aboutsummaryrefslogtreecommitdiffstats
path: root/src/_cffi_src
Commit message (Collapse)AuthorAgeFilesLines
* Remove dead constant time code (#5239)Alex Gaynor2020-04-263-55/+0
|
* Added wycheproof RSA PKCSv1 encryption tests (#5234)Alex Gaynor2020-04-261-0/+1
|
* Dropped support for LibreSSL 2.7, 2.8, and 2.9.0 (2.9.1+ are still ↵Alex Gaynor2020-04-252-22/+0
| | | | supported) (#5231)
* add SSL_CTX_(get|set)_keylog_callback (#5187)Maximilian Hils2020-04-111-0/+18
| | | | | | | * add SSL_CTX_(get|set)_keylog_callback * For travis Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
* Drop support for OpenSSL 1.0.1 (#5178)Alex Gaynor2020-04-046-177/+13
|
* Add pthread linking on non-win32 (#5086)Alexander Grund2019-12-231-1/+4
| | | | Required to link in static part of pthread, e.g. pthread_atfork Fixes https://github.com/pyca/cryptography/issues/5084
* issue-5041: do not add extra flags when compiler or platform does not ↵Michael Felt2019-11-241-1/+13
| | | | | | | | | | | | | | support them (#5042) * check for suitable compiler (platform) before adding special flags * pep8 corrections * later pep8 messages * add clang to auto accepted compilers * modify syntax so multi-line is accepted
* add SSL_get_verify_result (#5071)Maximilian Hils2019-11-231-0/+1
|
* add SSL_CTX_get0_param (#5070)Maximilian Hils2019-11-221-0/+2
|
* add SSL[_CTX]_clear_mode (#5062)Maximilian Hils2019-11-111-0/+2
|
* Fixed #5050 -- dropped support for an old LibresSSL release (#5056)Alex Gaynor2019-11-118-14/+11
| | | | | | * Fixed #5050 -- dropped support for an old LibresSSL release * Changelog
* Add a comment so we can easily find a place to update later (#5043)Alex Gaynor2019-11-011-0/+1
| | | | | | * Add a comment so we can easily find a place to update later * flake8
* Silence unguarded availability warnings for `getentropy` when targeting ↵Max Bélanger2019-10-241-1/+5
| | | | | | | | macOS 10.12 (#5019) * silence `Wunguarded-availability` when building with a `MACOSX_DEPLOYMENT_TARGET < 10.12` * use `__builtin_available` rather than a `NULL` echo upon init on mac
* Test against libressl 3.0 (#5031)Alex Gaynor2019-10-201-2/+2
| | | | | | * Test against libressl 3.0 * Correctly type these ints
* update openssls (#4995)Paul Kehrer2019-10-151-0/+2
| | | | | | | | | | * update openssls * missed one * what will this do * only do this check for 1.1.0+
* Add SSL_get0_verified_chain to cffi lib (#4965)arjenzorgdoc2019-08-141-0/+9
| | | | | | | | * Add SSL_get0_verified_chain to cffi lib OpenSSL 1.1.0 supports SSL_get0_verified_chain. This gives the full chain from the peer cert including your trusted CA cert. * Work around no support for #if in cdef in old cffi
* fix osrandom/builtin switching methods for 1.1.0+ (#4955)Paul Kehrer2019-07-271-3/+3
| | | | | | | | | | * fix osrandom/builtin switching methods for 1.1.0+ In 1.1.0 RAND_cleanup became a no-op. This broke changing to the builtin random engine via activate_builtin_random(). Fixed by directly calling RAND_set_rand_method. This works on 1.0.x and 1.1.x * missed an assert
* add bindings to parse and create challenge passwords in X509 CSRs (#4943)Paul Kehrer2019-07-092-1/+11
| | | | | | * add bindings to parse and create challenge passwords in X509 CSRs * moved away from the 1.1.0 section
* Switch to new notBefore/After APIs (#4914)Rosen Penev2019-06-071-0/+9
| | | Introduced in OpenSSL 1.1. Added compatibility for older versions.
