSL.get_peer_cert_chain()

def main():
    chain = get_cert_chain('www.google.com')
    print chain
    print chain[0].get_subject()

if __name__ == '__main__':
    main()
----------------------------------------------------------------------

Where are wrong things in my patch?

Regards.

The problem with the get_peer_cert_chain implementation was that it returned references to X509s that it didn't really own. When the SSL connection gets destroyed (as it does in the above example when get_cert_chain returns, since it is no longer referenced by anything), the X509s are freed. The contents of the chain are then undefined since they reside in freed memory.

A solution to this is to incref the X509s so that they can outlive the connection if necessary. The crypto_X509Obj's dealloc will free them.

I did the incref thing and it seems to work. Seems to work now, and branches merged. Thanks!