Replying to [comment:2 warner]:
> Also, could you run the following steps to generate a new certificate and
> then examine it to see what the "Subject" names are?
<schnipp>
> On my OS-X system, I see "Subject: CN=newpb_thingy". Do you get the same? It
> might also help us if you could attach that dummy.pem file to this ticket
> (but of course don't use it for anything else).
>
> My current hunch is that the Foolscap-generated x509 certificates are either
> being created with corrupt (i.e. non-UTF-8) subject-name strings, or they're
> somehow being corrupted afterwards.
Looks like things are going wrong much earlier:
{{{
#!python
$ python2.5
Python 2.5.4 (r254:67916, May 6 2009, 18:40:46)
[GCC 4.0.1 (Apple Inc. build 5490)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> from foolscap import Tub
>>> t = Tub(certFile="dummy.pem")
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/opt/local/lib/python2.5/site-packages/foolscap-0.3.2-py2.5.egg/foolscap/pb.py", line 222, in __init__
self.setupEncryptionFile(certFile)
File "/opt/local/lib/python2.5/site-packages/foolscap-0.3.2-py2.5.egg/foolscap/pb.py", line 234, in setupEncryptionFile
self.setupEncryption(certData)
File "/opt/local/lib/python2.5/site-packages/foolscap-0.3.2-py2.5.egg/foolscap/pb.py", line 249, in setupEncryption
cert = self.createCertificate()
File "/opt/local/lib/python2.5/site-packages/foolscap-0.3.2-py2.5.egg/foolscap/pb.py", line 442, in createCertificate
132)
File "/opt/local/lib/python2.5/site-packages/twisted/internet/_sslverify.py", line 539, in signCertificateRequest
hlreq = CertificateRequest.load(requestData, requestFormat)
File "/opt/local/lib/python2.5/site-packages/twisted/internet/_sslverify.py", line 310, in load
dn._copyFrom(req.get_subject())
File "/opt/local/lib/python2.5/site-packages/twisted/internet/_sslverify.py", line 64, in _copyFrom
value = getattr(x509name, name, None)
UnicodeDecodeError: 'utf8' codec can't decode bytes in position 0-5: unsupported Unicode code range
>>>
}}}
Replying to [comment:2 warner]:
> Also, could you run the following steps to generate a new certificate and
> then examine it to see what the "Subject" names are?
<schnipp>
> On my OS-X system, I see "Subject: CN=newpb_thingy". Do you get the same? It
> might also help us if you could attach that dummy.pem file to this ticket
> (but of course don't use it for anything else).
>
> My current hunch is that the Foolscap-generated x509 certificates are either
> being created with corrupt (i.e. non-UTF-8) subject-name strings, or they're
> somehow being corrupted afterwards.
Looks like things are going wrong much earlier: "dummy. pem") lib/python2. 5/site- packages/ foolscap- 0.3.2-py2. 5.egg/foolscap/ pb.py", line 222, in __init__ setupEncryption File(certFile) lib/python2. 5/site- packages/ foolscap- 0.3.2-py2. 5.egg/foolscap/ pb.py", line 234, in setupEncryptionFile setupEncryption (certData) lib/python2. 5/site- packages/ foolscap- 0.3.2-py2. 5.egg/foolscap/ pb.py", line 249, in setupEncryption ificate( ) lib/python2. 5/site- packages/ foolscap- 0.3.2-py2. 5.egg/foolscap/ pb.py", line 442, in createCertificate lib/python2. 5/site- packages/ twisted/ internet/ _sslverify. py", line 539, in signCertificate Request est.load( requestData, requestFormat) lib/python2. 5/site- packages/ twisted/ internet/ _sslverify. py", line 310, in load _copyFrom( req.get_ subject( )) lib/python2. 5/site- packages/ twisted/ internet/ _sslverify. py", line 64, in _copyFrom
{{{
#!python
$ python2.5
Python 2.5.4 (r254:67916, May 6 2009, 18:40:46)
[GCC 4.0.1 (Apple Inc. build 5490)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> from foolscap import Tub
>>> t = Tub(certFile=
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/opt/local/
self.
File "/opt/local/
self.
File "/opt/local/
cert = self.createCert
File "/opt/local/
132)
File "/opt/local/
hlreq = CertificateRequ
File "/opt/local/
dn.
File "/opt/local/
value = getattr(x509name, name, None)
UnicodeDecodeError: 'utf8' codec can't decode bytes in position 0-5: unsupported Unicode code range
>>>
}}}