defacto64 / certificate-transparency Goto Github PK
View Code? Open in Web Editor NEWAutomatically exported from code.google.com/p/certificate-transparency
Automatically exported from code.google.com/p/certificate-transparency
more quality certs from embedded systems, this time from
http://www.marchnetworks.com/
ct.crypto.error.CertificateError: Corrupt time: Invalid time representation:
0001010000Z
Looks like seconds are not put in.
here's the cert:
-----BEGIN CERTIFICATE-----
MIIChDCCAe2gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBgDEtMCsGA1UECxMkM2E2
YWRmMjktM2VhZS00ZTA1LWJlNTctZGY5YzJmNjMwYzc1MRcwFQYDVQQKEw5NYXJj
aCBOZXR3b3JrczE2MDQGA1UEAxMtTWFyY2ggTmV0d29ya3MgUGxhdGZvcm0gQ2Vy
dGlmaWNhdGUgQXV0aG9yaXR5MBoXCzAwMDEwMTAwMDBaFwszMDAxMDEwMDAwWjCB
gDEtMCsGA1UECxMkM2E2YWRmMjktM2VhZS00ZTA1LWJlNTctZGY5YzJmNjMwYzc1
MRcwFQYDVQQKEw5NYXJjaCBOZXR3b3JrczE2MDQGA1UEAxMtTWFyY2ggTmV0d29y
a3MgUGxhdGZvcm0gQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEB
AQUAA4GNADCBiQKBgQDPN6a7xXwjMZaEq0uY3xOYtjnaMOTYIlf1L/z9vfIfSoGs
Tc+yK3WFqhVxem261IRTznUvvHH3B33tbusaBkMx5KIQa8Fnd8L0gPM6zfrY/Tm4
8+TbIqDpeI4E1Whl0bvUjkvDIBgMsfb1qlbY82mhJGU/YLbiEL/53RXZOlfBRwID
AQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAEdu3q/IkyRI
h5qlm7cFXhwPHipA3F+nRJfSZdzQz+uEeFzaqFo36AR7bPzPVHs2O+7O1CnOe/yX
7hDWT3IdE9HBPaUmBVymTo6duAiNFptyphOAaYakn/iWjwzMQuy5jt8wgnu1WcCm
BRrY7i37mHlrdaZWtBge2jpVgL17EQDe
-----END CERTIFICATE-----
here's what openssl does:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: OU=3a6adf29-3eae-4e05-be57-df9c2f630c75, O=March Networks, CN=March Networks Platform Certificate Authority
Validity
Not Before: Jan 1 00:00:00 2000 GMT
Not After : Jan 1 00:00:00 2030 GMT
Subject: OU=3a6adf29-3eae-4e05-be57-df9c2f630c75, O=March Networks, CN=March Networks Platform Certificate Authority
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:cf:37:a6:bb:c5:7c:23:31:96:84:ab:4b:98:df:
13:98:b6:39:da:30:e4:d8:22:57:f5:2f:fc:fd:bd:
f2:1f:4a:81:ac:4d:cf:b2:2b:75:85:aa:15:71:7a:
6d:ba:d4:84:53:ce:75:2f:bc:71:f7:07:7d:ed:6e:
eb:1a:06:43:31:e4:a2:10:6b:c1:67:77:c2:f4:80:
f3:3a:cd:fa:d8:fd:39:b8:f3:e4:db:22:a0:e9:78:
8e:04:d5:68:65:d1:bb:d4:8e:4b:c3:20:18:0c:b1:
f6:f5:aa:56:d8:f3:69:a1:24:65:3f:60:b6:e2:10:
bf:f9:dd:15:d9:3a:57:c1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
etc...
What would you like to do here. I'm happy to adjust x509_time and add tests.
nickg
Original issue reported on code.google.com by [email protected]
on 15 Oct 2013 at 12:38
Adds RFC compatible monitor to the C++ code base.
https://codereview.appspot.com/14205043/
As mentioned on the ct hackday this is the monitor we run as a
proof-of-concept. Bureaucracy and other constraints have sadly delayed this
submission a month - sorry for that :-/
Further information is found on the rietveld page.
