aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--cryptography/hazmat/bindings/openssl/aes.py28
-rw-r--r--cryptography/hazmat/bindings/openssl/bio.py5
-rw-r--r--cryptography/hazmat/bindings/openssl/ec.py144
-rw-r--r--cryptography/hazmat/bindings/openssl/err.py41
-rw-r--r--cryptography/hazmat/bindings/openssl/evp.py13
-rw-r--r--cryptography/hazmat/bindings/openssl/nid.py142
-rw-r--r--cryptography/hazmat/bindings/openssl/ssl.py40
7 files changed, 248 insertions, 165 deletions
diff --git a/cryptography/hazmat/bindings/openssl/aes.py b/cryptography/hazmat/bindings/openssl/aes.py
index 6cbcd577..95ed5271 100644
--- a/cryptography/hazmat/bindings/openssl/aes.py
+++ b/cryptography/hazmat/bindings/openssl/aes.py
@@ -16,6 +16,8 @@ INCLUDES = """
"""
TYPES = """
+static const int Cryptography_HAS_AES_WRAP;
+
struct aes_key_st {
...;
};
@@ -25,16 +27,34 @@ typedef struct aes_key_st AES_KEY;
FUNCTIONS = """
int AES_set_encrypt_key(const unsigned char *, const int, AES_KEY *);
int AES_set_decrypt_key(const unsigned char *, const int, AES_KEY *);
+"""
+
+MACROS = """
+/* these can be moved back to FUNCTIONS once we drop support for 0.9.8h.
+ This should be when we drop RHEL/CentOS 5, which is on 0.9.8e. */
int AES_wrap_key(AES_KEY *, const unsigned char *, unsigned char *,
const unsigned char *, unsigned int);
int AES_unwrap_key(AES_KEY *, const unsigned char *, unsigned char *,
const unsigned char *, unsigned int);
"""
-MACROS = """
-"""
-
CUSTOMIZATIONS = """
+// OpenSSL 0.9.8h+
+#if OPENSSL_VERSION_NUMBER >= 0x0090808fL
+static const long Cryptography_HAS_AES_WRAP = 1;
+#else
+static const long Cryptography_HAS_AES_WRAP = 0;
+int (*AES_wrap_key)(AES_KEY *, const unsigned char *, unsigned char *,
+ const unsigned char *, unsigned int) = NULL;
+int (*AES_unwrap_key)(AES_KEY *, const unsigned char *, unsigned char *,
+ const unsigned char *, unsigned int) = NULL;
+#endif
+
"""
-CONDITIONAL_NAMES = {}
+CONDITIONAL_NAMES = {
+ "Cryptography_HAS_AES_WRAP": [
+ "AES_wrap_key",
+ "AES_unwrap_key",
+ ],
+}
diff --git a/cryptography/hazmat/bindings/openssl/bio.py b/cryptography/hazmat/bindings/openssl/bio.py
index 279ad223..28172689 100644
--- a/cryptography/hazmat/bindings/openssl/bio.py
+++ b/cryptography/hazmat/bindings/openssl/bio.py
@@ -105,7 +105,6 @@ BIO *BIO_push(BIO *, BIO *);
BIO *BIO_pop(BIO *);
BIO *BIO_next(BIO *);
BIO *BIO_find_type(BIO *, int);
-int BIO_method_type(const BIO *);
BIO_METHOD *BIO_s_mem(void);
BIO *BIO_new_mem_buf(void *, int);
BIO_METHOD *BIO_s_file(void);
@@ -168,6 +167,10 @@ long BIO_set_read_buffer_size(BIO *, long);
long BIO_set_write_buffer_size(BIO *, long);
long BIO_set_buffer_size(BIO *, long);
long BIO_set_buffer_read_data(BIO *, void *, long);
+
+/* The following was a macro in 0.9.8e. Once we drop support for RHEL/CentOS 5
+ we should move this back to FUNCTIONS. */
+int BIO_method_type(const BIO *);
"""
CUSTOMIZATIONS = """
diff --git a/cryptography/hazmat/bindings/openssl/ec.py b/cryptography/hazmat/bindings/openssl/ec.py
