5 files changed, 21 insertions, 7 deletions

diff --git a/docs/installation.rst b/docs/installation.rst
index d1b6e69d..d7645cac 100644
--- a/docs/installation.rst
+++ b/docs/installation.rst
@@ -15,7 +15,7 @@ on these operating systems.
 
 * x86-64 CentOS 7.x, 6.4 and CentOS 5.x
 * x86-64 FreeBSD 9.2 and FreeBSD 10
-* OS X 10.9 Mavericks, 10.8 Mountain Lion, and 10.7 Lion
+* OS X 10.10 Yosemite, 10.9 Mavericks, 10.8 Mountain Lion, and 10.7 Lion
 * x86-64 Ubuntu 12.04 LTS
 * 32-bit Python on 64-bit Windows Server 2008
 * 64-bit Python on 64-bit Windows Server 2012
diff --git a/src/cryptography/hazmat/backends/openssl/dsa.py b/src/cryptography/hazmat/backends/openssl/dsa.py
index 4a47947f..9488e260 100644
--- a/src/cryptography/hazmat/backends/openssl/dsa.py
+++ b/src/cryptography/hazmat/backends/openssl/dsa.py
@@ -57,11 +57,7 @@ class _DSAVerificationContext(object):
             len(self._signature), self._public_key._dsa_cdata)
 
         if res != 1:
-            errors = self._backend._consume_errors()
-            assert errors
-            if res == -1:
-                assert errors[0].lib == self._backend._lib.ERR_LIB_ASN1
-
+            self._backend._consume_errors()
             raise InvalidSignature
 
 
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/cf.py b/src/cryptography/hazmat/bindings/commoncrypto/cf.py
index 6a6dbc4a..77d2d7cc 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/cf.py
+++ b/src/cryptography/hazmat/bindings/commoncrypto/cf.py
@@ -16,7 +16,7 @@ typedef uint32_t UInt32;
 
 typedef const void * CFAllocatorRef;
 const CFAllocatorRef kCFAllocatorDefault;
-typedef const void * CFDataRef;
+typedef ... *CFDataRef;
 typedef signed long long CFIndex;
 typedef ... *CFStringRef;
 typedef ... *CFArrayRef;
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/secimport.py b/src/cryptography/hazmat/bindings/commoncrypto/secimport.py
index 7ee535d8..41a799f9 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/secimport.py
+++ b/src/cryptography/hazmat/bindings/commoncrypto/secimport.py
@@ -75,6 +75,8 @@ OSStatus SecItemImport(CFDataRef, CFStringRef, SecExternalFormat *,
                        const SecItemImportExportKeyParameters *,
                        SecKeychainRef, CFArrayRef *);
 OSStatus SecPKCS12Import(CFDataRef, CFDictionaryRef, CFArrayRef *);
+OSStatus SecItemExport(CFTypeRef, SecExternalFormat, SecItemImportExportFlags,
+                       const SecItemImportExportKeyParameters *, CFDataRef *);
 """
 
 MACROS = """
diff --git a/src/cryptography/hazmat/bindings/openssl/ssl.py b/src/cryptography/hazmat/bindings/openssl/ssl.py
index 3d6fc425..1aed28d5 100644
--- a/src/cryptography/hazmat/bindings/openssl/ssl.py
+++ b/src/cryptography/hazmat/bindings/openssl/ssl.py
@@ -15,6 +15,7 @@ TYPES = """
  * Internally invented symbols to tell which versions of SSL/TLS are supported.
 */
 static const long Cryptography_HAS_SSL2;
+static const long Cryptography_HAS_SSL3_METHOD;
 static const long Cryptography_HAS_TLSv1_1;
 static const long Cryptography_HAS_TLSv1_2;
 static const long Cryptography_HAS_SECURE_RENEGOTIATION;
@@ -384,6 +385,15 @@ SSL_METHOD* (*SSLv2_server_method)(void) = NULL;
 static const long Cryptography_HAS_SSL2 = 1;
 #endif
 
+#ifdef OPENSSL_NO_SSL3_METHOD
+static const long Cryptography_HAS_SSL3_METHOD = 0;
+SSL_METHOD* (*SSLv3_method)(void) = NULL;
+SSL_METHOD* (*SSLv3_client_method)(void) = NULL;
+SSL_METHOD* (*SSLv3_server_method)(void) = NULL;
+#else
+static const long Cryptography_HAS_SSL3_METHOD = 1;
+#endif
+
 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
 static const long Cryptography_HAS_TLSEXT_HOSTNAME = 1;
 #else
@@ -554,6 +564,12 @@ CONDITIONAL_NAMES = {
         "SSLv2_server_method",
     ],
 
+    "Cryptography_HAS_SSL3_METHOD": [
+        "SSLv3_method",
+        "SSLv3_client_method",
+        "SSLv3_server_method",
+    ],
+
     "Cryptography_HAS_TLSEXT_HOSTNAME": [
         "SSL_set_tlsext_host_name",
         "SSL_get_servername",