Original issue reported on code.google.com by [email protected]
on 1 Oct 2013 at 12:36
ct.crypto.error.CertificateError: Corrupt time: Invalid time representation:
360314154014+0000
however openssl is able to read the time
Not Before: Mar 12 03:19:24 2008 GMT
Not After : Jul 28 02:36:28 2035
not sure what's going on with this one.
-----BEGIN CERTIFICATE-----
MIIDHjCCAoegAwIBAgIJALWdz92v035NMA0GCSqGSIb3DQEBBAUAMG8xCzAJBgNV
BAYTAnVzMRAwDgYDVQQHEwdkdWVud2VnMQ0wCwYDVQQKEwRQSUxSMRkwFwYDVQQD
ExBQSUxSIFdlYkFkbWluIENBMSQwIgYJKoZIhvcNAQkBFhVhZmFib3p6aUBwaWxy
dGVjaC5jb20wIhcNMDgxMDI4MTU0MDU5WhcRMzYwMzE0MTU0MDE0KzAwMDAwPTEL
MAkGA1UEBhMCdXMxEDAOBgNVBAcTB2R1ZW53ZWcxDTALBgNVBAoTBFBJTFIxDTAL
BgNVBAMTBFRlc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK6NROua7Yo3
9iT1dqsr/meG4sC4wedeEmUyp9VpvDpS1sHrH0jcss81ffe/tTnREyX2chqvjqh1
R86625pSHmCOMbMAKW6iO4Tc18LOvvgnEPdHxlwMLh8vrbb9/3wWEAiVs4nd4KUD
7rScat1cNootcdcVTw7uuf/sastx/z1RAgMBAAGjge8wgewwHQYDVR0OBBYEFGwh
LY4EcMd4gy5SRYiUWi/V5RWLMIGhBgNVHSMEgZkwgZaAFPL2SfXc7QIbbbBvdXj/
4bScvvrSoXOkcTBvMQswCQYDVQQGEwJ1czEQMA4GA1UEBxMHZHVlbndlZzENMAsG
A1UEChMEUElMUjEZMBcGA1UEAxMQUElMUiBXZWJBZG1pbiBDQTEkMCIGCSqGSIb3
DQEJARYVYWZhYm96emlAcGlscnRlY2guY29tggkAtZ3P3a/TfkwwDwYDVR0RBAgw
BoIEVGVzdDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0BAQQFAAOB
gQAIYhdpcAseNRK8p8uEqwAYTW55eo4+Jk4M3ysVE83gEkJjNq1I9SHp79//suYs
xCpYV3GIBHOFakIa+Scn/tkfLs1IA1AIAYMZHhrgGfF5BlOQGtJHssnUS7tDgApf
fA6jJs41eqhotUj6QNqlCR0F3avYqUHLCAuBCBFOZKevuQ==
-----END CERTIFICATE-----
Original issue reported on code.google.com by [email protected]
on 15 Oct 2013 at 12:54
Commit 4980d68c8f2f4d0a84988ea90e908121f997fb11 introduced the use of
SSL_CTX_set_custom_cli_ext which is only available in development versions of
OpenSSL:
https://github.com/openssl/openssl/commit/a398f821fa98b9923a426cf45b268cf4d56c89
bd
Do we have an alternative that we could use in the meantime? I'd rather not
have to compile OpenSSL from scratch...
Original issue reported on code.google.com by [email protected]
on 16 Sep 2013 at 8:27
RFC6962 Section 3.3 says:
"...or by using Online Certificate Status
Protocol (OCSP) Stapling (also known as the "Certificate Status
Request" TLS extension; see [RFC6066]), where the response includes
an OCSP extension with OID 1.3.6.1.4.1.11129.2.4.5..."
"OCSP extension" is ambiguous here. An RFC2560/6960 "Basic" OCSP Response can
contain status information for 1 or more certificates. For each certificate,
there is an optional "singleExtensions" list of extensions. And at the very
end of the Response, there is an optional "responseExtensions" list of
extensions.
