py3 compat

acme/acme/challenges.py

@@ -299,7 +299,7 @@ class DVSNIResponse(ChallengeResponse):
                 key_filetype, cert.get_pubkey())
 
         return (keys_match and domain in sans and
-                self.z_domain(chall) in sans)
+                self.z_domain(chall).decode() in sans)
 
 
 @Challenge.register

acme/acme/challenges_test.py

@@ -191,7 +191,7 @@ class DVSNITest(unittest.TestCase):
         mock_gethostbyname.assert_called_once_with('foo.com')
         mock_probe_sni.assert_called_once_with(
             host='127.0.0.1', port=self.msg.PORT,
-            name='a82d5ff8ef740d12881f6d3c2277ab2e.acme.invalid')
+            name=b'a82d5ff8ef740d12881f6d3c2277ab2e.acme.invalid')
 
         self.msg.probe_cert('foo.com', host='8.8.8.8')
         mock_probe_sni.assert_called_with(
@@ -205,10 +205,10 @@ class DVSNITest(unittest.TestCase):
         mock_probe_sni.assert_called_with(
             host=mock.ANY, port=mock.ANY, name=mock.ANY, bar='baz')
 
-        self.msg.probe_cert('foo.com', name='xxx')
+        self.msg.probe_cert('foo.com', name=b'xxx')
         mock_probe_sni.assert_called_with(
             host=mock.ANY, port=mock.ANY,
-            name='a82d5ff8ef740d12881f6d3c2277ab2e.acme.invalid')
+            name=b'a82d5ff8ef740d12881f6d3c2277ab2e.acme.invalid')
 
 
 class DVSNIResponseTest(unittest.TestCase):

acme/acme/crypto_util.py

@@ -4,6 +4,8 @@ import logging
 import socket
 import sys
 
+from six.moves import range  # pylint: disable=import-error
+
 import OpenSSL
 
 from acme import errors
@@ -81,7 +83,7 @@ def _probe_sni(name, host, port=443, timeout=300,
     context = OpenSSL.SSL.Context(method)
     context.set_timeout(timeout)
 
-    socket_kwargs = {} if sys.version < (2, 7) else {
+    socket_kwargs = {} if sys.version_info < (2, 7) else {
         'source_address': source_address}
 
     try:
@@ -121,13 +123,13 @@ def _pyopenssl_cert_or_req_san(cert_or_req):
     # OpenSSL.crypto.X509Error._subjectAltNameString
     parts_separator = ", "
     part_separator = ":"
-    extension_short_name = "subjectAltName"
+    extension_short_name = b"subjectAltName"
 
     if hasattr(cert_or_req, 'get_extensions'):  # X509Req
         extensions = cert_or_req.get_extensions()
     else:  # X509
         extensions = [cert_or_req.get_extension(i)
-                      for i in xrange(cert_or_req.get_extension_count())]
+                      for i in range(cert_or_req.get_extension_count())]
 
     # pylint: disable=protected-access,no-member
     label = OpenSSL.crypto.X509Extension._prefixes[OpenSSL.crypto._lib.GEN_DNS]

acme/acme/crypto_util_test.py

@@ -21,7 +21,7 @@ class ServeProbeSNITest(unittest.TestCase):
             OpenSSL.crypto.FILETYPE_PEM,
             test_util.load_vector('rsa512_key.pem'))
         # pylint: disable=protected-access
-        certs = {'foo': (key, self.cert._wrapped)}
+        certs = {b'foo': (key, self.cert._wrapped)}
 
         sock = socket.socket()
         sock.bind(('', 0))  # pick random port
@@ -50,15 +50,15 @@ class ServeProbeSNITest(unittest.TestCase):
             name, host='127.0.0.1', port=self.port))
 
     def test_probe_ok(self):
-        self.assertEqual(self.cert, self._probe('foo'))
+        self.assertEqual(self.cert, self._probe(b'foo'))
 
     def test_probe_not_recognized_name(self):
-        self.assertRaises(errors.Error, self._probe, 'bar')
+        self.assertRaises(errors.Error, self._probe, b'bar')
 
     def test_probe_connection_error(self):
-        self._probe('foo')
+        self._probe(b'foo')
         time.sleep(1)  # TODO: avoid race conditions in other way
-        self.assertRaises(errors.Error, self._probe, 'bar')
+        self.assertRaises(errors.Error, self._probe, b'bar')
 
 
 class PyOpenSSLCertOrReqSANTest(unittest.TestCase):