diff options
| -rw-r--r-- | cryptography/hazmat/backends/openssl/ssl.py | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/cryptography/hazmat/backends/openssl/ssl.py b/cryptography/hazmat/backends/openssl/ssl.py index 596db05b..c3d485b2 100644 --- a/cryptography/hazmat/backends/openssl/ssl.py +++ b/cryptography/hazmat/backends/openssl/ssl.py @@ -13,6 +13,11 @@ INCLUDES = """ #include <openssl/ssl.h> + +/* + * Get some simpler definitions for some types used by later prototypes. + */ +typedef STACK_OF(X509) Cryptography_STACK_OF_X509; """ TYPES = """ @@ -110,6 +115,8 @@ static const int X509_V_OK; typedef ... SSL_METHOD; typedef ... SSL_CTX; +typedef ... Cryptography_STACK_OF_X509; + typedef struct { int master_key_length; unsigned char master_key[...]; @@ -157,6 +164,15 @@ int SSL_pending(const SSL *); int SSL_write(SSL *, const void *, int); int SSL_read(SSL *, void *, int); X509 *SSL_get_peer_certificate(const SSL *); + +/* + * OpenSSL defines these with STACK_OF(...) but the STACK_OF macro does not + * play well with cffi. + */ + +Cryptography_STACK_OF_X509 *SSL_get_peer_cert_chain(const SSL *); +// Cryptography_STACK_OF_X509_NAME *SSL_get_client_CA_list(const SSL *); + int SSL_get_error(const SSL *, int); int SSL_do_handshake(SSL *); int SSL_shutdown(SSL *); @@ -186,6 +202,12 @@ void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *); X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *); int SSL_CTX_add_client_CA(SSL_CTX *, X509 *); +/* + * See comment above about STACK_OF(...) vs stack_st_... + */ +// void SSL_CTX_set_client_CA_list(SSL_CTX *, Cryptography_STACK_OF_X509_NAME *); + + /* X509_STORE_CTX */ int X509_STORE_CTX_get_error(X509_STORE_CTX *); void X509_STORE_CTX_set_error(X509_STORE_CTX *, int); |