From 8fa88eb72e67b15b6d6b7de3c4bc5c5bb7a2fbfa Mon Sep 17 00:00:00 2001 From: cyli Date: Mon, 11 Nov 2013 14:25:53 -0800 Subject: Add all the variable declarations (and customizations necessary to make them work) for ssl.py --- cryptography/hazmat/bindings/openssl/ssl.py | 123 ++++++++++++++++++++++++++++ 1 file changed, 123 insertions(+) diff --git a/cryptography/hazmat/bindings/openssl/ssl.py b/cryptography/hazmat/bindings/openssl/ssl.py index 58a64f0b..0f8a7a91 100644 --- a/cryptography/hazmat/bindings/openssl/ssl.py +++ b/cryptography/hazmat/bindings/openssl/ssl.py @@ -16,6 +16,110 @@ INCLUDES = """ """ TYPES = """ +/* Internally invented symbol to tell us if SSLv2 is supported */ +static const int PYOPENSSL_NO_SSL2; + +/* Internally invented symbol to tell us if SNI is supported */ +static const int PYOPENSSL_TLSEXT_HOSTNAME; + +static const int SSL_FILETYPE_PEM; +static const int SSL_FILETYPE_ASN1; +static const int SSL_ERROR_NONE; +static const int SSL_ERROR_ZERO_RETURN; +static const int SSL_ERROR_WANT_READ; +static const int SSL_ERROR_WANT_WRITE; +static const int SSL_ERROR_WANT_X509_LOOKUP; +static const int SSL_ERROR_SYSCALL; +static const int SSL_ERROR_SSL; +static const int SSL_SENT_SHUTDOWN; +static const int SSL_RECEIVED_SHUTDOWN; +static const int SSL_OP_NO_SSLv2; +static const int SSL_OP_NO_SSLv3; +static const int SSL_OP_NO_TLSv1; +static const int SSL_OP_SINGLE_DH_USE; +static const int SSL_OP_EPHEMERAL_RSA; +static const int SSL_OP_MICROSOFT_SESS_ID_BUG; +static const int SSL_OP_NETSCAPE_CHALLENGE_BUG; +static const int SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG; +static const int SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG; +static const int SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER; +static const int SSL_OP_MSIE_SSLV2_RSA_PADDING; +static const int SSL_OP_SSLEAY_080_CLIENT_DH_BUG; +static const int SSL_OP_TLS_D5_BUG; +static const int SSL_OP_TLS_BLOCK_PADDING_BUG; +static const int SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS; +static const int SSL_OP_CIPHER_SERVER_PREFERENCE; +static const int SSL_OP_TLS_ROLLBACK_BUG; +static const int SSL_OP_PKCS1_CHECK_1; +static const int SSL_OP_PKCS1_CHECK_2; +static const int SSL_OP_NETSCAPE_CA_DN_BUG; +static const int SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG; +static const int SSL_OP_NO_COMPRESSION; +static const int SSL_OP_NO_QUERY_MTU; +static const int SSL_OP_COOKIE_EXCHANGE; +static const int SSL_OP_NO_TICKET; +static const int SSL_OP_ALL; +static const int SSL_VERIFY_PEER; +static const int SSL_VERIFY_FAIL_IF_NO_PEER_CERT; +static const int SSL_VERIFY_CLIENT_ONCE; +static const int SSL_VERIFY_NONE; +static const int SSL_SESS_CACHE_OFF; +static const int SSL_SESS_CACHE_CLIENT; +static const int SSL_SESS_CACHE_SERVER; +static const int SSL_SESS_CACHE_BOTH; +static const int SSL_SESS_CACHE_NO_AUTO_CLEAR; +static const int SSL_SESS_CACHE_NO_INTERNAL_LOOKUP; +static const int SSL_SESS_CACHE_NO_INTERNAL_STORE; +static const int SSL_SESS_CACHE_NO_INTERNAL; +static const int SSL_ST_CONNECT; +static const int SSL_ST_ACCEPT; +static const int SSL_ST_MASK; +static const int SSL_ST_INIT; +static const int SSL_ST_BEFORE; +static const int SSL_ST_OK; +static const int SSL_ST_RENEGOTIATE; +static const int SSL_CB_LOOP; +static const int SSL_CB_EXIT; +static const int SSL_CB_READ; +static const int SSL_CB_WRITE; +static const int SSL_CB_ALERT; +static const int SSL_CB_READ_ALERT; +static const int SSL_CB_WRITE_ALERT; +static const int SSL_CB_ACCEPT_LOOP; +static const int SSL_CB_ACCEPT_EXIT; +static const int SSL_CB_CONNECT_LOOP; +static const int SSL_CB_CONNECT_EXIT; +static const int SSL_CB_HANDSHAKE_START; +static const int SSL_CB_HANDSHAKE_DONE; +static const int SSL_MODE_RELEASE_BUFFERS; +static const int