Since each SCT relates to precisely one certificate, I think that
"singleExtensions" is the right place to put the .2.4.5 extension.
To avoid interop issues, could RFC6962-bis clarify this?
(It's very common for an OCSP Response to only include status for 1
certificate, so some implementers might put the .2.4.5 extension in
"responseExtensions" without even considering the alternative).
Original issue reported on code.google.com by [email protected]
on 9 Oct 2013 at 2:54
Adds OIDs used in AuthorityInfoAccess and ExtendedKeyUsage extensions.
https://codereview.appspot.com/13953043
This more a test of how to submit patches. It doesn't appear to break anything
and parses correctly.
thanks!
nickg
Original issue reported on code.google.com by [email protected]
on 26 Sep 2013 at 3:10
This exposes the certificate serial_number.
it returns a asn1.CertificateSerialNumber object since it's not really clear
what format should be returned. This seems to match how subject-alt-names
works (it returns a list of GeneralNames).
However I'd be happy with just returning a single string version of the number
'12313423423' etc.
Test included.
https://codereview.appspot.com/14025043/
thanks
nickg
Original issue reported on code.google.com by [email protected]
on 27 Sep 2013 at 7:20
https://codereview.appspot.com/14502064
stack trace:
File "/usr/local/Cellar/python/2.7.5/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/ct-0.1-py2.7.egg/ct/crypto/cert.py", line 297, in subject_alternative_names
return name.parse_alternative_names(general_names)
File "/usr/local/Cellar/python/2.7.5/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/ct-0.1-py2.7.egg/ct/crypto/name.py", line 87, in parse_alternative_names
return [GeneralName(n) for n in asn1_alternative_names_extension]
File "/usr/local/Cellar/python/2.7.5/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/ct-0.1-py2.7.egg/ct/crypto/name.py", line 7, in __init__
self.__parse_name()
File "/usr/local/Cellar/python/2.7.5/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/ct-0.1-py2.7.egg/ct/crypto/name.py", line 12, in __parse_name
self.__parse_name_value(self.__asn1_name.getComponent())
File "/usr/local/Cellar/python/2.7.5/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/ct-0.1-py2.7.egg/ct/crypto/name.py", line 38, in __parse_name_value
except pyasn1_error.PyAsn1Error:
NameError: global name 'pyasn1_error' is not defined
Original issue reported on code.google.com by [email protected]
on 14 Oct 2013 at 1:28
Deserializer::ReadSCT reads the extensions, but does not assign them in the
proto.
See:
https://code.google.com/p/certificate-transparency/source/browse/src/proto/seria
lizer.cc#546
Original issue reported on code.google.com by [email protected]
on 17 Jul 2013 at 3:03
http://codereview.appspot.com/14660043
in name.py, __parse_name_value has
elif self.__type == x509_name.IP_ADDRESS_NAME:
self.__value = name_value.asNumbers()
This returns a tuple of ints. However, other name-types return a string (most
of the time).
The following patch formats the IP NAME as an IPv4 or IPv6 depending on size.
Why I care: there is a test cert for a CVE that contains names with embedded
null characters and IP addresses. I'd like to add it to the CT test suite.
It's much easier if all values from subject alternative name are strings.
If accepted I'll submit the test case as well.
thanks,
nickg
Original issue reported on code.google.com by [email protected]
on 14 Oct 2013 at 2:27
I ran the cert pasing on the some random certs live in the wild.
These work "fine" in browsers, and openssl (although cert might expired or dead
or self-signed or not trusted)
Many are failing due to this check deep inside:
pyasn1/codec/cer/decoder.py
class BooleanDecoder(decoder.AbstractSimpleDecoder):
protoComponent = univ.Boolean(0)
def valueDecoder(self, fullSubstrate, substrate, asn1Spec, tagSet, length,
state, decodeFun, substrateFun):
head, tail = substrate[:length], substrate[length:]
if not head:
raise error.PyAsn1Error('Empty substrate')
byte = oct2int(head[0])
# CER/DER specifies encoding of TRUE as 0xFF and FALSE as 0x0, while
# BER allows any non-zero value as TRUE; cf. sections 8.2.2. and 11.1
# in http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
if byte == 0xff:
value = 1
elif byte == 0x00:
value = 0
else:
raise error.PyAsn1Error('Boolean CER violation: %s' % byte)
(with value of "1")
I don't know the field exactly (the backtrace is a nightmare). However, I can
confirm that changing the logic to not raise the exception (and setting
value=1) allows it to continue.
