aboutsummaryrefslogtreecommitdiffstats
path: root/src/_cffi_src/openssl/ssl.py
Commit message (Collapse)AuthorAgeFilesLines
* Fix some callback type signatures. (#4227)David Benjamin2018-05-121-3/+3
| | | | | | | | | | | | | | | | * Fix some callback type signatures. SSL_CTX_set_psk_server_callback: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_psk_server_callback.html https://github.com/openssl/openssl/blob/OpenSSL_1_0_2/ssl/ssl.h#L1355 https://github.com/openssl/openssl/blob/OpenSSL_1_1_0/include/openssl/ssl.h#L734 SSL_CTX_set_tlsext_servername_callback: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_tlsext_servername_callback.html https://github.com/openssl/openssl/blob/OpenSSL_1_0_2/ssl/s3_lib.c#L3964 https://github.com/openssl/openssl/blob/OpenSSL_1_1_0/ssl/s3_lib.c#L3499 * Missed a spot
* Add Session functions, necessary to implement new features in Python 3.6. ↵Amaury Forgeot d'Arc2018-04-241-0/+14
| | | | (#4205)
* add custom extensions functions for openssl >=1.0.2 (#4202)Denis Lila2018-04-211-0/+68
| | | | | | * add custom extensions functions for openssl >=1.0.2 * Fix style problems
* Add binding for SSL_get_certificate (#4100)Jeremy Lainé2018-02-061-0/+1
| | | | | | | | | | | | | | Currently we only expose SSL_get_peer_certificate, which allows you to retrieve the remote party's certificate. This adds the symetrical binding to retrieve the local party's certificate. The motivation for this additional binding is to make it possible to query the local certificate regardless of the method which was used to load the certificate into the SSL connection (from a file, from an in-memory object). An example where this is useful is when negotiating a DTLS-SRTP connection, the fingerprint of the local certificate needs to be communicated to the remote party out-of-band via SDP. This binding can be exposed in pyopenssl as Connection.get_certificate().
* Add bindings for SRTP support (#4099)Jeremy Lainé2018-02-061-0/+3
|
* Add bindings for DTLS support (#4089)gesslerpd2018-01-231-0/+19
| | | | | | | | | | | | | | | | * + more DTLS bindings * + BIO_CTRL_DGRAM* * + read ahead functions * rm BIO_CTRL_DGRAM_SET_PEEK_MODE * rm BIO_CTRL_DGRAM_SET_DONT_FRAG * + link mtu conditional logic * rm some BIO_CTRL_DGRAM* bindings
* Add bindings for PSK (#4084)gesslerpd2018-01-181-1/+44
| | | | | | | | | | * + PSK function bindings * + PSK conditional * trigger CI * trigger CI
* Add bindings for SSL_OP_NO_DTLS* (#4079)gesslerpd2018-01-161-0/+4
| | | | | | | | * + bindings for SSL_OP_NO_DTLS* * + conditional for not HAS_GENERIC_DTLS_METHOD * flag SSL_OP_NO_DTLS* for unsupported deletion
* Fixed #4006 -- bind functions for dealing with sigalgs (#4063)Alex Gaynor2017-12-261-0/+15
| | | | | | * Fixed #4006 -- bind functions for dealing with sigalgs * oops
* added binding support for rfc 5705 (#3878)Kelby Ludwig2017-08-291-0/+2
| | | | | | | | | | | | | | * added binding support for rfc 5705 * WIP: testing some cffi updates * added openssl version check * updated cffi defs to align with pep8 * removed superfluous version checks * remove more unecessary boilerplate
* Remove conditionals we never use. (#3766)Alex Gaynor2017-07-081-6/+0
| | | | | | | | * Remove conditionals we never use. Refs #3763 * put this back
* Funcs macros gone (#3695)Paul Kehrer2017-06-271-3/+0
| | | | | | | | * No more FUNCS/MACROS distinction * change the docs to not talk about MACROS since they're gone * remove out of date comment
* enable wconversion and finish fixes (#3728)Paul Kehrer2017-06-261-1/+1
| | | | | | * enable wconversion and finish fixes * don't pass -Wconversion if it's win32
