aboutsummaryrefslogtreecommitdiffstats
path: root/src/_cffi_src
Commit message (Collapse)AuthorAgeFilesLines
* consolidate the windows specific header trickery we need to doPaul Kehrer2016-01-182-9/+8
|
* Merge pull request #2646 from reaperhulk/static-callbacksAlex Gaynor2016-01-082-0/+51
|\ | | | | Static callbacks
| * remove the callbacks we don't use in cryptographyPaul Kehrer2016-01-071-61/+0
| |
| * Port callbacks to new static callbackChristian Heimes2016-01-072-0/+112
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cffi 1.4.0 will introduce a new API to create static callbacks. Contrary to the old callback API, static callbacks no longer depend on libffi's dynamic code generation for closures. Static code has some benefits over dynamic generation. For example the code is faster. Also it doesn't need writeable and executable memory mappings, which makes it compatible with SELinux's deny execmem policy. The branch depends on PR #2488. https://bitbucket.org/cffi/cffi/issues/232/static-callbacks Closes: #2477 Signed-off-by: Christian Heimes <cheimes@redhat.com>
* | use EVP_PKEY_id where we canPaul Kehrer2016-01-071-2/+7
| |
* | add Cryptography_EVP_PKEY_idPaul Kehrer2016-01-071-0/+6
| |
* | opaque EVP_PKEY since EVP_PKEY_id existsPaul Kehrer2016-01-071-4/+1
|/
* convert other extra_link_args callsPaul Kehrer2016-01-012-6/+4
|
* don't add the NXCOMPAT and DYNAMICBASE flags if the compiler isn't msvcPaul Kehrer2016-01-012-8/+25
|
* RSA_R_OAEP_DECODING_ERROR is pretty ubiquitousPaul Kehrer2015-12-271-8/+0
|
* Add support for RSA_R_OAEP_DECODING_ERROR error flag.Christopher Grebs2015-12-271-0/+9
|
* Simplify code slightly by adding a new bindingAlex Gaynor2015-12-261-0/+2
|
* new asn1 bindings needed for #2582Paul Kehrer2015-12-261-0/+3
|
* X509_REVOKED_dup isn't available everywhere, we get to define our ownPaul Kehrer2015-12-251-1/+10
|
* support revoked certificates in CertificateRevocationListBuilderPaul Kehrer2015-12-251-0/+1
|
* a different approach to refactoring the x509 extension additionPaul Kehrer2015-12-241-0/+1
|
* Add PEM_write_bio_DHparams bindingevilaliv32015-12-241-0/+1
|
* add binding for setting the revocation date of an X509_REVOKEDPaul Kehrer2015-12-231-0/+2
|
* Remove spaces.Cory Benfield2015-12-231-1/+1
|
* Add binding for CommonCrypto SecTrustCopyAnchorCertificatesCory Benfield2015-12-232-0/+23
|
* Comment lingering SSLv2 symbol.Cory Benfield2015-12-141-0/+4
|
* Remove SSLv2 bindings.Cory Benfield2015-12-141-16/+1
| | | | | | | | | This commit removes bindings that allow users to set SSLv2 handshake methods. These are regarded as unnecessary and out-of-date: see #2527. This commit does leave in a few options that refer to SSLv2 in order to avoid breaking deployments that rely on them, and in order to allow users to continue to request that SSLv2 not be enabled at all in their OpenSSL.
* Merge pull request #2515 from reaperhulk/sigbusAlex Gaynor2015-12-091-16/+0
|\ | | | | remove the bindings for these x86_64 specific EC functions
| * remove the bindings for these x86_64 specific EC functionsPaul Kehrer2015-12-091-16/+0
| | | | | | | | | | | | | | | | We have no need to invoke them directly and their presence triggers a bug related to Fedora 23's hobbling of openssl EC functions (uugh) This also fixes the SIGBUS issue in #2503, although that is more appropriately resolved via header fixes for universal libraries on OS X.
