Update tlslite to 0.4.6.

third_party/tlslite/patches/ca_request.patch

Index: third_party/tlslite/patches/ca_request.patch
diff --git a/third_party/tlslite/patches/ca_request.patch b/third_party/tlslite/patches/ca_request.patch
deleted file mode 100644
index c1270c05c02c2e94a2aaca888a328a57d7853e0b..0000000000000000000000000000000000000000
--- a/third_party/tlslite/patches/ca_request.patch
+++ /dev/null
@@ -1,176 +0,0 @@
-Only in chromium: patches
-diff -aur tlslite-0.3.8/tlslite/TLSConnection.py chromium/tlslite/TLSConnection.py
---- tlslite-0.3.8/tlslite/TLSConnection.py	2004-10-06 01:55:37.000000000 -0400
-+++ chromium/tlslite/TLSConnection.py	2010-08-18 22:17:30.962786700 -0400
-@@ -931,7 +931,8 @@
- 
-     def handshakeServer(self, sharedKeyDB=None, verifierDB=None,
-                         certChain=None, privateKey=None, reqCert=False,
--                        sessionCache=None, settings=None, checker=None):
-+                        sessionCache=None, settings=None, checker=None,
-+                        reqCAs=None):
-         """Perform a handshake in the role of server.
- 
-         This function performs an SSL or TLS handshake.  Depending on
-@@ -997,6 +998,11 @@
-         invoked to examine the other party's authentication
-         credentials, if the handshake completes succesfully.
- 
-+        @type reqCAs: list of L{array.array} of unsigned bytes
-+        @param reqCAs: A collection of DER-encoded DistinguishedNames that
-+        will be sent along with a certificate request. This does not affect
-+        verification.
-+
-         @raise socket.error: If a socket error occurs.
-         @raise tlslite.errors.TLSAbruptCloseError: If the socket is closed
-         without a preceding alert.
-@@ -1006,13 +1012,14 @@
-         """
-         for result in self.handshakeServerAsync(sharedKeyDB, verifierDB,
-                 certChain, privateKey, reqCert, sessionCache, settings,
--                checker):
-+                checker, reqCAs):
-             pass
- 
- 
-     def handshakeServerAsync(self, sharedKeyDB=None, verifierDB=None,
-                              certChain=None, privateKey=None, reqCert=False,
--                             sessionCache=None, settings=None, checker=None):
-+                             sessionCache=None, settings=None, checker=None,
-+                             reqCAs=None):
-         """Start a server handshake operation on the TLS connection.
- 
-         This function returns a generator which behaves similarly to
-@@ -1028,14 +1035,15 @@
-             sharedKeyDB=sharedKeyDB,
-             verifierDB=verifierDB, certChain=certChain,
-             privateKey=privateKey, reqCert=reqCert,
--            sessionCache=sessionCache, settings=settings)
-+            sessionCache=sessionCache, settings=settings,
-+            reqCAs=reqCAs)
-         for result in self._handshakeWrapperAsync(handshaker, checker):
-             yield result
- 
- 
-     def _handshakeServerAsyncHelper(self, sharedKeyDB, verifierDB,
-                              certChain, privateKey, reqCert, sessionCache,
--                             settings):
-+                             settings, reqCAs):
- 
-         self._handshakeStart(client=False)
- 
-@@ -1045,6 +1053,8 @@
-             raise ValueError("Caller passed a certChain but no privateKey")
-         if privateKey and not certChain:
-             raise ValueError("Caller passed a privateKey but no certChain")
-+        if reqCAs and not reqCert:
-+            raise ValueError("Caller passed reqCAs but not reqCert")
- 
-         if not settings:
-             settings = HandshakeSettings()
-@@ -1380,7 +1390,9 @@
-             msgs.append(ServerHello().create(self.version, serverRandom,
-                         sessionID, cipherSuite, certificateType))
-             msgs.append(Certificate(certificateType).create(serverCertChain))
--            if reqCert:
-+            if reqCert and reqCAs:
-+                msgs.append(CertificateRequest().create([], reqCAs))
-+            elif reqCert:
-                 msgs.append(CertificateRequest())
-             msgs.append(ServerHelloDone())
-             for result in self._sendMsgs(msgs):
-diff -aur tlslite-0.3.8/tlslite/X509.py chromium/tlslite/X509.py
---- tlslite-0.3.8/tlslite/X509.py	2004-03-19 21:43:19.000000000 -0400
-+++ chromium/tlslite/X509.py	2010-08-18 22:17:30.967787000 -0400
-@@ -13,11 +13,15 @@
- 
-     @type publicKey: L{tlslite.utils.RSAKey.RSAKey}
-     @ivar publicKey: The subject public key from the certificate.