* bind DTLS 1.2 methods (#3725)Paul Kehrer2017-06-261-0/+15
| | | | | | * bind DTLS 1.2 methods * remove version specific dtls bindings, rename sentinel value
* Attempt to simplify the libressl checing (#3482)Alex Gaynor2017-03-261-7/+7
| | | | | | | | | | * Attempt to simplify the libressl checing * SHENANGINS * Attempted fix * More simplification
* Remove workaround for weird NetBSD bug (#3458)Alex Gaynor2017-03-171-21/+0
|
* Ec is a thing (#3453)Alex Gaynor2017-03-151-6/+0
| | | | | | | | | | | | | | | | * We always have EC * We always have ECDH * We always have ECDSA * We always have EC codes * This can go as well * And this * unused import
* More ifdef death (#3450)Alex Gaynor2017-03-141-22/+0
| | | | | | | | | | * CMAC is always supported * TLSv1.2 is always supported * Releasing buffers is always supported * Nonsense IE SSLv2 nonsens is always supported
* Removed some unused ifdefs from openssl bindings (#3448)Alex Gaynor2017-03-141-19/+0
|
* DTLS bindings (#3309)Paul Kehrer2016-12-191-0/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add DTLSv1_2 methods * add binding to DTLSv1_get_timeout() and DTLSv1_handle_timeout() * fix: PEP8 failed fix the following error: ./src/_cffi_src/openssl/ssl.py:728:80: E501 line too long (80 > 79 characters) see https://jenkins.cryptography.io/job/cryptography-pr-pep8/1954/ * Revert "add DTLSv1_2 methods" This reverts commit e4a9150b12ddb4790159a5835f1d1136cb1b996e. * replace 'long int' by 'long' To be more consistent with the naming convention cf https://github.com/pyca/cryptography/pull/3286/files/8dde92aad5db97fa176bf164783bdf9ba242edf4#r90153970 * wrap with braces cf https://github.com/pyca/cryptography/pull/3286/files/8dde92aad5db97fa176bf164783bdf9ba242edf4#r90154057 * conditionally bind all DTLS * rebase error * rename wrapped function
* restore this constant, pyopenssl needs it (#3321)Alex Gaynor2016-12-141-0/+3
|
* Drop 1.0.0 (#3312)Alex Gaynor2016-12-131-68/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * delete the 1.0.0 support * drop the version check * drop the AES-CTR stuff * Update the example * openssl truncates for us now * delete unused test * unused imports * Remove a bunch of conditional bindings for NPN * no more 1.0.0 builders * libressl fix * update the docs * remove dead branches * oops * this is a word, damnit * spelling * try removing this * this test is not needed * unused import
* Bind TLSEXT_STATUSTYPE_ocsp (#3290)Cory Benfield2016-11-291-0/+1
|
* add OPENSSL_NPN_NEGOTIATED (#3252)Paul Kehrer2016-11-191-0/+12
|
* 1.0.2i changed the way COMP_METHOD is exported if NO_COMP is set (#3162)Paul Kehrer2016-09-221-1/+4
| | | | | | | | | | * 1.0.2i changed the way COMP_METHOD is exported if NO_COMP is set * add a comment explaining why we changed this * 1.0.2i handles NUMERICSTRING properly now so need only test < 1.0.2i * needs to be visible
* opaque structs for 1.1.0 compatibility (#3109)Paul Kehrer2016-08-261-18/+3
| | | We're so close.
* Use a series of constants for OpenSSL version checks (#3037)Alex Gaynor2016-07-111-8/+10
| | | | | | | | | | | | | | | | | | | | | | | | * Use a series of constants for OpenSSL version checks. N.B. I removed several qualifiers that were being used to express beta vs. release in OpenSSL version numbers. Reviewers please look closely! * Convert some python as well, also add the file * flake8 * Simplify code, remove functionality that can be expressed more simply * clean up the tests as well * more constants * wrap long lines * reflect feedback * unused * add this back?
