From caad666d34835265b9ebf9bb57d0ef53691c6388 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Mon, 26 Jun 2017 15:07:25 -1000
Subject: bind DTLS 1.2 methods (#3725)

* bind DTLS 1.2 methods

* remove version specific dtls bindings, rename sentinel value
---
 src/_cffi_src/openssl/ssl.py                             | 15 +++++++++++++++
 src/cryptography/hazmat/bindings/openssl/_conditional.py |  5 +++++
 2 files changed, 20 insertions(+)

diff --git a/src/_cffi_src/openssl/ssl.py b/src/_cffi_src/openssl/ssl.py
index 48a8278c..99d67bb1 100644
--- a/src/_cffi_src/openssl/ssl.py
+++ b/src/_cffi_src/openssl/ssl.py
@@ -26,6 +26,7 @@ static const long Cryptography_HAS_GET_SERVER_TMP_KEY;
 static const long Cryptography_HAS_SSL_CTX_SET_CLIENT_CERT_ENGINE;
 static const long Cryptography_HAS_SSL_CTX_CLEAR_OPTIONS;
 static const long Cryptography_HAS_DTLS;
+static const long Cryptography_HAS_GENERIC_DTLS_METHOD;
 
 /* Internally invented symbol to tell us if SNI is supported */
 static const long Cryptography_HAS_TLSEXT_HOSTNAME;
@@ -331,6 +332,11 @@ const SSL_METHOD *DTLSv1_method(void);
 const SSL_METHOD *DTLSv1_server_method(void);
 const SSL_METHOD *DTLSv1_client_method(void);
 
+/* Added in 1.0.2 */
+const SSL_METHOD *DTLS_method(void);
+const SSL_METHOD *DTLS_server_method(void);
+const SSL_METHOD *DTLS_client_method(void);
+
 const SSL_METHOD *SSLv23_method(void);
 const SSL_METHOD *SSLv23_server_method(void);
 const SSL_METHOD *SSLv23_client_method(void);
@@ -590,6 +596,15 @@ static const long TLS_ST_BEFORE = 0;
 static const long TLS_ST_OK = 0;
 #endif
 
+#if defined(OPENSSL_NO_DTLS) || CRYPTOGRAPHY_OPENSSL_LESS_THAN_102
+static const long Cryptography_HAS_GENERIC_DTLS_METHOD = 0;
+const SSL_METHOD *(*DTLS_method)(void) = NULL;
+const SSL_METHOD *(*DTLS_server_method)(void) = NULL;
+const SSL_METHOD *(*DTLS_client_method)(void) = NULL;
+#else
+static const long Cryptography_HAS_GENERIC_DTLS_METHOD = 1;
+#endif
+
 #ifndef OPENSSL_NO_DTLS
 static const long Cryptography_HAS_DTLS = 1;
 /* Wrap DTLSv1_get_timeout to avoid cffi to handle a 'struct timeval'. */
diff --git a/src/cryptography/hazmat/bindings/openssl/_conditional.py b/src/cryptography/hazmat/bindings/openssl/_conditional.py
index 10c94d76..de9cac82 100644
--- a/src/cryptography/hazmat/bindings/openssl/_conditional.py
+++ b/src/cryptography/hazmat/bindings/openssl/_conditional.py
@@ -150,6 +150,11 @@ CONDITIONAL_NAMES = {
         "Cryptography_DTLSv1_get_timeout",
         "DTLSv1_handle_timeout",
     ],
+    "Cryptography_HAS_GENERIC_DTLS_METHOD": [
+        "DTLS_method",
+        "DTLS_server_method",
+        "DTLS_client_method",
+    ],
     "Cryptography_HAS_EVP_PKEY_DHX": [
         "EVP_PKEY_DHX",
         "Cryptography_d2i_DHxparams_bio",
-- 
cgit v1.2.3