15 files changed, 96 insertions, 54 deletions
diff --git a/src/_cffi_src/build_openssl.py b/src/_cffi_src/build_openssl.py
index 14ba5b35..3dcece58 100644
--- a/src/_cffi_src/build_openssl.py
+++ b/src/_cffi_src/build_openssl.py
@@ -37,25 +37,13 @@ def _osx_libraries(build_static):
         return ["ssl", "crypto"]
 
 
-_PRE_INCLUDE = """
-#include <openssl/opensslv.h>
-/*
-    LibreSSL removed e_os2.h from the public headers so we'll only include it
-    if we're using vanilla OpenSSL.
-*/
-#if !defined(LIBRESSL_VERSION_NUMBER)
-#include <openssl/e_os2.h>
-#endif
-#if defined(_WIN32)
-#include <windows.h>
-#endif
-"""
-
-
 ffi = build_ffi_for_binding(
     module_name="_openssl",
     module_prefix="_cffi_src.openssl.",
     modules=[
+        # This goes first so we can define some cryptography-wide symbols.
+        "cryptography",
+
         "aes",
         "asn1",
         "bignum",
@@ -88,7 +76,6 @@ ffi = build_ffi_for_binding(
         "pkcs7",
         "callbacks",
     ],
-    pre_include=_PRE_INCLUDE,
     libraries=_get_openssl_libraries(sys.platform),
     extra_link_args=extra_link_args(compiler_type()),
 )
diff --git a/src/_cffi_src/openssl/aes.py b/src/_cffi_src/openssl/aes.py
index 0841ea78..c54b636a 100644
--- a/src/_cffi_src/openssl/aes.py
+++ b/src/_cffi_src/openssl/aes.py
@@ -38,7 +38,7 @@ void AES_ctr128_encrypt(const unsigned char *, unsigned char *,
 
 CUSTOMIZATIONS = """
 static const long Cryptography_HAS_AES_WRAP = 1;
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_110_OR_GREATER && !defined(LIBRESSL_VERSION_NUMBER)
 static const int Cryptography_HAS_AES_CTR128_ENCRYPT = 0;
 void (*AES_ctr128_encrypt)(const unsigned char *, unsigned char *,
                            size_t, const AES_KEY *,
diff --git a/src/_cffi_src/openssl/cmac.py b/src/_cffi_src/openssl/cmac.py
index f4a36866..24aa4b31 100644
--- a/src/_cffi_src/openssl/cmac.py
+++ b/src/_cffi_src/openssl/cmac.py
@@ -5,7 +5,7 @@
 from __future__ import absolute_import, division, print_function
 
 INCLUDES = """
-#if OPENSSL_VERSION_NUMBER >= 0x10001000L
+#if CRYPTOGRAPHY_OPENSSL_101_OR_GREATER
 #include <openssl/cmac.h>
 #endif
 """
@@ -28,8 +28,9 @@ void CMAC_CTX_free(CMAC_CTX *);
 """
 
