aboutsummaryrefslogtreecommitdiffstats
path: root/src/_cffi_src
Commit message (Collapse)AuthorAgeFilesLines
* add poly1305 NID/EVP, and EVP_DigestSign{Update,Final} for incremental (#4799)Paul Kehrer2019-03-072-0/+17
|
* ed25519 support (#4114)Paul Kehrer2019-02-261-0/+3
| | | | | | * ed25519 support * review feedback
* remove unused x509 bindings (#4776)Paul Kehrer2019-02-261-87/+1
|
* remove unused locking functions (#4780)Paul Kehrer2019-02-261-24/+2
| | | | | | | | * remove unused locking functions we do all this in C when necessary * oops, need this
* remove unused DH bindings (#4779)Paul Kehrer2019-02-261-7/+0
|
* remove unused PEM bindings (#4778)Paul Kehrer2019-02-261-10/+0
|
* how about we have less NIDs (#4777)Paul Kehrer2019-02-261-204/+0
| | | | | | * how about we have less NIDs * pyopenssl needs these two NIDs still
* strip out unused EVP functions (#4775)Paul Kehrer2019-02-261-51/+0
|
* Remove unused constant binding from ecdh.py (#4774)Alex Gaynor2019-02-261-3/+0
|
* Remove unused constant from ec.py bindings (#4773)Alex Gaynor2019-02-261-3/+0
|
* Remove unused bindings from aes.py (#4772)Alex Gaynor2019-02-261-7/+1
|
* Removed unused constant from bindings (#4771)Alex Gaynor2019-02-261-2/+0
|
* Polish off removal of unused engine bindings (#4769)Alex Gaynor2019-02-251-12/+0
|
* reduce our engine bindings even more (#4768)Paul Kehrer2019-02-253-78/+18
|
* support NO_ENGINE (#4763)Paul Kehrer2019-02-252-1/+68
| | | | | | | | * support OPENSSL_NO_ENGINE * support some new openssl config args * sigh
* Remove a bunch of unused engine bindings (#4766)Alex Gaynor2019-02-251-61/+0
|
* encode the package version in the shared object (#4756)Paul Kehrer2019-02-201-0/+13
| | | | | | | | | | * encode the package version in the shared object * review feedback * move into build_ffi so the symbol is in all shared objects * review feedback
* Run wycheproof RSA tests on LibreSSL>=2.8 (#4737)Alex Gaynor2019-01-241-1/+10
| | | | | | | | * Run wycheproof RSA tests on LibreSSL>=2.8 * Define it this way * These are errors on libressl
* Use O_CLOEXEC when it's available (#4733)Alex Gaynor2019-01-231-10/+16
| | | | | | | | * Use O_CLOEXEC when it's available * Don't have two vars with the same name * A normal person would be emberassed
* bind EVP_R_MEMORY_LIMIT_EXCEEDED and update a test (#4726)Paul Kehrer2019-01-211-0/+9
| | | | | | | | | | | * bind EVP_R_MEMORY_LIMIT_EXCEEDED and update a test This will allow OpenSSL 1.1.1 on 32-bit (including our Windows 32-bit builders) to fail as expected. Technically this isn't a malloc error, but rather failing because the allocation requested is larger than 32-bits, but raising a MemoryError still seems appropriate * what you want an endif too?
* expose the ed448 nid (#4717)Paul Kehrer2019-01-191-0/+1
| | | | we already did all the conditional binding, but forgot to actually expose it.
* Fixes #4683 -- fixed linux kernel version that has getrandom (#4684)Alex Gaynor2019-01-122-2/+2
|
* Add bindings to get SRTP protection profile (#4679)Jeremy Lainé2019-01-111-0/+6
| | | | | This adds the ability to retrieve the selected SRTP protection profile after the DTLS handshake completes. This is needed to perform the correct key derivation if multiple profiles were offered.
* HTTPS a bunch of links in random places (#4666)Alex Gaynor2018-12-311-1/+1
| | | | | | * HTTPS a bunch of links in random places * What the heck happened here?
* Fixes #4645 -- poll() on /dev/random before reading from /dev/urandom on ↵Alex Gaynor2018-12-291-17/+55
| | | | | | | | | | | | | | | | | | Linux (#4656) * Fixes #4645 -- select() on /dev/random before reading from /dev/urandom on linux * whoops * Missing header * whoops * Review notes * Potential uninitialized fix * Signals are literally impossible
* Raise MemoryError when backend.derive_scrypt can't malloc enough (#4592)Tux2018-12-081-0/+2
| | | | | | | | | | | | * Raise MemoryError when backend.derive_scrypt can't malloc enough * Expose ERR_R_MALLOC_FAILURE and use the reason_match pattern to catch it * Add test_scrypt_malloc_failure in test_scrypt * let's see if this passes * add comment to filippo's blog post about scrypt's params
* switch osrandom engine to blocking mode when getting entropy (#4620)Paul Kehrer2018-12-022-15/+3
| | | | | | | | * switch osrandom engine to blocking mode when getting entropy * review feedback * we can remove this too
* reuse the libressl branch for OpenSSL built with OPENSSL_NO_PSK (#4619)Paul Kehrer2018-12-011-1/+1
|
* Adjust DTLS check (#4593)Rosen Penev2018-11-191-1/+1
| | | OpenSSL defines these even with OPENSSL_NO_DTLS.