index 4a42960c..9d6f7cb9 100644
--- a/cryptography/hazmat/bindings/openssl/ec.py
+++ b/cryptography/hazmat/bindings/openssl/ec.py
@@ -27,150 +27,6 @@ typedef struct {
int nid;
const char *comment;
} EC_builtin_curve;
-
-static const int NID_X9_62_c2pnb163v1;
-static const int NID_X9_62_c2pnb163v2;
-static const int NID_X9_62_c2pnb163v3;
-static const int NID_X9_62_c2pnb176v1;
-static const int NID_X9_62_c2tnb191v1;
-static const int NID_X9_62_c2tnb191v2;
-static const int NID_X9_62_c2tnb191v3;
-static const int NID_X9_62_c2onb191v4;
-static const int NID_X9_62_c2onb191v5;
-static const int NID_X9_62_c2pnb208w1;
-static const int NID_X9_62_c2tnb239v1;
-static const int NID_X9_62_c2tnb239v2;
-static const int NID_X9_62_c2tnb239v3;
-static const int NID_X9_62_c2onb239v4;
-static const int NID_X9_62_c2onb239v5;
-static const int NID_X9_62_c2pnb272w1;
-static const int NID_X9_62_c2pnb304w1;
-static const int NID_X9_62_c2tnb359v1;
-static const int NID_X9_62_c2pnb368w1;
-static const int NID_X9_62_c2tnb431r1;
-static const int NID_X9_62_prime192v1;
-static const int NID_X9_62_prime192v2;
-static const int NID_X9_62_prime192v3;
-static const int NID_X9_62_prime239v1;
-static const int NID_X9_62_prime239v2;
-static const int NID_X9_62_prime239v3;
-static const int NID_X9_62_prime256v1;
-static const int NID_secp112r1;
-static const int NID_secp112r2;
-static const int NID_secp128r1;
-static const int NID_secp128r2;
-static const int NID_secp160k1;
-static const int NID_secp160r1;
-static const int NID_secp160r2;
-static const int NID_sect163k1;
-static const int NID_sect163r1;
-static const int NID_sect163r2;
-static const int NID_secp192k1;
-static const int NID_secp224k1;
-static const int NID_secp224r1;
-static const int NID_secp256k1;
-static const int NID_secp384r1;
-static const int NID_secp521r1;
-static const int NID_sect113r1;
-static const int NID_sect113r2;
-static const int NID_sect131r1;
-static const int NID_sect131r2;
-static const int NID_sect193r1;
-static const int NID_sect193r2;
-static const int NID_sect233k1;
-static const int NID_sect233r1;
-static const int NID_sect239k1;
-static const int NID_sect283k1;
-static const int NID_sect283r1;
-static const int NID_sect409k1;
-static const int NID_sect409r1;
-static const int NID_sect571k1;
-static const int NID_sect571r1;
-static const int NID_wap_wsg_idm_ecid_wtls1;
-static const int NID_wap_wsg_idm_ecid_wtls3;
-static const int NID_wap_wsg_idm_ecid_wtls4;
-static const int NID_wap_wsg_idm_ecid_wtls5;
-static const int NID_wap_wsg_idm_ecid_wtls6;
-static const int NID_wap_wsg_idm_ecid_wtls7;
-static const int NID_wap_wsg_idm_ecid_wtls8;
-static const int NID_wap_wsg_idm_ecid_wtls9;
-static const int NID_wap_wsg_idm_ecid_wtls10;
-static const int NID_wap_wsg_idm_ecid_wtls11;
-static const int NID_wap_wsg_idm_ecid_wtls12;
-static const int NID_ipsec3;
-static const int NID_ipsec4;
-static const char *const SN_X9_62_c2pnb163v1;
-static const char *const SN_X9_62_c2pnb163v2;
