aboutsummaryrefslogtreecommitdiffstats
path: root/src/_cffi_src/openssl/x509_vfy.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/_cffi_src/openssl/x509_vfy.py')
-rw-r--r--src/_cffi_src/openssl/x509_vfy.py19
1 files changed, 7 insertions, 12 deletions
diff --git a/src/_cffi_src/openssl/x509_vfy.py b/src/_cffi_src/openssl/x509_vfy.py
index 4a4b13a1..72691977 100644
--- a/src/_cffi_src/openssl/x509_vfy.py
+++ b/src/_cffi_src/openssl/x509_vfy.py
@@ -212,12 +212,14 @@ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *);
"""
CUSTOMIZATIONS = """
-/* OpenSSL 1.0.2beta2+ verification error codes */
-#if CRYPTOGRAPHY_OPENSSL_102BETA2_OR_GREATER && \
- !defined(LIBRESSL_VERSION_NUMBER)
+/* OpenSSL 1.0.2beta2+ verification parameters and error codes */
+#if CRYPTOGRAPHY_OPENSSL_102BETA2_OR_GREATER
static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 1;
+static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 1;
#else
static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 0;
+static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 0;
+
static const long X509_V_ERR_SUITE_B_INVALID_VERSION = 0;
static const long X509_V_ERR_SUITE_B_INVALID_ALGORITHM = 0;
static const long X509_V_ERR_SUITE_B_INVALID_CURVE = 0;
@@ -227,14 +229,7 @@ static const long X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 = 0;
static const long X509_V_ERR_HOSTNAME_MISMATCH = 0;
static const long X509_V_ERR_EMAIL_MISMATCH = 0;
static const long X509_V_ERR_IP_ADDRESS_MISMATCH = 0;
-#endif
-/* OpenSSL 1.0.2beta2+ verification parameters */
-#if CRYPTOGRAPHY_OPENSSL_102BETA2_OR_GREATER && \
- !defined(LIBRESSL_VERSION_NUMBER)
-static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 1;
-#else
-static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 0;
/* X509_V_FLAG_TRUSTED_FIRST is also new in 1.0.2+, but it is added separately
below because it shows up in some earlier 3rd party OpenSSL packages. */
static const long X509_V_FLAG_SUITEB_128_LOS_ONLY = 0;
@@ -268,7 +263,7 @@ static const long Cryptography_HAS_X509_V_FLAG_TRUSTED_FIRST = 0;
static const long X509_V_FLAG_TRUSTED_FIRST = 0;
#endif
-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE6 || defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE6
Cryptography_STACK_OF_X509_OBJECT *X509_STORE_get0_objects(X509_STORE *ctx) {
return ctx->objs;
}
@@ -280,7 +275,7 @@ int X509_OBJECT_get_type(const X509_OBJECT *x) {
}
#endif
-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 || defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5
/* from x509/x509_vfy.c */
X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx)
{
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-04 15:39:17 +0000