* | expose tbs_certrequest_bytes and signature on CertificateSigningRequestPaul Kehrer2015-12-031-0/+4
| |
* | Merge pull request #2504 from reaperhulk/encode-name-constraintsAlex Gaynor2015-12-031-0/+12
|\ \ | | | | | | implement support for encoding name constraints
| * | implement support for encoding name constraintsPaul Kehrer2015-12-021-0/+12
| |/
* | shouldn't need values herePaul Kehrer2015-12-011-3/+3
| |
* | if EC isn't present we need to declare this enumPaul Kehrer2015-12-011-1/+5
| |
* | let the compiler figure out these valuesPaul Kehrer2015-12-011-3/+4
| |
* | fix a warning in cffiPaul Kehrer2015-12-011-1/+5
|/ | | | | cffi doesn't want to guess the type, so we'll deopaque the enum and strip the values out of the lib if EC is unavailable
* Add more CRYPTO_EX_DATA functionsChristian Heimes2015-11-203-0/+20
| | | | | | | | The patch adds a couple of additional functions to create, store and retrieve ex_data on SSL, SSL_CTX and X509 objects. It also adds the missing get_ex_new_index function for X509_STORE_CTX. Signed-off-by: Christian Heimes <cheimes@redhat.com>
* add tbsCertList and signature interfaces to CRLsErik Trauschke2015-11-191-0/+3
|
* RHEL 6.4 and below don't even claim to be 1.0.0 final...Paul Kehrer2015-11-121-1/+1
|
* whoopsPaul Kehrer2015-11-121-0/+1
|
* reorganize and renamePaul Kehrer2015-11-121-10/+10
|
* these functions were added in 1.0.0, while CMS was added in 0.9.8hPaul Kehrer2015-11-121-0/+10
| | | | | We didn't catch this in our CI because all our 0.9.8 targets have CMS disabled or are older than 0.9.8h
* Merge pull request #2467 from reaperhulk/fix-version-checkAlex Gaynor2015-11-041-2/+2
|\ | | | | these flags were actually added in 1.0.2beta2, not before that.
| * these flags were actually added in 1.0.2beta2, not before that.Paul Kehrer2015-11-051-2/+2
| |
* | remove malloc_debug_init as it has occasionally caused compile issuesPaul Kehrer2015-11-051-1/+0
|/ | | | We also don't use it in our backend (and neither does pyOpenSSL)
* add support for Certificate signature and tbs_certificatePaul Kehrer2015-11-032-1/+3
|
* make engine addition idempotentPaul Kehrer2015-10-211-0/+2
| | | | | | | | | | | Threading issues keep cropping up. ENGINE_add already acquires a lock at the C layer via CRYPTO_w_lock (provided you have registered the locking callbacks) so let's try to use that. As part of this we'll try to init the openssl locks, but of course there's potentially a race there as well. Clearly this isn't the real fix but it might improve the situation while we try to determine what to do.
* Remove long comments and workarounds, use new cffi syntaxAlex Gaynor2015-10-212-36/+2
|
* add binding for d2i_GENERAL_NAMES()Erik Trauschke2015-10-151-0/+2
|
* extend pkcs7 openssl bindingsDominic Chen2015-10-132-2/+32
|
* rename env var to CRYPTOGRAPHY_OSX_NO_LINK_FLAGSPaul Kehrer2015-08-311-1/+1
|
* no need for NonePaul Kehrer2015-08-291-1/+1
|
* add support for static linking of the openssl backend on OS XPaul Kehrer2015-08-291-3/+16
|
* Removed SSL_renegotiate_abbreviated bindingkjav2015-08-281-1/+0
| | | As this is not supported in OpenSSL < 1.01
* Added bindings for SSL_renegotiate_<pending/abbreviated>kjav2015-08-281-0/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-05 08:33:23 +0000