-static const char *const SN_X9_62_c2pnb163v3;
-static const char *const SN_X9_62_c2pnb176v1;
-static const char *const SN_X9_62_c2tnb191v1;
-static const char *const SN_X9_62_c2tnb191v2;
-static const char *const SN_X9_62_c2tnb191v3;
-static const char *const SN_X9_62_c2onb191v4;
-static const char *const SN_X9_62_c2onb191v5;
-static const char *const SN_X9_62_c2pnb208w1;
-static const char *const SN_X9_62_c2tnb239v1;
-static const char *const SN_X9_62_c2tnb239v2;
-static const char *const SN_X9_62_c2tnb239v3;
-static const char *const SN_X9_62_c2onb239v4;
-static const char *const SN_X9_62_c2onb239v5;
-static const char *const SN_X9_62_c2pnb272w1;
-static const char *const SN_X9_62_c2pnb304w1;
-static const char *const SN_X9_62_c2tnb359v1;
-static const char *const SN_X9_62_c2pnb368w1;
-static const char *const SN_X9_62_c2tnb431r1;
-static const char *const SN_X9_62_prime192v1;
-static const char *const SN_X9_62_prime192v2;
-static const char *const SN_X9_62_prime192v3;
-static const char *const SN_X9_62_prime239v1;
-static const char *const SN_X9_62_prime239v2;
-static const char *const SN_X9_62_prime239v3;
-static const char *const SN_X9_62_prime256v1;
-static const char *const SN_secp112r1;
-static const char *const SN_secp112r2;
-static const char *const SN_secp128r1;
-static const char *const SN_secp128r2;
-static const char *const SN_secp160k1;
-static const char *const SN_secp160r1;
-static const char *const SN_secp160r2;
-static const char *const SN_sect163k1;
-static const char *const SN_sect163r1;
-static const char *const SN_sect163r2;
-static const char *const SN_secp192k1;
-static const char *const SN_secp224k1;
-static const char *const SN_secp224r1;
-static const char *const SN_secp256k1;
-static const char *const SN_secp384r1;
-static const char *const SN_secp521r1;
-static const char *const SN_sect113r1;
-static const char *const SN_sect113r2;
-static const char *const SN_sect131r1;
-static const char *const SN_sect131r2;
-static const char *const SN_sect193r1;
-static const char *const SN_sect193r2;
-static const char *const SN_sect233k1;
-static const char *const SN_sect233r1;
-static const char *const SN_sect239k1;
-static const char *const SN_sect283k1;
-static const char *const SN_sect283r1;
-static const char *const SN_sect409k1;
-static const char *const SN_sect409r1;
-static const char *const SN_sect571k1;
-static const char *const SN_sect571r1;
-static const char *const SN_wap_wsg_idm_ecid_wtls1;
-static const char *const SN_wap_wsg_idm_ecid_wtls3;
-static const char *const SN_wap_wsg_idm_ecid_wtls4;
-static const char *const SN_wap_wsg_idm_ecid_wtls5;
-static const char *const SN_wap_wsg_idm_ecid_wtls6;
-static const char *const SN_wap_wsg_idm_ecid_wtls7;
-static const char *const SN_wap_wsg_idm_ecid_wtls8;
-static const char *const SN_wap_wsg_idm_ecid_wtls9;
-static const char *const SN_wap_wsg_idm_ecid_wtls10;
-static const char *const SN_wap_wsg_idm_ecid_wtls11;
