Add bindings for DTLS support (#4089)

* + more DTLS bindings

* + BIO_CTRL_DGRAM*

* + read ahead functions

* rm BIO_CTRL_DGRAM_SET_PEEK_MODE

* rm BIO_CTRL_DGRAM_SET_DONT_FRAG

* + link mtu conditional logic

* rm some BIO_CTRL_DGRAM* bindings

3 files changed, 30 insertions, 0 deletions

diff --git a/src/_cffi_src/openssl/bio.py b/src/_cffi_src/openssl/bio.py
index 2d9659e1..d3dd6690 100644
--- a/src/_cffi_src/openssl/bio.py
+++ b/src/_cffi_src/openssl/bio.py
@@ -36,6 +36,13 @@ static const int BIO_CTRL_INFO;
 static const int BIO_CTRL_GET;
 static const int BIO_CTRL_PENDING;
 static const int BIO_CTRL_WPENDING;
+static const int BIO_CTRL_DGRAM_SET_CONNECTED;
+static const int BIO_CTRL_DGRAM_SET_RECV_TIMEOUT;
+static const int BIO_CTRL_DGRAM_GET_RECV_TIMEOUT;
+static const int BIO_CTRL_DGRAM_SET_SEND_TIMEOUT;
+static const int BIO_CTRL_DGRAM_GET_SEND_TIMEOUT;
+static const int BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP;
+static const int BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP;
 static const int BIO_C_FILE_SEEK;
 static const int BIO_C_FILE_TELL;
 static const int BIO_TYPE_NONE;
@@ -68,6 +75,7 @@ BIO *BIO_new_file(const char *, const char *);
 BIO *BIO_new_fp(FILE *, int);
 BIO *BIO_new_fd(int, int);
 BIO *BIO_new_socket(int, int);
+BIO *BIO_new_dgram(int, int);
 long BIO_ctrl(BIO *, int, long, void *);
 long BIO_callback_ctrl(
     BIO *,
@@ -91,6 +99,7 @@ BIO_METHOD *BIO_s_mem(void);
 BIO_METHOD *BIO_s_file(void);
 BIO_METHOD *BIO_s_fd(void);
 BIO_METHOD *BIO_s_socket(void);
+BIO_METHOD *BIO_s_datagram(void);
 BIO_METHOD *BIO_s_null(void);
 BIO_METHOD *BIO_f_null(void);
 BIO_METHOD *BIO_f_buffer(void);
diff --git a/src/_cffi_src/openssl/ssl.py b/src/_cffi_src/openssl/ssl.py
index 420beb12..d4d3a44a 100644
--- a/src/_cffi_src/openssl/ssl.py
+++ b/src/_cffi_src/openssl/ssl.py
@@ -229,6 +229,21 @@ void SSL_CTX_set_cert_verify_callback(SSL_CTX *,
                                       int (*)(X509_STORE_CTX *, void *),
                                       void *);
 
+void SSL_CTX_set_cookie_generate_cb(SSL_CTX *,
+                                    int (*)(
+                                        SSL *,
+                                        unsigned char *,
+                                        unsigned int *
+                                    ));
+void SSL_CTX_set_cookie_verify_cb(SSL_CTX *,
+                                  int (*)(
+                                      SSL *,
+                                      const unsigned char *,
+                                      unsigned int
+                                  ));
+long SSL_CTX_get_read_ahead(SSL_CTX *);
+long SSL_CTX_set_read_ahead(SSL_CTX *, long);
+
 int SSL_CTX_use_psk_identity_hint(SSL_CTX *, const char *);
 void SSL_CTX_set_psk_server_callback(SSL_CTX *,
                                      unsigned int (*)(
@@ -467,6 +482,8 @@ long SSL_CTX_sess_cache_full(SSL_CTX *);
 /* DTLS support */
 long Cryptography_DTLSv1_get_timeout(SSL *, time_t *, long *);
 long DTLSv1_handle_timeout(SSL *);
+long DTLS_set_link_mtu(SSL *, long);
+long DTLS_get_link_min_mtu(SSL *);
 """
 
 CUSTOMIZATIONS = """
@@ -630,6 +647,8 @@ const SSL_METHOD *(*DTLS_server_method)(void) = NULL;
 const SSL_METHOD *(*DTLS_client_method)(void) = NULL;
 static const long SSL_OP_NO_DTLSv1 = NULL;
 static const long SSL_OP_NO_DTLSv1_2 = NULL;
+long *(*DTLS_set_link_mtu)(SSL *, long) = NULL;
+long *(*DTLS_get_link_min_mtu)(SSL *) = NULL;
 #else
 static const long Cryptography_HAS_GENERIC_DTLS_METHOD = 1;
 #endif
diff --git a/src/cryptography/hazmat/bindings/openssl/_conditional.py b/src/cryptography/hazmat/bindings/openssl/_conditional.py
index 6dab2bf0..006a80a5 100644
--- a/src/cryptography/hazmat/bindings/openssl/_conditional.py
+++ b/src/cryptography/hazmat/bindings/openssl/_conditional.py
@@ -197,6 +197,8 @@ def cryptography_has_generic_dtls_method():
         "DTLS_client_method",
         "SSL_OP_NO_DTLSv1",
         "SSL_OP_NO_DTLSv1_2",
+        "DTLS_set_link_mtu",
+        "DTLS_get_link_min_mtu",
     ]