diff options
Diffstat (limited to 'src/_cffi_src')
| -rw-r--r-- | src/_cffi_src/build_openssl.py | 19 | ||||
| -rw-r--r-- | src/_cffi_src/openssl/ssl.py | 19 |
2 files changed, 35 insertions, 3 deletions
diff --git a/src/_cffi_src/build_openssl.py b/src/_cffi_src/build_openssl.py index 6a5bf2da..defa69d3 100644 --- a/src/_cffi_src/build_openssl.py +++ b/src/_cffi_src/build_openssl.py @@ -4,6 +4,7 @@ from __future__ import absolute_import, division, print_function +import os import sys from _cffi_src.utils import build_ffi_for_binding, extra_link_args @@ -11,15 +12,27 @@ from _cffi_src.utils import build_ffi_for_binding, extra_link_args def _get_openssl_libraries(platform): # OpenSSL goes by a different library name on different operating systems. - if platform != "win32": + if platform == "darwin": + return _osx_libraries( + os.environ.get("CRYPTOGRAPHY_OSX_NO_LINK_FLAGS") + ) + elif platform == "win32": + return ["libeay32", "ssleay32", "advapi32", + "crypt32", "gdi32", "user32", "ws2_32"] + else: # In some circumstances, the order in which these libs are # specified on the linker command-line is significant; # libssl must come before libcrypto # (http://marc.info/?l=openssl-users&m=135361825921871) return ["ssl", "crypto"] + + +def _osx_libraries(build_static): + # For building statically we don't want to pass the -lssl or -lcrypto flags + if build_static == "1": + return [] else: - return ["libeay32", "ssleay32", "advapi32", - "crypt32", "gdi32", "user32", "ws2_32"] + return ["ssl", "crypto"] _OSX_PRE_INCLUDE = """ diff --git a/src/_cffi_src/openssl/ssl.py b/src/_cffi_src/openssl/ssl.py index 7a7968a1..ccabb872 100644 --- a/src/_cffi_src/openssl/ssl.py +++ b/src/_cffi_src/openssl/ssl.py @@ -45,6 +45,7 @@ static const long Cryptography_HAS_SSL_OP_NO_TICKET; static const long Cryptography_HAS_NETBSD_D1_METH; static const long Cryptography_HAS_NEXTPROTONEG; static const long Cryptography_HAS_ALPN; +static const long Cryptography_HAS_SET_CERT_CB; static const long SSL_FILETYPE_PEM; static const long SSL_FILETYPE_ASN1; @@ -204,6 +205,8 @@ Cryptography_STACK_OF_X509_NAME *SSL_get_client_CA_list(const SSL *); int SSL_get_error(const SSL *, int); int SSL_do_handshake(SSL *); int SSL_shutdown(SSL *); +int SSL_renegotiate(SSL *); +int SSL_renegotiate_pending(SSL *); const char *SSL_get_cipher_list(const SSL *, int); Cryptography_STACK_OF_SSL_CIPHER *SSL_get_ciphers(const SSL *); @@ -406,6 +409,12 @@ void SSL_CTX_set_alpn_select_cb(SSL_CTX *, void SSL_get0_alpn_selected(const SSL *, const unsigned char **, unsigned *); long SSL_get_server_tmp_key(SSL *, EVP_PKEY **); + +/* SSL_CTX_set_cert_cb is introduced in OpenSSL 1.0.2. To continue to support + * earlier versions some special handling of these is necessary. + */ +void SSL_CTX_set_cert_cb(SSL_CTX *, int (*)(SSL *, void *), void *); +void SSL_set_cert_cb(SSL *, int (*)(SSL *, void *), void *); """ CUSTOMIZATIONS = """ @@ -609,6 +618,16 @@ static const long Cryptography_HAS_ALPN = 0; static const long Cryptography_HAS_ALPN = 1; #endif +/* SSL_CTX_set_cert_cb was added in OpenSSL 1.0.2. */ +#if OPENSSL_VERSION_NUMBER < 0x10002001L || defined(LIBRESSL_VERSION_NUMBER) +void (*SSL_CTX_set_cert_cb)(SSL_CTX *, int (*)(SSL *, void *), void *) = NULL; +void (*SSL_set_cert_cb)(SSL *, int (*)(SSL *, void *), void *) = NULL; +static const long Cryptography_HAS_SET_CERT_CB = 0; +#else +static const long Cryptography_HAS_SET_CERT_CB = 1; +#endif + + #if defined(OPENSSL_NO_COMP) || defined(LIBRESSL_VERSION_NUMBER) static const long Cryptography_HAS_COMPRESSION = 0; typedef void COMP_METHOD; |