-static const char *const SN_wap_wsg_idm_ecid_wtls12;
-static const char *const SN_ipsec3;
-static const char *const SN_ipsec4;
-
"""
FUNCTIONS = """
diff --git a/cryptography/hazmat/bindings/openssl/err.py b/cryptography/hazmat/bindings/openssl/err.py
index f2058ad8..f21d98b6 100644
--- a/cryptography/hazmat/bindings/openssl/err.py
+++ b/cryptography/hazmat/bindings/openssl/err.py
@@ -17,6 +17,7 @@ INCLUDES = """
TYPES = """
static const int Cryptography_HAS_REMOVE_THREAD_STATE;
+static const int Cryptography_HAS_098H_ERROR_CODES;
struct ERR_string_data_st {
unsigned long error;
@@ -50,8 +51,6 @@ static const int ASN1_F_ASN1_TYPE_GET_OCTETSTRING;
static const int ASN1_F_ASN1_UNPACK_STRING;
static const int ASN1_F_ASN1_UTCTIME_SET;
static const int ASN1_F_ASN1_VERIFY;
-static const int ASN1_F_B64_READ_ASN1;
-static const int ASN1_F_B64_WRITE_ASN1;
static const int ASN1_F_BITSTR_CB;
static const int ASN1_F_BN_TO_ASN1_ENUMERATED;
static const int ASN1_F_BN_TO_ASN1_INTEGER;
@@ -71,8 +70,6 @@ static const int ASN1_F_LONG_C2I;
static const int ASN1_F_OID_MODULE_INIT;
static const int ASN1_F_PARSE_TAGGING;
static const int ASN1_F_PKCS5_PBE_SET;
-static const int ASN1_F_SMIME_READ_ASN1;
-static const int ASN1_F_SMIME_TEXT;
static const int ASN1_F_X509_CINF_NEW;
static const int ASN1_R_BOOLEAN_IS_WRONG_LENGTH;
static const int ASN1_R_BUFFER_TOO_SMALL;
@@ -86,10 +83,7 @@ static const int ASN1_R_ERROR_GETTING_TIME;
static const int ASN1_R_ERROR_LOADING_SECTION;
static const int ASN1_R_MSTRING_WRONG_TAG;
static const int ASN1_R_NESTED_ASN1_STRING;
-static const int ASN1_R_NO_CONTENT_TYPE;
static const int ASN1_R_NO_MATCHING_CHOICE_TYPE;
-static const int ASN1_R_NO_MULTIPART_BODY_FAILURE;
-static const int ASN1_R_NO_MULTIPART_BOUNDARY;
static const int ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM;
static const int ASN1_R_UNKNOWN_OBJECT_TYPE;
static const int ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE;
@@ -257,6 +251,16 @@ int ERR_FATAL_ERROR(unsigned long);
* supporting 0.9.8
*/
void ERR_remove_thread_state(const CRYPTO_THREADID *);
+
+/* These were added in OpenSSL 0.9.8h. When we drop support for RHEL/CentOS 5
+ we should be able to move these back to TYPES. */
+static const int ASN1_F_B64_READ_ASN1;
+static const int ASN1_F_B64_WRITE_ASN1;
+static const int ASN1_F_SMIME_READ_ASN1;
+static const int ASN1_F_SMIME_TEXT;
+static const int ASN1_R_NO_CONTENT_TYPE;
+static const int ASN1_R_NO_MULTIPART_BODY_FAILURE;
+static const int ASN1_R_NO_MULTIPART_BOUNDARY;
"""
CUSTOMIZATIONS = """
@@ -267,10 +271,33 @@ static const long Cryptography_HAS_REMOVE_THREAD_STATE = 0;
typedef uint32_t CRYPTO_THREADID;
void (*ERR_remove_thread_state)(const CRYPTO_THREADID *) = NULL;
#endif
+
+// OpenSSL 0.9.8h+
+#if OPENSSL_VERSION_NUMBER >= 0x0090808fL
+static const long Cryptography_HAS_098H_ERROR_CODES = 1;
+#else
+static const long Cryptography_HAS_098H_ERROR_CODES = 0;
+static const int ASN1_F_B64_READ_ASN1 = 0;
+static const int ASN1_F_B64_WRITE_ASN1 = 0;