I believe we can create a decoder that allows this type of boolean value.
Or we can keep process as is, and just raise an somewhat cryptic exception.
your thoughts?
nickg
here's a sample.. this is live on the internets...
-----BEGIN CERTIFICATE-----
MIICgjCCAeugAwIBAgIBADANBgkqhkiG9w0BAQUFADB8MSMwIQYDVQQDDBpNYXRy
aXhTU0wgU2FtcGxlIFNlcnZlciBDQTELMAkGA1UEBgwCVVMxCzAJBgNVBAgMAldB
MREwDwYDVQQHDAhCZWxsZXZ1ZTEZMBcGA1UECgwQUGVlcnNlYyBOZXR3b3JrczEN
MAsGA1UECwwEVGVzdDAeFw0wNjAzMTMwODEzMzRaFw0wNzAzMTMwODEzMzRaMH4x
JTAjBgNVBAMMHE1hdHJpeFNTTCBTYW1wbGUgU2VydmVyIENlcnQxCzAJBgNVBAYM
AlVTMQswCQYDVQQIDAJXQTERMA8GA1UEBwwIQmVsbGV2dWUxGTAXBgNVBAoMEFBl
ZXJTZWMgTmV0d29ya3MxDTALBgNVBAsMBFRlc3QwgZ4wDQYJKoZIhvcNAQEBBQAD
gYwAMIGIAoGArLJFx36VVxymSgNnepNJfNQ2Wh6RUoe3n6YakhtPWCXHRvGwNBr6
lOqt5bZkcsqM2FkUYMAdIV3DTvMXAVOUf9q0Ys27oIDny/0h2D8vVehjIScYrMrm
xPULuVuovFW4q+VMu+5vMp7U29j0zOHfn/xe687X7DjyaMd19eCcHiECAwEAAaMT
MBEwDwYDVR0TAQEBBAUwAwEBADANBgkqhkiG9w0BAQUFAAOBgQBX6R0aLW/agkug
2zl7kOxssCzi2l55Co6oGno+9t4Xk2IMVpIU/gas8RwnQRjFhw1M02yWobxYEh32
WRJdomY7VNB3m73VhMX909fP+m/d4shJNwB35oZn8JZPjmk9NB/ZGvxK6Zk0WttV
F/KVvu5//R80bStnBA4cAhP7FyUugg==
-----END CERTIFICATE-----
Original issue reported on code.google.com by [email protected]
on 1 Oct 2013 at 12:18
Hi,
right now:
[1] cert.subject_name returns a string.
[2] cert.subject_alternative_name returns an array of general_names
The proposal is to change cert.subject_name to return a list of GeneralNames.
