fix libressl error/refactor some error handling (#3609)

* add libre so I can see the error

* add the libre error needed and refactor error handling a bit

We were historically matching on lib + func + reason, but func is
somewhat unstable so now we match on lib + reason only. Of course, in
this case libressl changed both lib and reason so it wouldn't
have mattered. All error handling from the error queue in
openssl is an illusion

* fix a typo, probably an unneeded branch

* review feedback

* refactor tests to support libressl

insert additional rant about libre here, although admittedly these tests
were assuming stability where openssl itself guarantees none

* better assert, fix flake8

1 files changed, 5 insertions, 5 deletions

diff --git a/src/cryptography/hazmat/backends/openssl/dh.py b/src/cryptography/hazmat/backends/openssl/dh.py
index 88c876fc..456e9bea 100644
--- a/src/cryptography/hazmat/backends/openssl/dh.py
+++ b/src/cryptography/hazmat/backends/openssl/dh.py
@@ -63,11 +63,11 @@ class _DHParameters(object):
 def _handle_dh_compute_key_error(errors, backend):
     lib = backend._lib
 
-    backend.openssl_assert(errors[0][1:] == (
-        lib.ERR_LIB_DH,
-        lib.DH_F_COMPUTE_KEY,
-        lib.DH_R_INVALID_PUBKEY
-    ))
+    backend.openssl_assert(
+        errors[0]._lib_reason_match(
+            lib.ERR_LIB_DH, lib.DH_R_INVALID_PUBKEY
+        )
+    )
 
     raise ValueError("Public key value is invalid for this exchange.")