+static const int ASN1_F_SMIME_READ_ASN1 = 0;
+static const int ASN1_F_SMIME_TEXT = 0;
+static const int ASN1_R_NO_CONTENT_TYPE = 0;
+static const int ASN1_R_NO_MULTIPART_BODY_FAILURE = 0;
+static const int ASN1_R_NO_MULTIPART_BOUNDARY = 0;
+#endif
"""
CONDITIONAL_NAMES = {
"Cryptography_HAS_REMOVE_THREAD_STATE": [
"ERR_remove_thread_state"
],
+ "Cryptography_HAS_098H_ERROR_CODES": [
+ "ASN1_F_B64_READ_ASN1",
+ "ASN1_F_B64_WRITE_ASN1",
+ "ASN1_F_SMIME_READ_ASN1",
+ "ASN1_F_SMIME_TEXT",
+ "ASN1_R_NO_CONTENT_TYPE",
+ "ASN1_R_NO_MULTIPART_BODY_FAILURE",
+ "ASN1_R_NO_MULTIPART_BOUNDARY",
+ ],
}
diff --git a/cryptography/hazmat/bindings/openssl/evp.py b/cryptography/hazmat/bindings/openssl/evp.py
index a5e19c3a..77128c47 100644
--- a/cryptography/hazmat/bindings/openssl/evp.py
+++ b/cryptography/hazmat/bindings/openssl/evp.py
@@ -64,8 +64,6 @@ int EVP_CipherUpdate(EVP_CIPHER_CTX *, unsigned char *, int *,
const unsigned char *, int);
int EVP_CipherFinal_ex(EVP_CIPHER_CTX *, unsigned char *, int *);
int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
-const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *);
-int EVP_CIPHER_block_size(const EVP_CIPHER *);
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *);
EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *);
@@ -79,8 +77,6 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *, unsigned char *, unsigned int *);
int EVP_MD_CTX_cleanup(EVP_MD_CTX *);
void EVP_MD_CTX_destroy(EVP_MD_CTX *);
const EVP_MD *EVP_get_digestbyname(const char *);
-const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *);
-int EVP_MD_size(const EVP_MD *);
EVP_PKEY *EVP_PKEY_new(void);
void EVP_PKEY_free(EVP_PKEY *);
@@ -143,6 +139,13 @@ int EVP_PKEY_sign(EVP_PKEY_CTX *, unsigned char *, size_t *,
int EVP_PKEY_verify_init(EVP_PKEY_CTX *);
int EVP_PKEY_verify(EVP_PKEY_CTX *, const unsigned char *, size_t,
const unsigned char *, size_t);
+
+/* The following were macros in 0.9.8e. Once we drop support for RHEL/CentOS 5
+ we should move these back to FUNCTIONS. */
+const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *);
+int EVP_CIPHER_block_size(const EVP_CIPHER *);
+const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *);
+int EVP_MD_size(const EVP_MD *);
"""
CUSTOMIZATIONS = """
@@ -154,7 +157,7 @@ const long EVP_CTRL_GCM_GET_TAG = -1;
const long EVP_CTRL_GCM_SET_TAG = -1;
const long EVP_CTRL_GCM_SET_IVLEN = -1;
#endif
-#if OPENSSL_VERSION_NUMBER >= 0x10000000
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
const long Cryptography_HAS_PBKDF2_HMAC = 1;
const long Cryptography_HAS_PKEY_CTX = 1;
#else
diff --git a/cryptography/hazmat/bindings/openssl/nid.py b/cryptography/hazmat/bindings/openssl/nid.py
index 40aed19f..a772d374 100644
--- a/cryptography/hazmat/bindings/openssl/nid.py
+++ b/cryptography/hazmat/bindings/openssl/nid.py
@@ -38,6 +38,148 @@ static const int NID_ecdsa_with_SHA512;
static const int NID_crl_reason;
static const int NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
