diff options
| -rw-r--r-- | src/_cffi_src/openssl/bio.py | 5 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 6 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/dsa.py | 5 | ||||
| -rw-r--r-- | tests/hazmat/backends/test_openssl.py | 2 |
4 files changed, 6 insertions, 12 deletions
diff --git a/src/_cffi_src/openssl/bio.py b/src/_cffi_src/openssl/bio.py index 7014891c..eb175a16 100644 --- a/src/_cffi_src/openssl/bio.py +++ b/src/_cffi_src/openssl/bio.py @@ -82,6 +82,7 @@ int BIO_read(BIO *, void *, int); int BIO_gets(BIO *, char *, int); int BIO_write(BIO *, const void *, int); int BIO_puts(BIO *, const char *); +int BIO_method_type(const BIO *); """ MACROS = """ @@ -131,10 +132,6 @@ long BIO_set_write_buffer_size(BIO *, long); long BIO_set_buffer_size(BIO *, long); long BIO_set_buffer_read_data(BIO *, void *, long); long BIO_set_nbio(BIO *, long); - -/* The following was a macro in 0.9.8e. Once we drop support for RHEL/CentOS 5 - we should move this back to FUNCTIONS. */ -int BIO_method_type(const BIO *); """ CUSTOMIZATIONS = """ diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 37621b14..72f5931a 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -273,8 +273,7 @@ class Backend(object): if (isinstance(mode, CTR) and isinstance(cipher, AES) and not self._evp_cipher_supported(cipher, mode)): # This is needed to provide support for AES CTR mode in OpenSSL - # 0.9.8. It can be removed when we drop 0.9.8 support (RHEL 5 - # extended life ends 2020). + # 1.0.0. It can be removed when we drop 1.0.0 support (RHEL 6.4). return _AESCTRCipherContext(self, cipher, mode) else: return _CipherContext(self, cipher, mode, _CipherContext._ENCRYPT) @@ -283,8 +282,7 @@ class Backend(object): if (isinstance(mode, CTR) and isinstance(cipher, AES) and not self._evp_cipher_supported(cipher, mode)): # This is needed to provide support for AES CTR mode in OpenSSL - # 0.9.8. It can be removed when we drop 0.9.8 support (RHEL 5 - # extended life ends 2020). + # 1.0.0. It can be removed when we drop 1.0.0 support (RHEL 6.4). return _AESCTRCipherContext(self, cipher, mode) else: return _CipherContext(self, cipher, mode, _CipherContext._DECRYPT) diff --git a/src/cryptography/hazmat/backends/openssl/dsa.py b/src/cryptography/hazmat/backends/openssl/dsa.py index 1608df04..20b5f408 100644 --- a/src/cryptography/hazmat/backends/openssl/dsa.py +++ b/src/cryptography/hazmat/backends/openssl/dsa.py @@ -17,9 +17,8 @@ def _truncate_digest_for_dsa(dsa_cdata, digest, backend): """ This function truncates digests that are longer than a given DS key's length so they can be signed. OpenSSL does this for us in - 1.0.0c+ and it isn't needed in 0.9.8, but that leaves us with three - releases (1.0.0, 1.0.0a, and 1.0.0b) where this is a problem. This - truncation is not required in 0.9.8 because DSA is limited to SHA-1. + 1.0.0c+, leaving us with three releases (1.0.0, 1.0.0a, and 1.0.0b) where + this is a problem. """ q = backend._ffi.new("BIGNUM **") diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index a85262dc..c0a56002 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -76,7 +76,7 @@ class TestOpenSSL(object): assert backend.cipher_supported(None, None) is False def test_aes_ctr_always_available(self): - # AES CTR should always be available in both 0.9.8 and 1.0.0+ + # AES CTR should always be available, even in 1.0.0. assert backend.cipher_supported(AES(b"\x00" * 16), CTR(b"\x00" * 16)) is True |