For example. Given this "real-world" vert
-----BEGIN CERTIFICATE-----
MIIGfzCCBWegAwIBAgIQSVCinGH6MkvjJZjRyjK9nTANBgkqhkiG9w0BAQUFADCB
jjELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxNDAyBgNV
BAMTK0NPTU9ETyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0Ew
HhcNMTIwMjI5MDAwMDAwWhcNMTQwMjI4MjM1OTU5WjCCAW8xEjAQBgNVBAMTCXd3
dy5yZC5pbzERMA8GA1UEAxMIcmRpby5jb20xDjAMBgNVBAMTBXJkLmlvMRUwEwYD
VQQDEwxhcGkucmRpby5jb20xEjAQBgNVBAMTCWFwaS5yZC5pbzEQMA4GA1UEBRMH
NDU4NjAwNzETMBEGCysGAQQBgjc8AgEDEwJVUzEZMBcGCysGAQQBgjc8AgECEwhE
ZWxhd2FyZTEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xCzAJBgNVBAYT
AlVTMQ4wDAYDVQQREwU5NDEwMzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBG
cmFuY2lzY28xFzAVBgNVBAkTDjE1NTAgQnJ5YW50IHN0MRMwEQYDVQQKEwpSZGlv
LCBJbmMuMSMwIQYDVQQLExpDT01PRE8gRVYgTXVsdGktRG9tYWluIFNTTDEVMBMG
A1UEAxMMd3d3LnJkaW8uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt0AgYOe8EBJNVBAuSJFLKHRKZn0/ObCLBFG4xVH/5fb1rfYHBT1XSjjOqR3t
iGC/A3esF8YC7TuHQcTLVephx0DtJv1ASxRg3zPM8ebBRsuul18N0W+sY1aNXpkd
36quxvjg5UdBrAweuekJ7OTSZcCe2Ry/SKBeZSWWtkWsI4krCLv7JaKUwxw2h+Hn
TAZSBLVxz/mixF0WYdepYwnq2Hm7XvvVEIQ7wxOQ9bA7iCevLojZOnb39BT2QII7
cy8AB47RZdfYg7UwaO3bST2rauA4MKar7/Ozqc0aemNFpLatJfgv07cydiuj9fsd
5aE/c8is8C9M9+7MmSMkcNEgGwIDAQABo4IB8zCCAe8wHwYDVR0jBBgwFoAUiERR
/1AqaV4tiPQhutkM8s7L6nwwHQYDVR0OBBYEFCrYw8bfrYJ61NS2yYx6/CnhjzT4
MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjBGBgNVHSAEPzA9MDsGDCsGAQQBsjEBAgEFATArMCkGCCsG
AQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzBTBgNVHR8ETDBK
MEigRqBEhkJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9FeHRlbmRlZFZh
bGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYQGCCsGAQUFBwEBBHgwdjBOBggr
BgEFBQcwAoZCaHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPRXh0ZW5kZWRW
YWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8v
b2NzcC5jb21vZG9jYS5jb20wTAYDVR0RBEUwQ4IMd3d3LnJkaW8uY29tgglhcGku
cmQuaW+CDGFwaS5yZGlvLmNvbYIFcmQuaW+CCHJkaW8uY29tggl3d3cucmQuaW8w
DQYJKoZIhvcNAQEFBQADggEBAKFd4bPVFRyrlqIKPtrtMuqGqid6685ohxf0cv52
sjdRYwLVTjnZOrmkDdNaF3R2A1ZlVMRN+67rK+qfY5sTeijFcudV3/i0PDtOFRwP
6yYVD2uZmYkxfPiW309HPmDF+EzhxpVjWlTQEOwkfFLTmJmwl3Qu2Kffp8F1ENXW
OTVNvj5VtMghvzu68PpzKl1VjlOR4Ej9NCwh1dUjNKEoTPzvpehXsIZ7jHSpX/T1
wSSt9ckiechDdpgZXTzHgbxHNibK0Uhh+QhkBgYMj5F8qj5BlBhWAWqQa/VnEdmr
Pfo7U+QmadoqQd7qt06hE2hG1nfZ0vPJDbWV3oVSwG2Yt7I=
-----END CERTIFICATE-----
the API produces this mess.
CN=www.rd.io/CN=rdio.com/CN=rd.io/CN=api.rdio.com/CN=api.rd.io/serialNumber=4586
007/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Delaware/businessCatego
ry=Private Organization/C=US/postalCode=94103/ST=CA/L=San
Francisco/streetAddress=1550 Bryant st/O=Rdio, Inc./OU=COMODO EV Multi-Domain
SSL/CN=www.rdio.com
I mean I guess I could [x.split('=') for x in s.split('/')] to attempt to put
it back into key-values, but seems odd.
thoughts?
nickg
Original issue reported on code.google.com by [email protected]
on 14 Oct 2013 at 3:32
To reproduce:
src/client/upload_server_cert.sh www.idnet.net
The output from the 1st command in the script is not valid PEM:
openssl s_client -connect $SERVER:443 -showcerts < /dev/null | tee $TMP
Attached example output. Even after cleaning the non-PEM lines, CertChain still
fails to load this chain.