static const int NID_subject_alt_name;
+static const int NID_X9_62_c2pnb163v1;
+static const int NID_X9_62_c2pnb163v2;
+static const int NID_X9_62_c2pnb163v3;
+static const int NID_X9_62_c2pnb176v1;
+static const int NID_X9_62_c2tnb191v1;
+static const int NID_X9_62_c2tnb191v2;
+static const int NID_X9_62_c2tnb191v3;
+static const int NID_X9_62_c2onb191v4;
+static const int NID_X9_62_c2onb191v5;
+static const int NID_X9_62_c2pnb208w1;
+static const int NID_X9_62_c2tnb239v1;
+static const int NID_X9_62_c2tnb239v2;
+static const int NID_X9_62_c2tnb239v3;
+static const int NID_X9_62_c2onb239v4;
+static const int NID_X9_62_c2onb239v5;
+static const int NID_X9_62_c2pnb272w1;
+static const int NID_X9_62_c2pnb304w1;
+static const int NID_X9_62_c2tnb359v1;
+static const int NID_X9_62_c2pnb368w1;
+static const int NID_X9_62_c2tnb431r1;
+static const int NID_X9_62_prime192v1;
+static const int NID_X9_62_prime192v2;
+static const int NID_X9_62_prime192v3;
+static const int NID_X9_62_prime239v1;
+static const int NID_X9_62_prime239v2;
+static const int NID_X9_62_prime239v3;
+static const int NID_X9_62_prime256v1;
+static const int NID_secp112r1;
+static const int NID_secp112r2;
+static const int NID_secp128r1;
+static const int NID_secp128r2;
+static const int NID_secp160k1;
+static const int NID_secp160r1;
+static const int NID_secp160r2;
+static const int NID_sect163k1;
+static const int NID_sect163r1;
+static const int NID_sect163r2;
+static const int NID_secp192k1;
+static const int NID_secp224k1;
+static const int NID_secp224r1;
+static const int NID_secp256k1;
+static const int NID_secp384r1;
+static const int NID_secp521r1;
+static const int NID_sect113r1;
+static const int NID_sect113r2;
+static const int NID_sect131r1;
+static const int NID_sect131r2;
+static const int NID_sect193r1;
+static const int NID_sect193r2;
+static const int NID_sect233k1;
+static const int NID_sect233r1;
+static const int NID_sect239k1;
+static const int NID_sect283k1;
+static const int NID_sect283r1;
+static const int NID_sect409k1;
+static const int NID_sect409r1;
+static const int NID_sect571k1;
+static const int NID_sect571r1;
+static const int NID_wap_wsg_idm_ecid_wtls1;
+static const int NID_wap_wsg_idm_ecid_wtls3;
+static const int NID_wap_wsg_idm_ecid_wtls4;
+static const int NID_wap_wsg_idm_ecid_wtls5;
+static const int NID_wap_wsg_idm_ecid_wtls6;
+static const int NID_wap_wsg_idm_ecid_wtls7;
+static const int NID_wap_wsg_idm_ecid_wtls8;
+static const int NID_wap_wsg_idm_ecid_wtls9;
+static const int NID_wap_wsg_idm_ecid_wtls10;
+static const int NID_wap_wsg_idm_ecid_wtls11;
+static const int NID_wap_wsg_idm_ecid_wtls12;
+static const int NID_ipsec3;
+static const int NID_ipsec4;
+static const char *const SN_X9_62_c2pnb163v1;
+static const char *const SN_X9_62_c2pnb163v2;
+static const char *const SN_X9_62_c2pnb163v3;
+static const char *const SN_X9_62_c2pnb176v1;
+static const char *const SN_X9_62_c2tnb191v1;