* add EVPDigestFinalXOF for extendable output functions (#4589)Paul Kehrer2018-11-131-0/+5
|
* Ed bindings (#4586)Paul Kehrer2018-11-132-0/+21
| | | | | | * add evp_pkey_ed25519 * ed448 bindings
* add bindings for early data (#4582)Paul Kehrer2018-11-121-0/+9
| | | | | | * add bindings for early data * remove final var name
* x448 bindings (#4577)Paul Kehrer2018-11-122-0/+16
|
* add EVP raw key bindings (#4578)Paul Kehrer2018-11-121-0/+18
|
* Revert O_CLOEXEC change to fix builds (#4570)Alex Gaynor2018-11-111-2/+9
|
* add various new TLS bindings (#4555)Paul Kehrer2018-11-031-0/+19
| | | | | | | | | | * add SSL_OP_NO_TLSv1_3 * compiling now * bind SSL_CTX_set_ciphersuites as well * add some more
* do not pass conversion on Solaris (#4545)Bernát Gábor2018-10-301-1/+1
|
* add SCT_get0_signature (#4540)Paul Kehrer2018-10-281-0/+3
|
* add bindings for supporting the issuing distribution point CRL extension (#4532)Paul Kehrer2018-10-271-0/+12
|
* bind a constant for an error check (#4514)Paul Kehrer2018-10-231-0/+1
| | | I hate it when we have to do this.
* Fixes #4500 -- use O_CLOEXEC when opening the /dev/urandom file descriptor ↵Alex Gaynor2018-10-231-9/+2
| | | | | | | | (#4507) * Fixes #4500 -- use O_CLOEXEC when opening the /dev/urandom file descriptor * Unused variable
* Remove branch for old libressl versions that we don't support any more (#4505)Alex Gaynor2018-10-201-2/+1
|
* Add definitions that help with hostname checking (#4492)Kai Engert2018-10-102-0/+41
| | | | | | | | | | | | | | * Add definitions for SSL_get0_param and X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS * remove unnecessary parameter name * Add version conditionals and more flags * extend cryptography_has_102_verification_params * X509_CHECK_FLAG_NEVER_CHECK_SUBJECT only available with openssl 1.1.0+ * add missing declaration
* additional OCSP bindings for the response builder (#4480)Paul Kehrer2018-10-061-3/+5
| | | | | | * additional OCSP bindings for the response builder * use the OCSP extension funcs that match the rest of x509
* add ed25519 bindings (#4476)Paul Kehrer2018-09-263-0/+33
| | | | | | * add ed25519 bindings * var name
* Remove conditionals for OpenSSL 1.1.1 pre-releases (#4467)Alex Gaynor2018-09-152-8/+3
|
* OCSP request extension parsing (#4464)Paul Kehrer2018-09-091-0/+2
| | | | | | | | | | * add OCSP request parsing support with OCSPNonce * add docs * reprs man * make extensions a cached property
* Add flags to error on compile with incompatible pointer type (#4455)Paul Kehrer2018-09-054-21/+26
| | | | | | | | | | | | | | | | * try something a bit different. * newer compiler plz * permute * fix some warnings * fix getters on OpenSSL < 1.1.0 * this is getting involved * given our compiler flags we can't have SSL_CTX_set_cookie_verify_cb
* OCSP bindings (#4449)Paul Kehrer2018-09-012-0/+97
| | | | | | | | | | | | | | | * add many OCSP bindings Much of OCSP was opaqued in 1.1.0 so this also adds a bunch of getters for older OpenSSL. However, 1.1.0 itself made it impossible to access certain fields in the opaque struct, so we're forced to de-opaque them for 1.1.0 through 1.1.0i as well as 1.1.1-pre1 through 1.1.1-pre9. There is a patch (openssl/openssl#7082) that fixes this and should be in 1.1.0j and 1.1.1-pre10 (or 1.1.1 final, whichever they choose to issue) * backslashes are sometimes useful * comments
* Simplify OCSP no check serialization (#4444)Alex Gaynor2018-08-311-0/+3
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-25 21:10:03 +0000