 CUSTOMIZATIONS = """
-#if OPENSSL_VERSION_NUMBER < 0x10001000L
-
+#if CRYPTOGRAPHY_OPENSSL_101_OR_GREATER
+static const long Cryptography_HAS_CMAC = 1;
+#else
 static const long Cryptography_HAS_CMAC = 0;
 typedef void CMAC_CTX;
 CMAC_CTX *(*CMAC_CTX_new)(void) = NULL;
@@ -39,7 +40,5 @@ int (*CMAC_Update)(CMAC_CTX *, const void *, size_t) = NULL;
 int (*CMAC_Final)(CMAC_CTX *, unsigned char *, size_t *) = NULL;
 int (*CMAC_CTX_copy)(CMAC_CTX *, const CMAC_CTX *) = NULL;
 void (*CMAC_CTX_free)(CMAC_CTX *) = NULL;
-#else
-static const long Cryptography_HAS_CMAC = 1;
 #endif
 """
diff --git a/src/_cffi_src/openssl/cryptography.py b/src/_cffi_src/openssl/cryptography.py
new file mode 100644
index 00000000..c3b0a1dc
--- /dev/null
+++ b/src/_cffi_src/openssl/cryptography.py
@@ -0,0 +1,54 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import absolute_import, division, print_function
+
+INCLUDES = """
+#include <openssl/opensslv.h>
+/*
+    LibreSSL removed e_os2.h from the public headers so we'll only include it
+    if we're using vanilla OpenSSL.
+*/
+#if !defined(LIBRESSL_VERSION_NUMBER)
+#include <openssl/e_os2.h>
+#endif
+#if defined(_WIN32)
+#include <windows.h>
+#endif
+
+#define CRYPTOGRAPHY_OPENSSL_101_OR_GREATER \
+    (OPENSSL_VERSION_NUMBER >= 0x10001000)
+#define CRYPTOGRAPHY_OPENSSL_102_OR_GREATER \
+    (OPENSSL_VERSION_NUMBER >= 0x10002000)
+#define CRYPTOGRAPHY_OPENSSL_102BETA2_OR_GREATER \
+    (OPENSSL_VERSION_NUMBER >= 0x10002002)
+#define CRYPTOGRAPHY_OPENSSL_110_OR_GREATER \
+    (OPENSSL_VERSION_NUMBER >= 0x10100000)
+
+#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_101 \
+    (OPENSSL_VERSION_NUMBER < 0x10001000)
+#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 \
+    (OPENSSL_VERSION_NUMBER < 0x10002000)
+#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_102BETA3 \
+    (OPENSSL_VERSION_NUMBER < 0x10002003)
+#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 \
+    (OPENSSL_VERSION_NUMBER < 0x10100000)
+#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 \
+    (OPENSSL_VERSION_NUMBER < 0x10100005)
+"""
+
+TYPES = """
+static const int CRYPTOGRAPHY_OPENSSL_101_OR_GREATER;
+
+static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_101;
+"""
+
+FUNCTIONS = """
+"""
+
+MACROS = """
+"""
+
+CUSTOMIZATIONS = """
+"""
diff --git a/src/_cffi_src/openssl/dh.py b/src/_cffi_src/openssl/dh.py
index ab0f3969..488b05b7 100644
--- a/src/_cffi_src/openssl/dh.py
+++ b/src/_cffi_src/openssl/dh.py
@@ -41,7 +41,7 @@ int DH_generate_parameters_ex(DH *, int, int, BN_GENCB *);
 
 CUSTOMIZATIONS = """
 /* These functions were added in OpenSSL 1.1.0-pre5 (beta2) */
-#if OPENSSL_VERSION_NUMBER < 0x10100005 || defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 || defined(LIBRESSL_VERSION_NUMBER)
 void DH_get0_pqg(const DH *dh,
                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
 {
diff --git a/src/_cffi_src/openssl/dsa.py b/src/_cffi_src/openssl/dsa.py
index c9f33778..5970e2fd 100644
--- a/src/_cffi_src/openssl/dsa.py
+++ b/src/_cffi_src/openssl/dsa.py
@@ -38,7 +38,7 @@ int DSA_generate_parameters_ex(DSA *, int, unsigned char *, int,
 
 CUSTOMIZATIONS = """
 /* These functions were added in OpenSSL 1.1.0-pre5 (beta2) */
-#if OPENSSL_VERSION_NUMBER < 0x10100005 || defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 || defined(LIBRESSL_VERSION_NUMBER)
 void DSA_get0_pqg(const DSA *d,
                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
 {
diff --git a/src/_cffi_src/openssl/ec.py b/src/_cffi_src/openssl/ec.py
index 91603096..0853a723 100644
--- a/src/_cffi_src/openssl/ec.py
+++ b/src/_cffi_src/openssl/ec.py
@@ -331,7 +331,7 @@ int (*EC_METHOD_get_field_type)(const EC_METHOD *) = NULL;
 static const long Cryptography_HAS_EC = 1;
 #endif
 
-#if defined(OPENSSL_NO_EC) || OPENSSL_VERSION_NUMBER < 0x1000100f
+#if defined(OPENSSL_NO_EC) || CRYPTOGRAPHY_OPENSSL_LESS_THAN_101
 static const long Cryptography_HAS_EC_1_0_1 = 0;
 
 int (*EC_KEY_get_flags)(const EC_KEY *) = NULL;
@@ -371,7 +371,7 @@ EC_GROUP *(*EC_GROUP_new_curve_GF2m)(
 static const long Cryptography_HAS_EC2M = 1;
 #endif
 
