diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-12-25 14:30:27 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-12-25 14:30:27 -0600 |
| commit | 14553ac531c21531c9ac2eaa13f52ce7a978120d (patch) | |
| tree | f7ae6a68cb98f27b1d8b53f6866843ab229c359c /src | |
| parent | 4c7fd5ffddf2abbca838c7c4ec0f5cdc05e5053c (diff) | |
| download | cryptography-14553ac531c21531c9ac2eaa13f52ce7a978120d.tar.gz cryptography-14553ac531c21531c9ac2eaa13f52ce7a978120d.tar.bz2 cryptography-14553ac531c21531c9ac2eaa13f52ce7a978120d.zip | |
X509_REVOKED_dup isn't available everywhere, we get to define our own
Diffstat (limited to 'src')
| -rw-r--r-- | src/_cffi_src/openssl/x509.py | 11 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 4 |
2 files changed, 13 insertions, 2 deletions
diff --git a/src/_cffi_src/openssl/x509.py b/src/_cffi_src/openssl/x509.py index eb6dd28d..c5eb600a 100644 --- a/src/_cffi_src/openssl/x509.py +++ b/src/_cffi_src/openssl/x509.py @@ -184,7 +184,6 @@ int X509V3_EXT_print(BIO *, X509_EXTENSION *, unsigned long, int); ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *); X509_REVOKED *X509_REVOKED_new(void); -X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *); void X509_REVOKED_free(X509_REVOKED *); int X509_REVOKED_set_serialNumber(X509_REVOKED *, ASN1_INTEGER *); @@ -271,6 +270,8 @@ void PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *); """ MACROS = """ +X509_REVOKED *Cryptography_X509_REVOKED_dup(X509_REVOKED *); + int i2d_X509_CINF(X509_CINF *, unsigned char **); int i2d_X509_CRL_INFO(X509_CRL_INFO *, unsigned char **); int i2d_X509_REQ_INFO(X509_REQ_INFO *, unsigned char **); @@ -366,4 +367,12 @@ int (*i2d_ECPrivateKey_bio)(BIO *, EC_KEY *) = NULL; EC_KEY *(*o2i_ECPublicKey)(EC_KEY **, const unsigned char **, long) = NULL; int (*i2o_ECPublicKey)(EC_KEY *, unsigned char **) = NULL; #endif + +/* X509_REVOKED_dup only exists on 1.0.2+. It is implemented using + IMPLEMENT_ASN1_DUP_FUNCTION. The below is the equivalent so we have + it available on all OpenSSLs. */ +X509_REVOKED *Cryptography_X509_REVOKED_dup(X509_REVOKED *rev) { + return ASN1_item_dup(ASN1_ITEM_rptr(X509_REVOKED), rev); +} + """ diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 295fae13..7d8460c6 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -1523,7 +1523,9 @@ class Backend(object): for revoked_cert in builder._revoked_certificates: # Duplicating because the X509_CRL takes ownership and will free # this memory when X509_CRL_free is called. - revoked = self._lib.X509_REVOKED_dup(revoked_cert._x509_revoked) + revoked = self._lib.Cryptography_X509_REVOKED_dup( + revoked_cert._x509_revoked + ) self.openssl_assert(revoked != self._ffi.NULL) res = self._lib.X509_CRL_add0_revoked(x509_crl, revoked) self.openssl_assert(res == 1) |