+static const char *const SN_X9_62_c2tnb191v2;
+static const char *const SN_X9_62_c2tnb191v3;
+static const char *const SN_X9_62_c2onb191v4;
+static const char *const SN_X9_62_c2onb191v5;
+static const char *const SN_X9_62_c2pnb208w1;
+static const char *const SN_X9_62_c2tnb239v1;
+static const char *const SN_X9_62_c2tnb239v2;
+static const char *const SN_X9_62_c2tnb239v3;
+static const char *const SN_X9_62_c2onb239v4;
+static const char *const SN_X9_62_c2onb239v5;
+static const char *const SN_X9_62_c2pnb272w1;
+static const char *const SN_X9_62_c2pnb304w1;
+static const char *const SN_X9_62_c2tnb359v1;
+static const char *const SN_X9_62_c2pnb368w1;
+static const char *const SN_X9_62_c2tnb431r1;
+static const char *const SN_X9_62_prime192v1;
+static const char *const SN_X9_62_prime192v2;
+static const char *const SN_X9_62_prime192v3;
+static const char *const SN_X9_62_prime239v1;
+static const char *const SN_X9_62_prime239v2;
+static const char *const SN_X9_62_prime239v3;
+static const char *const SN_X9_62_prime256v1;
+static const char *const SN_secp112r1;
+static const char *const SN_secp112r2;
+static const char *const SN_secp128r1;
+static const char *const SN_secp128r2;
+static const char *const SN_secp160k1;
+static const char *const SN_secp160r1;
+static const char *const SN_secp160r2;
+static const char *const SN_sect163k1;
+static const char *const SN_sect163r1;
+static const char *const SN_sect163r2;
+static const char *const SN_secp192k1;
+static const char *const SN_secp224k1;
+static const char *const SN_secp224r1;
+static const char *const SN_secp256k1;
+static const char *const SN_secp384r1;
+static const char *const SN_secp521r1;
+static const char *const SN_sect113r1;
+static const char *const SN_sect113r2;
+static const char *const SN_sect131r1;
+static const char *const SN_sect131r2;
+static const char *const SN_sect193r1;
+static const char *const SN_sect193r2;
+static const char *const SN_sect233k1;
+static const char *const SN_sect233r1;
+static const char *const SN_sect239k1;
+static const char *const SN_sect283k1;
+static const char *const SN_sect283r1;
+static const char *const SN_sect409k1;
+static const char *const SN_sect409r1;
+static const char *const SN_sect571k1;
+static const char *const SN_sect571r1;
+static const char *const SN_wap_wsg_idm_ecid_wtls1;
+static const char *const SN_wap_wsg_idm_ecid_wtls3;
+static const char *const SN_wap_wsg_idm_ecid_wtls4;
+static const char *const SN_wap_wsg_idm_ecid_wtls5;
+static const char *const SN_wap_wsg_idm_ecid_wtls6;
+static const char *const SN_wap_wsg_idm_ecid_wtls7;
+static const char *const SN_wap_wsg_idm_ecid_wtls8;
+static const char *const SN_wap_wsg_idm_ecid_wtls9;
+static const char *const SN_wap_wsg_idm_ecid_wtls10;
+static const char *const SN_wap_wsg_idm_ecid_wtls11;
+static const char *const SN_wap_wsg_idm_ecid_wtls12;
+static const char *const SN_ipsec3;
+static const char *const SN_ipsec4;
"""
FUNCTIONS = """
