diff options
| author | Jean-Paul Calderone <exarkun@twistedmatrix.com> | 2013-12-28 08:56:34 -0500 |
|---|---|---|
| committer | Jean-Paul Calderone <exarkun@twistedmatrix.com> | 2013-12-28 08:56:34 -0500 |
| commit | 7c243875f34a47d3c552634a00440c846855c3a2 (patch) | |
| tree | 8f3b4052db7f72fd35112254a8a0bf2a3d3eb56d | |
| parent | 28f10001a18c96649003c59beb458d8d865aac88 (diff) | |
| download | cryptography-7c243875f34a47d3c552634a00440c846855c3a2.tar.gz cryptography-7c243875f34a47d3c552634a00440c846855c3a2.tar.bz2 cryptography-7c243875f34a47d3c552634a00440c846855c3a2.zip | |
expose SSL_get_peer_cert_chain, SSL_get_client_CA_list, and SSL_CTX_set_client_CA_list
| -rw-r--r-- | cryptography/hazmat/backends/openssl/ssl.py | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/cryptography/hazmat/backends/openssl/ssl.py b/cryptography/hazmat/backends/openssl/ssl.py index fb3b17e6..7a1219b0 100644 --- a/cryptography/hazmat/backends/openssl/ssl.py +++ b/cryptography/hazmat/backends/openssl/ssl.py @@ -157,6 +157,13 @@ int SSL_pending(const SSL *); int SSL_write(SSL *, const void *, int); int SSL_read(SSL *, void *, int); X509 *SSL_get_peer_certificate(const SSL *); + +/* OpenSSL defines these with STACK_OF(...) instead stack_st_... of but the + * STACK_OF macro does not play well with cffi. + */ +struct stack_st_X509 *SSL_get_peer_cert_chain(const SSL *); +struct stack_st_X509_NAME *SSL_get_client_CA_list(const SSL *s); + int SSL_get_error(const SSL *, int); int SSL_do_handshake(SSL *); int SSL_shutdown(SSL *); @@ -186,6 +193,11 @@ void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *); X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *); int SSL_CTX_add_client_CA(SSL_CTX *, X509 *); +/* See comment above about STACK_OF(...) vs stack_st_... + */ +void SSL_CTX_set_client_CA_list(SSL_CTX *, struct stack_st_X509_NAME *); + + /* X509_STORE_CTX */ int X509_STORE_CTX_get_error(X509_STORE_CTX *); void X509_STORE_CTX_set_error(X509_STORE_CTX *, int); |