diff options
Diffstat (limited to 'cryptography/hazmat/bindings/openssl/x509_vfy.py')
| -rw-r--r-- | cryptography/hazmat/bindings/openssl/x509_vfy.py | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/cryptography/hazmat/bindings/openssl/x509_vfy.py b/cryptography/hazmat/bindings/openssl/x509_vfy.py index 3efc0f11..601926c9 100644 --- a/cryptography/hazmat/bindings/openssl/x509_vfy.py +++ b/cryptography/hazmat/bindings/openssl/x509_vfy.py @@ -30,6 +30,7 @@ TYPES = """ static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES; static const long Cryptography_HAS_102_VERIFICATION_PARAMS; static const long Cryptography_HAS_X509_V_FLAG_TRUSTED_FIRST; +static const long Cryptography_HAS_X509_V_FLAG_PARTIAL_CHAIN; static const long Cryptography_HAS_100_VERIFICATION_ERROR_CODES; static const long Cryptography_HAS_100_VERIFICATION_PARAMS; static const long Cryptography_HAS_X509_V_FLAG_CHECK_SS_SIGNATURE; @@ -222,7 +223,6 @@ static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 0; static const long X509_V_FLAG_SUITEB_128_LOS_ONLY = 0; static const long X509_V_FLAG_SUITEB_192_LOS = 0; static const long X509_V_FLAG_SUITEB_128_LOS = 0; -static const long X509_V_FLAG_PARTIAL_CHAIN = 0; int (*X509_VERIFY_PARAM_set1_host)(X509_VERIFY_PARAM *, const char *, size_t) = NULL; @@ -235,6 +235,14 @@ void (*X509_VERIFY_PARAM_set_hostflags)(X509_VERIFY_PARAM *, unsigned int) = NULL; #endif +/* OpenSSL 1.0.2+ or Solaris's backport */ +#ifdef X509_V_FLAG_PARTIAL_CHAIN +static const long Cryptography_HAS_X509_V_FLAG_PARTIAL_CHAIN = 1; +#else +static const long Cryptography_HAS_X509_V_FLAG_PARTIAL_CHAIN = 0; +static const long X509_V_FLAG_PARTIAL_CHAIN = 0; +#endif + /* OpenSSL 1.0.2+, *or* Fedora 20's flavor of OpenSSL 1.0.1e... */ #ifdef X509_V_FLAG_TRUSTED_FIRST static const long Cryptography_HAS_X509_V_FLAG_TRUSTED_FIRST = 1; @@ -293,8 +301,6 @@ CONDITIONAL_NAMES = { "X509_V_FLAG_SUITEB_128_LOS_ONLY", "X509_V_FLAG_SUITEB_192_LOS", "X509_V_FLAG_SUITEB_128_LOS", - "X509_V_FLAG_PARTIAL_CHAIN", - "X509_VERIFY_PARAM_set1_host", "X509_VERIFY_PARAM_set1_email", "X509_VERIFY_PARAM_set1_ip", @@ -304,6 +310,9 @@ CONDITIONAL_NAMES = { "Cryptography_HAS_X509_V_FLAG_TRUSTED_FIRST": [ "X509_V_FLAG_TRUSTED_FIRST", ], + "Cryptography_HAS_X509_V_FLAG_PARTIAL_CHAIN": [ + "X509_V_FLAG_PARTIAL_CHAIN", + ], "Cryptography_HAS_100_VERIFICATION_ERROR_CODES": [ 'X509_V_ERR_DIFFERENT_CRL_SCOPE', 'X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE', |