Original issue reported on code.google.com by [email protected]
on 27 Jun 2013 at 1:32
Attachments:
cert.subject_alternative_name:
general_names = self.__get_decoded_extension_value(
x509_extension.ID_CE_SUBJECT_ALT_NAME)
This can be none.
then it goes to
name.py parse_alternative name
return [GeneralName(n) for n in asn1_alternative_names_extension]
which then explodes
return [GeneralName(n) for n in asn1_alternative_names_extension]
TypeError: 'NoneType' object is not iterable
A quick hack might be:
diff --git a/src/python/ct/crypto/name.py b/src/python/ct/crypto/name.py
index a7ef6f7..b0ceb9b 100644
--- a/src/python/ct/crypto/name.py
+++ b/src/python/ct/crypto/name.py
@@ -83,6 +83,7 @@ def parse_alternative_names(asn1_alternative_names_extension):
Returns:
A lit of GeneralName instances.
"""
-
+ if asn1_alternative_names_extension is None:
+ return None
or maybe
return []
??
Here's a sample cert to test with (it's an intermediate cert):
-----BEGIN CERTIFICATE-----
MIID1TCCAr2gAwIBAgIDAjbRMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
YWwgQ0EwHhcNMTAwMjE5MjI0NTA1WhcNMjAwMjE4MjI0NTA1WjA8MQswCQYDVQQG
EwJVUzEXMBUGA1UEChMOR2VvVHJ1c3QsIEluYy4xFDASBgNVBAMTC1JhcGlkU1NM
IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3H4Vsce2cy1rfa0
l6P7oeYLUF9QqjraD/w9KSRDxhApwfxVQHLuverfn7ZB9EhLyG7+T1cSi1v6kt1e
6K3z8Buxe037z/3R5fjj3Of1c3/fAUnPjFbBvTfjW761T4uL8NpPx+PdVUdp3/Jb
ewdPPeWsIcHIHXro5/YPoar1b96oZU8QiZwD84l6pV4BcjPtqelaHnnzh8jfyMX8
N8iamte4dsywPuf95lTq319SQXhZV63xEtZ/vNWfcNMFbPqjfWdY3SZiHTGSDHl5
HI7PynvBZq+odEj7joLCniyZXHstXZu8W1eefDp6E63yoxhbK1kPzVw662gzxigd
gtFQiwIDAQABo4HZMIHWMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUa2k9ahhC
St2PAmU5/TUkhniRFjAwHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwRfap9ZbjKzE4w
EgYDVR0TAQH/BAgwBgEB/wIBADA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3Js
Lmdlb3RydXN0LmNvbS9jcmxzL2d0Z2xvYmFsLmNybDA0BggrBgEFBQcBAQQoMCYw
JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdlb3RydXN0LmNvbTANBgkqhkiG9w0B
AQUFAAOCAQEAq7y8Cl0YlOPBscOoTFXWvrSY8e48HM3P8yQkXJYDJ1j8Nq6iL4/x
/torAsMzvcjdSCIrYA+lAxD9d/jQ7ZZnT/3qRyBwVNypDFV+4ZYlitm12ldKvo2O
SUNjpWxOJ4cl61tt/qJ/OCjgNqutOaWlYsS3XFgsql0BYKZiZ6PAx2Ij9OdsRu61
04BqIhPSLT90T+qvjF+0OJzbrs6vhB6m9jRRWXnT43XcvNfzc9+S7NIgWW+c+5X4
knYYCnwPLKbK3opie9jzzl9ovY8+wXS7FXI6FoOpC+ZNmZzYV+yoAVHHb1c0XqtK
LEL2TxyJeN4mTvVvk0wVaydWTQBUbHq3tw==
-----END CERTIFICATE-----
Original issue reported on code.google.com by [email protected]
on 28 Sep 2013 at 7:32
around line 84 of name.py
"""
Returns:
A lit of GeneralName instances.
"""
s/lit/list/
thanks
nickg
Original issue reported on code.google.com by [email protected]
on 27 Sep 2013 at 7:31
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.