-+
-+    @type subject: L{array.array} of unsigned bytes
-+    @ivar subject: The DER-encoded ASN.1 subject distinguished name.
-     """
- 
-     def __init__(self):
-         self.bytes = createByteArraySequence([])
-         self.publicKey = None
-+        self.subject = None
- 
-     def parse(self, s):
-         """Parse a PEM-encoded X.509 certificate.
-@@ -63,6 +67,10 @@
-         else:
-             subjectPublicKeyInfoIndex = 5
- 
-+        #Get the subject
-+        self.subject = tbsCertificateP.getChildBytes(\
-+                           subjectPublicKeyInfoIndex - 1)
-+
-         #Get the subjectPublicKeyInfo
-         subjectPublicKeyInfoP = tbsCertificateP.getChild(\
-                                     subjectPublicKeyInfoIndex)
-diff -aur tlslite-0.3.8/tlslite/messages.py chromium/tlslite/messages.py
---- tlslite-0.3.8/tlslite/messages.py	2004-10-06 01:01:24.000000000 -0400
-+++ chromium/tlslite/messages.py	2010-08-18 22:17:30.976787500 -0400
-@@ -338,8 +338,7 @@
-     def __init__(self):
-         self.contentType = ContentType.handshake
-         self.certificate_types = []
--        #treat as opaque bytes for now
--        self.certificate_authorities = createByteArraySequence([])
-+        self.certificate_authorities = []
- 
-     def create(self, certificate_types, certificate_authorities):
-         self.certificate_types = certificate_types
-@@ -349,7 +348,13 @@
-     def parse(self, p):
-         p.startLengthCheck(3)
-         self.certificate_types = p.getVarList(1, 1)
--        self.certificate_authorities = p.getVarBytes(2)
-+        ca_list_length = p.get(2)
-+        index = 0
-+        self.certificate_authorities = []
-+        while index != ca_list_length:
-+          ca_bytes = p.getVarBytes(2)
-+          self.certificate_authorities.append(ca_bytes)
-+          index += len(ca_bytes)+2
-         p.stopLengthCheck()
-         return self
- 
-@@ -357,7 +362,14 @@
-         w = HandshakeMsg.preWrite(self, HandshakeType.certificate_request,
-                                   trial)
-         w.addVarSeq(self.certificate_types, 1, 1)
--        w.addVarSeq(self.certificate_authorities, 1, 2)
-+        caLength = 0
-+        #determine length
-+        for ca_dn in self.certificate_authorities:
-+            caLength += len(ca_dn)+2
-+        w.add(caLength, 2)
-+        #add bytes
-+        for ca_dn in self.certificate_authorities:
-+            w.addVarSeq(ca_dn, 1, 2)
-         return HandshakeMsg.postWrite(self, w, trial)
- 
- class ServerKeyExchange(HandshakeMsg):
-diff -aur tlslite-0.3.8/tlslite/utils/ASN1Parser.py chromium/tlslite/utils/ASN1Parser.py
---- tlslite-0.3.8/tlslite/utils/ASN1Parser.py	2004-10-06 01:02:40.000000000 -0400
-+++ chromium/tlslite/utils/ASN1Parser.py	2010-08-18 22:17:30.979787700 -0400
-@@ -16,13 +16,16 @@
- 
-     #Assuming this is a sequence...
-     def getChild(self, which):
-+        return ASN1Parser(self.getChildBytes(which))
-+
-+    def getChildBytes(self, which):
-         p = Parser(self.value)
-         for x in range(which+1):
-             markIndex = p.index
-             p.get(1) #skip Type
-             length = self._getASN1Length(p)
-             p.getFixBytes(length)
--        return ASN1Parser(p.bytes[markIndex : p.index])
-+        return p.bytes[markIndex : p.index]
- 
-     #Decode the ASN.1 DER length field
-     def _getASN1Length(self, p):