diff --git a/cryptography/hazmat/bindings/openssl/ssl.py b/cryptography/hazmat/bindings/openssl/ssl.py
index 25e49672..25bef49a 100644
--- a/cryptography/hazmat/bindings/openssl/ssl.py
+++ b/cryptography/hazmat/bindings/openssl/ssl.py
@@ -37,6 +37,8 @@ static const int Cryptography_HAS_RELEASE_BUFFERS;
static const int Cryptography_HAS_OP_NO_COMPRESSION;
static const int Cryptography_HAS_SSL_OP_MSIE_SSLV2_RSA_PADDING;
+static const int Cryptography_HAS_SSL_SET_SSL_CTX;
+static const int Cryptography_HAS_SSL_OP_NO_TICKET;
static const int SSL_FILETYPE_PEM;
static const int SSL_FILETYPE_ASN1;
@@ -150,7 +152,6 @@ void SSL_load_error_strings(void);
int SSL_library_init(void);
/* SSL */
-SSL_CTX *SSL_set_SSL_CTX(SSL *, SSL_CTX *);
SSL_SESSION *SSL_get1_session(SSL *);
int SSL_set_session(SSL *, SSL_SESSION *);
int SSL_get_verify_mode(const SSL *);
@@ -187,8 +188,6 @@ int SSL_CTX_set_default_verify_paths(SSL_CTX *);
void SSL_CTX_set_verify(SSL_CTX *, int, int (*)(int, X509_STORE_CTX *));
void SSL_CTX_set_verify_depth(SSL_CTX *, int);
int (*SSL_CTX_get_verify_callback(const SSL_CTX *))(int, X509_STORE_CTX *);
-void SSL_CTX_set_info_callback(SSL_CTX *, void (*)(const SSL *, int, int));
-void (*SSL_CTX_get_info_callback(SSL_CTX *))(const SSL *, int, int);
int SSL_CTX_get_verify_mode(const SSL_CTX *);
int SSL_CTX_get_verify_depth(const SSL_CTX *);
int SSL_CTX_set_cipher_list(SSL_CTX *, const char *);
@@ -304,6 +303,14 @@ void SSL_CTX_set_tlsext_servername_callback(
int (*)(const SSL *, int *, void *));
long SSL_session_reused(SSL *);
+
+/* The following were macros in 0.9.8e. Once we drop support for RHEL/CentOS 5
+ we should move these back to FUNCTIONS. */
+void SSL_CTX_set_info_callback(SSL_CTX *, void (*)(const SSL *, int, int));
+void (*SSL_CTX_get_info_callback(SSL_CTX *))(const SSL *, int, int);
+/* This function does not exist in 0.9.8e. Once we drop support for
+ RHEL/CentOS 5 this can be moved back to FUNCTIONS. */
+SSL_CTX *SSL_set_SSL_CTX(SSL *, SSL_CTX *);
"""
CUSTOMIZATIONS = """
@@ -371,6 +378,22 @@ const long SSL_OP_MSIE_SSLV2_RSA_PADDING = 0;
#ifdef OPENSSL_NO_EC
long (*SSL_CTX_set_tmp_ecdh)(SSL_CTX *, EC_KEY *) = NULL;
#endif
+
+#ifdef SSL_OP_NO_TICKET
+static const long Cryptography_HAS_SSL_OP_NO_TICKET = 1;
+#else
+static const long Cryptography_HAS_SSL_OP_NO_TICKET = 0;
+const long SSL_OP_NO_TICKET = 0;
+#endif
+
+// OpenSSL 0.9.8f+
+#if OPENSSL_VERSION_NUMBER >= 0x00908070L
+static const long Cryptography_HAS_SSL_SET_SSL_CTX = 1;
+#else
+static const long Cryptography_HAS_SSL_SET_SSL_CTX = 0;
+static const int TLSEXT_NAMETYPE_host_name = 0;
+SSL_CTX *(*SSL_set_SSL_CTX)(SSL *, SSL_CTX *) = NULL;
+#endif
"""
CONDITIONAL_NAMES = {
@@ -414,5 +437,14 @@ CONDITIONAL_NAMES = {
"Cryptography_HAS_EC": [
"SSL_CTX_set_tmp_ecdh",
- ]
+ ],
+
+ "Cryptography_HAS_SSL_OP_NO_TICKET": [
+ "SSL_OP_NO_TICKET",
+ ],
+
+ "Cryptography_HAS_SSL_SET_SSL_CTX": [
+ "SSL_set_SSL_CTX",
+ "TLSEXT_NAMETYPE_host_name",
+ ],
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-07 20:06:41 +0000