* add BIO_free_all (#4874)Dominic Chen2019-05-061-0/+1
|
* Use generic DTLS functions added in LibreSSL 2.9.1 (#4855)Charlie Li2019-04-232-3/+9
| | | | | | | | | | * Use generic DTLS functions added in LibreSSL 2.9.1 While here, bump travis. * Remove LibreSSL 2.9.0 from travis now that 2.9.1 exists. Requested by: @reaperhulk
* fix a memory leak in AIA parsing (#4836)Paul Kehrer2019-04-111-0/+3
| | | | | | * fix a memory leak in AIA parsing * oops can't remove that
* Added BN_is_negative -- refs #4830 (#4831)Alex Gaynor2019-04-051-0/+1
|
* Try to use getrandom even in manylinux1 wheels (#4816)Alex Gaynor2019-03-191-0/+12
| | | | | | * Try to use getrandom even in manylinux1 wheels * typo
* add poly1305 NID/EVP, and EVP_DigestSign{Update,Final} for incremental (#4799)Paul Kehrer2019-03-072-0/+17
|
* ed25519 support (#4114)Paul Kehrer2019-02-261-0/+3
| | | | | | * ed25519 support * review feedback
* remove unused x509 bindings (#4776)Paul Kehrer2019-02-261-87/+1
|
* remove unused locking functions (#4780)Paul Kehrer2019-02-261-24/+2
| | | | | | | | * remove unused locking functions we do all this in C when necessary * oops, need this
* remove unused DH bindings (#4779)Paul Kehrer2019-02-261-7/+0
|
* remove unused PEM bindings (#4778)Paul Kehrer2019-02-261-10/+0
|
* how about we have less NIDs (#4777)Paul Kehrer2019-02-261-204/+0
| | | | | | * how about we have less NIDs * pyopenssl needs these two NIDs still
* strip out unused EVP functions (#4775)Paul Kehrer2019-02-261-51/+0
|
* Remove unused constant binding from ecdh.py (#4774)Alex Gaynor2019-02-261-3/+0
|
* Remove unused constant from ec.py bindings (#4773)Alex Gaynor2019-02-261-3/+0
|
* Remove unused bindings from aes.py (#4772)Alex Gaynor2019-02-261-7/+1
|
* Removed unused constant from bindings (#4771)Alex Gaynor2019-02-261-2/+0
|
* Polish off removal of unused engine bindings (#4769)Alex Gaynor2019-02-251-12/+0
|
* reduce our engine bindings even more (#4768)Paul Kehrer2019-02-253-78/+18
|
* support NO_ENGINE (#4763)Paul Kehrer2019-02-252-1/+68
| | | | | | | | * support OPENSSL_NO_ENGINE * support some new openssl config args * sigh
* Remove a bunch of unused engine bindings (#4766)Alex Gaynor2019-02-251-61/+0
|
* encode the package version in the shared object (#4756)Paul Kehrer2019-02-201-0/+13
| | | | | | | | | | * encode the package version in the shared object * review feedback * move into build_ffi so the symbol is in all shared objects * review feedback
* Run wycheproof RSA tests on LibreSSL>=2.8 (#4737)Alex Gaynor2019-01-241-1/+10
| | | | | | | | * Run wycheproof RSA tests on LibreSSL>=2.8 * Define it this way * These are errors on libressl
* Use O_CLOEXEC when it's available (#4733)Alex Gaynor2019-01-231-10/+16
| | | | | | | | * Use O_CLOEXEC when it's available * Don't have two vars with the same name * A normal person would be emberassed
* bind EVP_R_MEMORY_LIMIT_EXCEEDED and update a test (#4726)Paul Kehrer2019-01-211-0/+9
| | | | | | | | | | | * bind EVP_R_MEMORY_LIMIT_EXCEEDED and update a test This will allow OpenSSL 1.1.1 on 32-bit (including our Windows 32-bit builders) to fail as expected. Technically this isn't a malloc error, but rather failing because the allocation requested is larger than 32-bits, but raising a MemoryError still seems appropriate * what you want an endif too?
* expose the ed448 nid (#4717)Paul Kehrer2019-01-191-0/+1
| | | | we already did all the conditional binding, but forgot to actually expose it.
* Fixes #4683 -- fixed linux kernel version that has getrandom (#4684)Alex Gaynor2019-01-122-2/+2
|
* Add bindings to get SRTP protection profile (#4679)Jeremy Lainé2019-01-111-0/+6
| | | | | This adds the ability to retrieve the selected SRTP protection profile after the DTLS handshake completes. This is needed to perform the correct key derivation if multiple profiles were offered.
* HTTPS a bunch of links in random places (#4666)Alex Gaynor2018-12-311-1/+1
| | | | | | * HTTPS a bunch of links in random places * What the heck happened here?
* Fixes #4645 -- poll() on /dev/random before reading from /dev/urandom on ↵Alex Gaynor2018-12-291-17/+55
| | | | | | | | | | | | | | | | | | Linux (#4656) * Fixes #4645 -- select() on /dev/random before reading from /dev/urandom on linux * whoops * Missing header * whoops * Review notes * Potential uninitialized fix * Signals are literally impossible
* Raise MemoryError when backend.derive_scrypt can't malloc enough (#4592)Tux2018-12-081-0/+2
| | | | | | | | | | | | * Raise MemoryError when backend.derive_scrypt can't malloc enough * Expose ERR_R_MALLOC_FAILURE and use the reason_match pattern to catch it * Add test_scrypt_malloc_failure in test_scrypt * let's see if this passes * add comment to filippo's blog post about scrypt's params