-#if defined(OPENSSL_NO_EC) || OPENSSL_VERSION_NUMBER < 0x1000200f || \
+#if defined(OPENSSL_NO_EC) || CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 || \
     defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20020002L
 static const long Cryptography_HAS_EC_1_0_2 = 0;
 const char *(*EC_curve_nid2nist)(int) = NULL;
diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py
index a768e423..20e115be 100644
--- a/src/_cffi_src/openssl/evp.py
+++ b/src/_cffi_src/openssl/evp.py
@@ -187,14 +187,14 @@ int Cryptography_EVP_PKEY_id(const EVP_PKEY *key) {
 }
 
 EVP_MD_CTX *Cryptography_EVP_MD_CTX_new(void) {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 || defined(LIBRESSL_VERSION_NUMBER)
     return EVP_MD_CTX_create();
 #else
     return EVP_MD_CTX_new();
 #endif
 }
 void Cryptography_EVP_MD_CTX_free(EVP_MD_CTX *ctx) {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 || defined(LIBRESSL_VERSION_NUMBER)
     EVP_MD_CTX_destroy(ctx);
 #else
     EVP_MD_CTX_free(ctx);
diff --git a/src/_cffi_src/openssl/hmac.py b/src/_cffi_src/openssl/hmac.py
index 8b853042..daedd328 100644
--- a/src/_cffi_src/openssl/hmac.py
+++ b/src/_cffi_src/openssl/hmac.py
@@ -27,7 +27,7 @@ MACROS = """
 
 CUSTOMIZATIONS = """
 HMAC_CTX *Cryptography_HMAC_CTX_new(void) {
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_110_OR_GREATER && !defined(LIBRESSL_VERSION_NUMBER)
     return HMAC_CTX_new();
 #else
     /* This uses OPENSSL_zalloc in 1.1.0, which is malloc + memset */
@@ -39,7 +39,7 @@ HMAC_CTX *Cryptography_HMAC_CTX_new(void) {
 
 
 void Cryptography_HMAC_CTX_free(HMAC_CTX *ctx) {
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_110_OR_GREATER && !defined(LIBRESSL_VERSION_NUMBER)
     return HMAC_CTX_free(ctx);
 #else
     if (ctx != NULL) {
diff --git a/src/_cffi_src/openssl/rand.py b/src/_cffi_src/openssl/rand.py
index 73226ee0..f4a143e8 100644
--- a/src/_cffi_src/openssl/rand.py
+++ b/src/_cffi_src/openssl/rand.py
@@ -33,7 +33,7 @@ int RAND_query_egd_bytes(const char *, unsigned char *, int);
 """
 
 CUSTOMIZATIONS = """
-#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if defined(LIBRESSL_VERSION_NUMBER) || CRYPTOGRAPHY_OPENSSL_110_OR_GREATER
 static const long Cryptography_HAS_EGD = 0;
 int (*RAND_egd)(const char *) = NULL;
 int (*RAND_egd_bytes)(const char *, int) = NULL;
diff --git a/src/_cffi_src/openssl/rsa.py b/src/_cffi_src/openssl/rsa.py
index 45e5379f..e920cf2d 100644
--- a/src/_cffi_src/openssl/rsa.py
+++ b/src/_cffi_src/openssl/rsa.py
@@ -73,7 +73,7 @@ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *, EVP_MD *);
 CUSTOMIZATIONS = """
 static const long Cryptography_HAS_PSS_PADDING = 1;
 
-#if OPENSSL_VERSION_NUMBER >= 0x1000100f
+#if CRYPTOGRAPHY_OPENSSL_101_OR_GREATER
 static const long Cryptography_HAS_MGF1_MD = 1;
 #else
 static const long Cryptography_HAS_MGF1_MD = 0;
@@ -87,7 +87,7 @@ int (*EVP_PKEY_CTX_set_rsa_oaep_md)(EVP_PKEY_CTX *, EVP_MD *) = NULL;
 #endif
 
