diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2017-12-26 11:36:40 -0500 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-12-26 10:36:40 -0600 |
| commit | 25905566118da4264001350525fec7dc2fbbfa94 (patch) | |
| tree | 17e8c6bf2bcf45683e72bd79261bce5cbc08bb34 /src | |
| parent | 24bb7a057b8851a2df8c8e5a20b2652af10675b1 (diff) | |
| download | cryptography-25905566118da4264001350525fec7dc2fbbfa94.tar.gz cryptography-25905566118da4264001350525fec7dc2fbbfa94.tar.bz2 cryptography-25905566118da4264001350525fec7dc2fbbfa94.zip | |
Fixed #4006 -- bind functions for dealing with sigalgs (#4063)
* Fixed #4006 -- bind functions for dealing with sigalgs
* oops
Diffstat (limited to 'src')
| -rw-r--r-- | src/_cffi_src/openssl/ssl.py | 15 | ||||
| -rw-r--r-- | src/cryptography/hazmat/bindings/openssl/_conditional.py | 8 |
2 files changed, 23 insertions, 0 deletions
diff --git a/src/_cffi_src/openssl/ssl.py b/src/_cffi_src/openssl/ssl.py index 7f9eff05..fdee30dd 100644 --- a/src/_cffi_src/openssl/ssl.py +++ b/src/_cffi_src/openssl/ssl.py @@ -27,6 +27,7 @@ static const long Cryptography_HAS_SSL_CTX_SET_CLIENT_CERT_ENGINE; static const long Cryptography_HAS_SSL_CTX_CLEAR_OPTIONS; static const long Cryptography_HAS_DTLS; static const long Cryptography_HAS_GENERIC_DTLS_METHOD; +static const long Cryptography_HAS_SIGALGS; /* Internally invented symbol to tell us if SNI is supported */ static const long Cryptography_HAS_TLSEXT_HOSTNAME; @@ -186,6 +187,9 @@ int SSL_use_PrivateKey_ASN1(int, SSL *, const unsigned char *, long); int SSL_use_PrivateKey_file(SSL *, const char *, int); int SSL_check_private_key(const SSL *); +int SSL_get_sigalgs(SSL *, int, int *, int *, int *, unsigned char *, + unsigned char *); + Cryptography_STACK_OF_X509 *SSL_get_peer_cert_chain(const SSL *); Cryptography_STACK_OF_X509_NAME *SSL_get_client_CA_list(const SSL *); @@ -233,6 +237,8 @@ void SSL_CTX_set_client_CA_list(SSL_CTX *, Cryptography_STACK_OF_X509_NAME *); void SSL_CTX_set_info_callback(SSL_CTX *, void (*)(const SSL *, int, int)); void (*SSL_CTX_get_info_callback(SSL_CTX *))(const SSL *, int, int); +long SSL_CTX_set1_sigalgs_list(SSL_CTX *, const char *); + /* SSL_SESSION */ void SSL_SESSION_free(SSL_SESSION *); @@ -623,4 +629,13 @@ long Cryptography_DTLSv1_get_timeout(SSL *ssl, time_t *ptv_sec, return r; } + +#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 +static const long Cryptography_HAS_SIGALGS = 0; +const int (*SSL_get_sigalgs)(SSL *, int, int *, int *, int *, unsigned char *, + unsigned char *) = NULL; +const long (*SSL_CTX_set1_sigalgs_list)(SSL_CTX *, const char *) = NULL; +#else +static const long Cryptography_HAS_SIGALGS = 1; +#endif """ diff --git a/src/cryptography/hazmat/bindings/openssl/_conditional.py b/src/cryptography/hazmat/bindings/openssl/_conditional.py index 866cf4a6..8bc74c97 100644 --- a/src/cryptography/hazmat/bindings/openssl/_conditional.py +++ b/src/cryptography/hazmat/bindings/openssl/_conditional.py @@ -250,6 +250,13 @@ def cryptography_has_fips(): ] +def cryptography_has_ssl_sigalgs(): + return [ + "SSL_CTX_set1_sigalgs_list", + "SSL_get_sigalgs", + ] + + # This is a mapping of # {condition: function-returning-names-dependent-on-that-condition} so we can # loop over them and delete unsupported names at runtime. It will be removed @@ -300,4 +307,5 @@ CONDITIONAL_NAMES = { cryptography_has_evp_pkey_get_set_tls_encodedpoint ), "Cryptography_HAS_FIPS": cryptography_has_fips, + "Cryptography_HAS_SIGALGS": cryptography_has_ssl_sigalgs, } |