* Remove a few SSL fields which are unused (#3032)Alex Gaynor2016-06-301-5/+0
|
* Remove some more 0.9.8isms from the ssl code (#3001)Alex Gaynor2016-06-201-8/+4
|
* first pass removing 0.9.8 things from the ssl bindings (#2986)Paul Kehrer2016-06-201-48/+2
|
* Remove a few 0.9.8isms from the ssl bindings (#2998)Alex Gaynor2016-06-191-22/+0
|
* Add more bindings to OpenSSL, to be used by the Python _ssl module. (#2868)Amaury Forgeot d'Arc2016-04-081-0/+38
| | | | | | | | | | | | | | * Add more bindings to OpenSSL, all are used by the Python _ssl module. * Add a conditional: SSL_CTX_clear_options() does not exist before 0.9.8m * 80 cols * Condionally define the TLSEXT error codes. * Address review comments * Remove all parameter names
* SSL_CIPHER_get_version gained a const return type in 1.1.0Paul Kehrer2016-03-161-1/+2
|
* one last 1.1.0 const switch to get rid of some warningsPaul Kehrer2016-03-131-1/+1
|
* bind some new functions to access elements of the SSL structPaul Kehrer2016-03-131-0/+46
| | | | | | SSL_SESSION_get_master_key (added 1.1.0) SSL_get_client_random (added 1.1.0) SSL_get_server_random (added 1.1.0)
* bind SSL_SESSION_set1_id_contextPaul Kehrer2016-03-131-0/+24
| | | | added in 1.0.1
* Merge pull request #2808 from reaperhulk/110-patch-27Alex Gaynor2016-03-131-7/+12
|\ | | | | bind SSL_CTX_get_ssl_method
| * bind one new function to access part of the SSL structPaul Kehrer2016-03-131-7/+12
| | | | | | | | | | | | SSL_CTX_get_ssl_method (added 1.0.2) also remove the internally invented symbol we had (that was not in use)
* | conditionally bind/remove the SSL_ST/TLS_ST state machine statusesPaul Kehrer2016-03-111-3/+22
|/
* whoops this shouldn't have movedPaul Kehrer2016-03-091-1/+1
|
* move some ssl functions that are now macros and add 2 gettersPaul Kehrer2016-03-091-7/+9
| | | | | SSL_get_session and SSL_SESSION_get_id will help us when SSL becomes opaque soon (woe be unto pyopenssl)
* one more functionAlex Gaynor2016-01-311-0/+2
|
* Added an addition binding that PyOpenSSL might wantAlex Gaynor2016-01-311-0/+2
|
* Comment lingering SSLv2 symbol.Cory Benfield2015-12-141-0/+4
|
* Remove SSLv2 bindings.Cory Benfield2015-12-141-16/+1
| | | | | | | | | This commit removes bindings that allow users to set SSLv2 handshake methods. These are regarded as unnecessary and out-of-date: see #2527. This commit does leave in a few options that refer to SSLv2 in order to avoid breaking deployments that rely on them, and in order to allow users to continue to request that SSLv2 not be enabled at all in their OpenSSL.
* Add more CRYPTO_EX_DATA functionsChristian Heimes2015-11-201-0/+12
| | | | | | | | The patch adds a couple of additional functions to create, store and retrieve ex_data on SSL, SSL_CTX and X509 objects. It also adds the missing get_ex_new_index function for X509_STORE_CTX. Signed-off-by: Christian Heimes <cheimes@redhat.com>
* Removed SSL_renegotiate_abbreviated bindingkjav2015-08-281-1/+0
| | | As this is not supported in OpenSSL < 1.01
* Added bindings for SSL_renegotiate_<pending/abbreviated>kjav2015-08-281-0/+2
|
* Add SSL_renegotiate binding.Terry Chia2015-08-281-0/+1
|
* add set_cert_cbMaximilian Hils2015-08-251-0/+17
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-17 01:28:22 +0000