 /* These functions were added in OpenSSL 1.1.0-pre5 (beta2) */
-#if OPENSSL_VERSION_NUMBER < 0x10100005 || defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 || defined(LIBRESSL_VERSION_NUMBER)
 int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
 {
     /* If the fields n and e in r are NULL, the corresponding input
diff --git a/src/_cffi_src/openssl/ssl.py b/src/_cffi_src/openssl/ssl.py
index 922c909e..0b81f15d 100644
--- a/src/_cffi_src/openssl/ssl.py
+++ b/src/_cffi_src/openssl/ssl.py
@@ -451,7 +451,7 @@ long SSL_CTX_sess_cache_full(SSL_CTX *);
 CUSTOMIZATIONS = """
 /* Added in 1.0.1 but we need it in all versions now due to the great
    opaquing. */
-#if OPENSSL_VERSION_NUMBER < 0x1000100fL
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_101
 /* from ssl.h */
 #define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
 #define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
@@ -470,17 +470,19 @@ int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
     return 1;
 }
 #endif
+
 /* Added in 1.0.2 but we need it in all versions now due to the great
    opaquing. */
-#if OPENSSL_VERSION_NUMBER < 0x10002001L || defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 || defined(LIBRESSL_VERSION_NUMBER)
 /* from ssl/ssl_lib.c */
 const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx) {
     return ctx->method;
 }
 #endif
+
 /* Added in 1.1.0 in the great opaquing, but we need to define it for older
    OpenSSLs. Such is our burden. */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 || defined(LIBRESSL_VERSION_NUMBER)
 /* from ssl/ssl_lib.c */
 size_t SSL_get_client_random(const SSL *ssl, unsigned char *out, size_t outlen)
 {
@@ -619,7 +621,7 @@ static const long Cryptography_HAS_NETBSD_D1_METH = 1;
  * addition to a definition check. NPN was added in 1.0.1: for any version
  * before that, there is no compatibility.
  */
-#if defined(OPENSSL_NO_NEXTPROTONEG) || OPENSSL_VERSION_NUMBER < 0x1000100fL
+#if defined(OPENSSL_NO_NEXTPROTONEG) || CRYPTOGRAPHY_OPENSSL_LESS_THAN_101
 static const long Cryptography_HAS_NEXTPROTONEG = 0;
 void (*SSL_CTX_set_next_protos_advertised_cb)(SSL_CTX *,
                                               int (*)(SSL *,
@@ -646,7 +648,7 @@ static const long Cryptography_HAS_NEXTPROTONEG = 1;
 #endif
 
 /* ALPN was added in OpenSSL 1.0.2. */
-#if OPENSSL_VERSION_NUMBER < 0x10002001L && !defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 && !defined(LIBRESSL_VERSION_NUMBER)
 int (*SSL_CTX_set_alpn_protos)(SSL_CTX *,
                                const unsigned char *,
                                unsigned) = NULL;
@@ -668,7 +670,7 @@ static const long Cryptography_HAS_ALPN = 1;
 #endif
 
 /* SSL_CTX_set_cert_cb was added in OpenSSL 1.0.2. */
-#if OPENSSL_VERSION_NUMBER < 0x10002001L || defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 || defined(LIBRESSL_VERSION_NUMBER)
 void (*SSL_CTX_set_cert_cb)(SSL_CTX *, int (*)(SSL *, void *), void *) = NULL;
 void (*SSL_set_cert_cb)(SSL *, int (*)(SSL *, void *), void *) = NULL;
 static const long Cryptography_HAS_SET_CERT_CB = 0;
@@ -697,7 +699,7 @@ static const long Cryptography_HAS_SSL_CTX_CLEAR_OPTIONS = 1;
 
 /* in OpenSSL 1.1.0 the SSL_ST values were renamed to TLS_ST and several were
    removed */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 || defined(LIBRESSL_VERSION_NUMBER)
 static const long Cryptography_HAS_SSL_ST = 1;
 #else
 static const long Cryptography_HAS_SSL_ST = 0;
@@ -706,7 +708,7 @@ static const long SSL_ST_OK = 0;
 static const long SSL_ST_INIT = 0;
 static const long SSL_ST_RENEGOTIATE = 0;
 #endif
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_110_OR_GREATER && !defined(LIBRESSL_VERSION_NUMBER)
 static const long Cryptography_HAS_TLS_ST = 1;
 #else
 static const long Cryptography_HAS_TLS_ST = 0;
diff --git a/src/_cffi_src/openssl/x509.py b/src/_cffi_src/openssl/x509.py
index 8ab950fb..673250b1 100644
--- a/src/_cffi_src/openssl/x509.py
+++ b/src/_cffi_src/openssl/x509.py
@@ -350,7 +350,7 @@ void X509_REQ_get0_signature(ASN1_BIT_STRING **, X509_ALGOR **, X509_REQ *);
 CUSTOMIZATIONS = """
 /* Added in 1.0.2 beta but we need it in all versions now due to the great
    opaquing. */
-#if OPENSSL_VERSION_NUMBER < 0x10002001L || defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 || defined(LIBRESSL_VERSION_NUMBER)
 /* from x509/x_x509.c version 1.0.2 */
 void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
                          const X509 *x)
@@ -367,9 +367,10 @@ int X509_get_signature_nid(const X509 *x)
 }
 
