diff options
| author | Alex Stapleton <alexs@prol.etari.at> | 2014-08-19 20:23:50 +0100 |
|---|---|---|
| committer | Alex Stapleton <alexs@prol.etari.at> | 2014-08-19 20:23:50 +0100 |
| commit | 3f512f733c6a48d6e508428d55ab2b02ef5615ea (patch) | |
| tree | 42ece4546d9108977051d18e2b48c2ec96570070 | |
| parent | 32df651fb8205711fafae360342f7d5103c072fa (diff) | |
| parent | 68c0a0cfb87f69d205e1e9b563aadb41aae36b2b (diff) | |
| download | cryptography-3f512f733c6a48d6e508428d55ab2b02ef5615ea.tar.gz cryptography-3f512f733c6a48d6e508428d55ab2b02ef5615ea.tar.bz2 cryptography-3f512f733c6a48d6e508428d55ab2b02ef5615ea.zip | |
Merge pull request #1304 from reaperhulk/fix-partial-chain-declaration
conditionally declare X509_V_FLAG_PARTIAL_CHAIN
| -rw-r--r-- | cryptography/hazmat/bindings/openssl/x509_vfy.py | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/cryptography/hazmat/bindings/openssl/x509_vfy.py b/cryptography/hazmat/bindings/openssl/x509_vfy.py index 3efc0f11..601926c9 100644 --- a/cryptography/hazmat/bindings/openssl/x509_vfy.py +++ b/cryptography/hazmat/bindings/openssl/x509_vfy.py @@ -30,6 +30,7 @@ TYPES = """ static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES; static const long Cryptography_HAS_102_VERIFICATION_PARAMS; static const long Cryptography_HAS_X509_V_FLAG_TRUSTED_FIRST; +static const long Cryptography_HAS_X509_V_FLAG_PARTIAL_CHAIN; static const long Cryptography_HAS_100_VERIFICATION_ERROR_CODES; static const long Cryptography_HAS_100_VERIFICATION_PARAMS; static const long Cryptography_HAS_X509_V_FLAG_CHECK_SS_SIGNATURE; @@ -222,7 +223,6 @@ static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 0; static const long X509_V_FLAG_SUITEB_128_LOS_ONLY = 0; static const long X509_V_FLAG_SUITEB_192_LOS = 0; static const long X509_V_FLAG_SUITEB_128_LOS = 0; -static const long X509_V_FLAG_PARTIAL_CHAIN = 0; int (*X509_VERIFY_PARAM_set1_host)(X509_VERIFY_PARAM *, const char *, size_t) = NULL; @@ -235,6 +235,14 @@ void (*X509_VERIFY_PARAM_set_hostflags)(X509_VERIFY_PARAM *, unsigned int) = NULL; #endif +/* OpenSSL 1.0.2+ or Solaris's backport */ +#ifdef X509_V_FLAG_PARTIAL_CHAIN +static const long Cryptography_HAS_X509_V_FLAG_PARTIAL_CHAIN = 1; +#else +static const long Cryptography_HAS_X509_V_FLAG_PARTIAL_CHAIN = 0; +static const long X509_V_FLAG_PARTIAL_CHAIN = 0; +#endif + /* OpenSSL 1.0.2+, *or* Fedora 20's flavor of OpenSSL 1.0.1e... */ #ifdef X509_V_FLAG_TRUSTED_FIRST static const long Cryptography_HAS_X509_V_FLAG_TRUSTED_FIRST = 1; @@ -293,8 +301,6 @@ CONDITIONAL_NAMES = { "X509_V_FLAG_SUITEB_128_LOS_ONLY", "X509_V_FLAG_SUITEB_192_LOS", "X509_V_FLAG_SUITEB_128_LOS", - "X509_V_FLAG_PARTIAL_CHAIN", - "X509_VERIFY_PARAM_set1_host", "X509_VERIFY_PARAM_set1_email", "X509_VERIFY_PARAM_set1_ip", @@ -304,6 +310,9 @@ CONDITIONAL_NAMES = { "Cryptography_HAS_X509_V_FLAG_TRUSTED_FIRST": [ "X509_V_FLAG_TRUSTED_FIRST", ], + "Cryptography_HAS_X509_V_FLAG_PARTIAL_CHAIN": [ + "X509_V_FLAG_PARTIAL_CHAIN", + ], "Cryptography_HAS_100_VERIFICATION_ERROR_CODES": [ 'X509_V_ERR_DIFFERENT_CRL_SCOPE', 'X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE', |