More ifdef death (#3450)

* CMAC is always supported * TLSv1.2 is always supported * Releasing buffers is always supported * Nonsense IE SSLv2 nonsens is always supported
author: Alex Gaynor <alex.gaynor@gmail.com> 2017-03-14 11:31:07 -0400
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2017-03-14 11:31:07 -0400
commit: baff4acf2252adf6e00fd2edd5cd03c5937f3579 (patch)
tree: 5f5dea6330560d7c2a23fe97d3666929de2c665d
parent: 2e5f4ea9411f16b28b44b93959b70246d9de754e (diff)
download: cryptography-baff4acf2252adf6e00fd2edd5cd03c5937f3579.tar.gz
cryptography-baff4acf2252adf6e00fd2edd5cd03c5937f3579.tar.bz2
cryptography-baff4acf2252adf6e00fd2edd5cd03c5937f3579.zip
4 files changed, 2 insertions, 62 deletions
diff --git a/src/_cffi_src/openssl/cmac.py b/src/_cffi_src/openssl/cmac.py
index 09987455..85b685d9 100644
--- a/src/_cffi_src/openssl/cmac.py
+++ b/src/_cffi_src/openssl/cmac.py
@@ -28,17 +28,5 @@ void CMAC_CTX_free(CMAC_CTX *);
 """
 
 CUSTOMIZATIONS = """
-#if !defined(OPENSSL_NO_CMAC)
 static const long Cryptography_HAS_CMAC = 1;
-#else
-static const long Cryptography_HAS_CMAC = 0;
-typedef void CMAC_CTX;
-CMAC_CTX *(*CMAC_CTX_new)(void) = NULL;
-int (*CMAC_Init)(CMAC_CTX *, const void *, size_t, const EVP_CIPHER *,
-    ENGINE *) = NULL;
-int (*CMAC_Update)(CMAC_CTX *, const void *, size_t) = NULL;
-int (*CMAC_Final)(CMAC_CTX *, unsigned char *, size_t *) = NULL;
-int (*CMAC_CTX_copy)(CMAC_CTX *, const CMAC_CTX *) = NULL;
-void (*CMAC_CTX_free)(CMAC_CTX *) = NULL;
-#endif
 """
diff --git a/src/_cffi_src/openssl/ssl.py b/src/_cffi_src/openssl/ssl.py
index 4daa4d81..c946b4ce 100644
--- a/src/_cffi_src/openssl/ssl.py
+++ b/src/_cffi_src/openssl/ssl.py
@@ -511,33 +511,11 @@ static const long Cryptography_HAS_TLSEXT_HOSTNAME = 1;
 static const long Cryptography_HAS_TLSEXT_STATUS_REQ_CB = 1;
 static const long Cryptography_HAS_STATUS_REQ_OCSP_RESP = 1;
 static const long Cryptography_HAS_TLSEXT_STATUS_REQ_TYPE = 1;
-
-#ifdef SSL_MODE_RELEASE_BUFFERS
 static const long Cryptography_HAS_RELEASE_BUFFERS = 1;
-#else
-static const long Cryptography_HAS_RELEASE_BUFFERS = 0;
-const long SSL_MODE_RELEASE_BUFFERS = 0;
-#endif
-
 static const long Cryptography_HAS_OP_NO_COMPRESSION = 1;
 static const long Cryptography_HAS_TLSv1_1 = 1;
-
-#ifdef SSL_OP_NO_TLSv1_2
 static const long Cryptography_HAS_TLSv1_2 = 1;
-#else
-static const long Cryptography_HAS_TLSv1_2 = 0;
-static const long SSL_OP_NO_TLSv1_2 = 0;
-SSL_METHOD* (*TLSv1_2_method)(void) = NULL;
-SSL_METHOD* (*TLSv1_2_client_method)(void) = NULL;
-SSL_METHOD* (*TLSv1_2_server_method)(void) = NULL;
-#endif
-
-#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING
 static const long Cryptography_HAS_SSL_OP_MSIE_SSLV2_RSA_PADDING = 1;
-#else
-static const long Cryptography_HAS_SSL_OP_MSIE_SSLV2_RSA_PADDING = 0;
-const long SSL_OP_MSIE_SSLV2_RSA_PADDING = 0;
-#endif
 
 #ifdef OPENSSL_NO_EC
 long (*SSL_CTX_set_tmp_ecdh)(SSL_CTX *, EC_KEY *) = NULL;
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 7c53d863..00aec374 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -649,11 +649,8 @@ class Backend(object):
         return True
 
     def cmac_algorithm_supported(self, algorithm):
-        return (
-            self._lib.Cryptography_HAS_CMAC == 1 and
-            self.cipher_supported(
-                algorithm, CBC(b"\x00" * algorithm.block_size)
-            )
+        return self.cipher_supported(
+            algorithm, CBC(b"\x00" * algorithm.block_size)
         )
 
     def create_cmac_ctx(self, algorithm):
diff --git a/src/cryptography/hazmat/bindings/openssl/_conditional.py b/src/cryptography/hazmat/bindings/openssl/_conditional.py
index 7f488ba0..7241a35a 100644
--- a/src/cryptography/hazmat/bindings/openssl/_conditional.py
+++ b/src/cryptography/hazmat/bindings/openssl/_conditional.py
@@ -9,14 +9,6 @@ from __future__ import absolute_import, division, print_function
 # cffi supports #if in cdef
 
 CONDITIONAL_NAMES = {
-    "Cryptography_HAS_CMAC": [
-        "CMAC_CTX_new",
-        "CMAC_Init",
-        "CMAC_Update",
-        "CMAC_Final",
-        "CMAC_CTX_copy",
-        "CMAC_CTX_free",
-    ],
     "Cryptography_HAS_CMS": [
         "BIO_new_CMS",
         "i2d_CMS_bio_stream",
@@ -191,27 +183,12 @@ CONDITIONAL_NAMES = {
         "EVP_PKEY_CTX_set_rsa_oaep_md",
     ],
 
-    "Cryptography_HAS_TLSv1_2": [
-        "SSL_OP_NO_TLSv1_2",
-        "TLSv1_2_method",
-        "TLSv1_2_server_method",
-        "TLSv1_2_client_method",
-    ],
-
     "Cryptography_HAS_SSL3_METHOD": [
         "SSLv3_method",
         "SSLv3_client_method",
         "SSLv3_server_method",
     ],
 
-    "Cryptography_HAS_RELEASE_BUFFERS": [
-        "SSL_MODE_RELEASE_BUFFERS",
-    ],
-
-    "Cryptography_HAS_SSL_OP_MSIE_SSLV2_RSA_PADDING": [
-        "SSL_OP_MSIE_SSLV2_RSA_PADDING",
-    ],
-
     "Cryptography_HAS_NETBSD_D1_METH": [
         "DTLSv1_method",
     ],
author	Alex Gaynor <alex.gaynor@gmail.com>	2017-03-14 11:31:07 -0400
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2017-03-14 11:31:07 -0400
commit	baff4acf2252adf6e00fd2edd5cd03c5937f3579 (patch)
tree	5f5dea6330560d7c2a23fe97d3666929de2c665d
parent	2e5f4ea9411f16b28b44b93959b70246d9de754e (diff)
download	cryptography-baff4acf2252adf6e00fd2edd5cd03c5937f3579.tar.gz cryptography-baff4acf2252adf6e00fd2edd5cd03c5937f3579.tar.bz2 cryptography-baff4acf2252adf6e00fd2edd5cd03c5937f3579.zip