 #endif
-/* Added in 1.0.2 but we need it in all versions now due to the great
+
+/* Added in 1.0.2beta3 but we need it in all versions now due to the great
    opaquing. */
-#if OPENSSL_VERSION_NUMBER < 0x10002003L || defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102BETA3 || defined(LIBRESSL_VERSION_NUMBER)
 /* from x509/x_x509.c */
 int i2d_re_X509_tbs(X509 *x, unsigned char **pp)
 {
@@ -405,7 +406,7 @@ X509_REVOKED *Cryptography_X509_REVOKED_dup(X509_REVOKED *rev) {
 
 /* Added in 1.1.0 but we need it in all versions now due to the great
    opaquing. */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 || defined(LIBRESSL_VERSION_NUMBER)
 
 X509_ALGOR *X509_get0_tbs_sigalg(X509 *x)
 {
diff --git a/src/_cffi_src/openssl/x509_vfy.py b/src/_cffi_src/openssl/x509_vfy.py
index 4e389b36..7821d194 100644
--- a/src/_cffi_src/openssl/x509_vfy.py
+++ b/src/_cffi_src/openssl/x509_vfy.py
@@ -195,8 +195,9 @@ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *, const char *);
 """
 
 CUSTOMIZATIONS = """
-/* OpenSSL 1.0.2+ verification error codes */
-#if OPENSSL_VERSION_NUMBER >= 0x10002002L && !defined(LIBRESSL_VERSION_NUMBER)
+/* OpenSSL 1.0.2beta2+ verification error codes */
+#if CRYPTOGRAPHY_OPENSSL_102BETA2_OR_GREATER && \
+    !defined(LIBRESSL_VERSION_NUMBER)
 static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 1;
 #else
 static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 0;
@@ -211,8 +212,9 @@ static const long X509_V_ERR_EMAIL_MISMATCH = 0;
 static const long X509_V_ERR_IP_ADDRESS_MISMATCH = 0;
 #endif
 
-/* OpenSSL 1.0.2+ verification parameters */
-#if OPENSSL_VERSION_NUMBER >= 0x10002002L && !defined(LIBRESSL_VERSION_NUMBER)
+/* OpenSSL 1.0.2beta2+ verification parameters */
+#if CRYPTOGRAPHY_OPENSSL_102BETA2_OR_GREATER && \
+    !defined(LIBRESSL_VERSION_NUMBER)
 static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 1;
 #else
 static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 0;
diff --git a/src/_cffi_src/utils.py b/src/_cffi_src/utils.py
index bdce2f3b..00c8badb 100644
--- a/src/_cffi_src/utils.py
+++ b/src/_cffi_src/utils.py
@@ -11,9 +11,8 @@ from distutils.dist import Distribution
 from cffi import FFI
 
 
-def build_ffi_for_binding(module_name, module_prefix, modules, pre_include="",
-                          post_include="", libraries=[], extra_compile_args=[],
-                          extra_link_args=[]):
+def build_ffi_for_binding(module_name, module_prefix, modules, libraries=[],
+                          extra_compile_args=[], extra_link_args=[]):
     """
     Modules listed in ``modules`` should have the following attributes:
 
@@ -49,9 +48,7 @@ def build_ffi_for_binding(module_name, module_prefix, modules, pre_include="",
     #   int foo(int);
     #   int foo(short);
     verify_source = "\n".join(
-        [pre_include] +
         includes +
-        [post_include] +
         functions +
         customizations
     )