diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2017-03-26 11:07:31 -0400 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-03-26 11:07:31 -0400 |
commit | 8d85b9564284a66aa28a0cbb759090b777698e43 (patch) | |
tree | 150f2e89467805934f9a0915fe11896b8dfd510c /src/_cffi_src/openssl/x509_vfy.py | |
parent | 9ef1d6fe96b897207739cd75ff283a0f061fd5a0 (diff) | |
download | cryptography-8d85b9564284a66aa28a0cbb759090b777698e43.tar.gz cryptography-8d85b9564284a66aa28a0cbb759090b777698e43.tar.bz2 cryptography-8d85b9564284a66aa28a0cbb759090b777698e43.zip |
Attempt to simplify the libressl checing (#3482)
* Attempt to simplify the libressl checing
* SHENANGINS
* Attempted fix
* More simplification
Diffstat (limited to 'src/_cffi_src/openssl/x509_vfy.py')
-rw-r--r-- | src/_cffi_src/openssl/x509_vfy.py | 19 |
1 files changed, 7 insertions, 12 deletions
diff --git a/src/_cffi_src/openssl/x509_vfy.py b/src/_cffi_src/openssl/x509_vfy.py index 4a4b13a1..72691977 100644 --- a/src/_cffi_src/openssl/x509_vfy.py +++ b/src/_cffi_src/openssl/x509_vfy.py @@ -212,12 +212,14 @@ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *); """ CUSTOMIZATIONS = """ -/* OpenSSL 1.0.2beta2+ verification error codes */ -#if CRYPTOGRAPHY_OPENSSL_102BETA2_OR_GREATER && \ - !defined(LIBRESSL_VERSION_NUMBER) +/* OpenSSL 1.0.2beta2+ verification parameters and error codes */ +#if CRYPTOGRAPHY_OPENSSL_102BETA2_OR_GREATER static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 1; +static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 1; #else static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 0; +static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 0; + static const long X509_V_ERR_SUITE_B_INVALID_VERSION = 0; static const long X509_V_ERR_SUITE_B_INVALID_ALGORITHM = 0; static const long X509_V_ERR_SUITE_B_INVALID_CURVE = 0; @@ -227,14 +229,7 @@ static const long X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 = 0; static const long X509_V_ERR_HOSTNAME_MISMATCH = 0; static const long X509_V_ERR_EMAIL_MISMATCH = 0; static const long X509_V_ERR_IP_ADDRESS_MISMATCH = 0; -#endif -/* OpenSSL 1.0.2beta2+ verification parameters */ -#if CRYPTOGRAPHY_OPENSSL_102BETA2_OR_GREATER && \ - !defined(LIBRESSL_VERSION_NUMBER) -static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 1; -#else -static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 0; /* X509_V_FLAG_TRUSTED_FIRST is also new in 1.0.2+, but it is added separately below because it shows up in some earlier 3rd party OpenSSL packages. */ static const long X509_V_FLAG_SUITEB_128_LOS_ONLY = 0; @@ -268,7 +263,7 @@ static const long Cryptography_HAS_X509_V_FLAG_TRUSTED_FIRST = 0; static const long X509_V_FLAG_TRUSTED_FIRST = 0; #endif -#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE6 || defined(LIBRESSL_VERSION_NUMBER) +#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE6 Cryptography_STACK_OF_X509_OBJECT *X509_STORE_get0_objects(X509_STORE *ctx) { return ctx->objs; } @@ -280,7 +275,7 @@ int X509_OBJECT_get_type(const X509_OBJECT *x) { } #endif -#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 || defined(LIBRESSL_VERSION_NUMBER) +#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 /* from x509/x509_vfy.c */ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx) { |