SSL_MODE_ENABLE_PARTIAL_WRITE; +static const int SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER; +static const int SSL_MODE_AUTO_RETRY; +static const int SSL3_RANDOM_SIZE; +typedef ... X509_STORE_CTX; +static const int X509_V_OK; +typedef ... SSL_METHOD; +typedef ... SSL_CTX; + +typedef struct { + int master_key_length; + unsigned char master_key[...]; + ...; +} SSL_SESSION; + +typedef struct { + unsigned char server_random[...]; + unsigned char client_random[...]; + ...; +} SSL3_STATE; + +typedef struct { + SSL3_STATE *s3; + SSL_SESSION *session; + ...; +} SSL; + +static const int TLSEXT_NAMETYPE_host_name; """ FUNCTIONS = """ @@ -26,4 +130,23 @@ MACROS = """ """ CUSTOMIZATIONS = """ +#ifdef OPENSSL_NO_SSL2 +static const int PYOPENSSL_NO_SSL2 = 1; +SSL_METHOD* (*SSLv2_method)() = NULL; +SSL_METHOD* (*SSLv2_client_method)() = NULL; +SSL_METHOD* (*SSLv2_server_method)() = NULL; +#else +static const int PYOPENSSL_NO_SSL2 = 0; +#endif + +#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME +static const int PYOPENSSL_TLSEXT_HOSTNAME = 1; +#else +static const int PYOPENSSL_TLSEXT_HOSTNAME = 0; +void (*SSL_set_tlsext_host_name)(SSL *, char *) = NULL; +const char* (*SSL_get_servername)(const SSL *, const int) = NULL; +void (*SSL_CTX_set_tlsext_servername_callback)( + SSL_CTX *, + int (*cb)(const SSL *, int *, void *)) = NULL; +#endif """ -- cgit v1.2.3 From a9c9092a50e0c862207865dc9915c3ecccb852e2 Mon Sep 17 00:00:00 2001 From: cyli Date: Mon, 11 Nov 2013 14:26:16 -0800 Subject: Remove the two declarations that are not in 0.9.8 --- cryptography/hazmat/bindings/openssl/ssl.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/cryptography/hazmat/bindings/openssl/ssl.py b/cryptography/hazmat/bindings/openssl/ssl.py index 0f8a7a91..f95a8342 100644 --- a/cryptography/hazmat/bindings/openssl/ssl.py +++ b/cryptography/hazmat/bindings/openssl/ssl.py @@ -54,7 +54,6 @@ static const int SSL_OP_PKCS1_CHECK_1; static const int SSL_OP_PKCS1_CHECK_2; static const int SSL_OP_NETSCAPE_CA_DN_BUG; static const int SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG; -static const int SSL_OP_NO_COMPRESSION; static const int SSL_OP_NO_QUERY_MTU; static const int SSL_OP_COOKIE_EXCHANGE; static const int SSL_OP_NO_TICKET; @@ -91,7 +90,6 @@ static const int SSL_CB_CONNECT_LOOP; static const int SSL_CB_CONNECT_EXIT; static const int SSL_CB_HANDSHAKE_START; static const int SSL_CB_HANDSHAKE_DONE; -static const int SSL_MODE_RELEASE_BUFFERS; static const int SSL_MODE_ENABLE_PARTIAL_WRITE; static const int SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER; static const int SSL_MODE_AUTO_RETRY; -- cgit v1.2.3 From 0165629344d8eddfac95c10fc6e103e4b21f2e07 Mon Sep 17 00:00:00 2001 From: cyli Date: Mon, 11 Nov 2013 14:34:14 -0800 Subject: Handle customizations in another PR as per @alex --- cryptography/hazmat/bindings/openssl/ssl.py | 25 ------------------------- 1 file changed, 25 deletions(-) diff --git a/cryptography/hazmat/bindings/openssl/ssl.py b/cryptography/hazmat/bindings/openssl/ssl.py index f95a8342..0a6a6fdc 100644 --- a/cryptography/hazmat/bindings/openssl/ssl.py +++ b/cryptography/hazmat/bindings/openssl/ssl.py @@ -16,12 +16,6 @@ INCLUDES = """ """ TYPES = """ -/* Internally invented symbol to tell us if SSLv2 is supported */ -static const int PYOPENSSL_NO_SSL2; - -/* Internally invented symbol to tell us if SNI is supported */ -static const int PYOPENSSL_TLSEXT_HOSTNAME; - static const int SSL_FILETYPE_PEM; static const int SSL_FILETYPE_ASN1; static const int SSL_ERROR_NONE; @@ -128,23 +122,4 @@ MACROS = """ """ CUSTOMIZATIONS = """ -#ifdef OPENSSL_NO_SSL2 -static const int PYOPENSSL_NO_SSL2 = 1; -SSL_METHOD* (*SSLv2_method)() = NULL; -SSL_METHOD* (*SSLv2_client_method)() = NULL; -SSL_METHOD* (*SSLv2_server_method)() = NULL; -#else -static const int PYOPENSSL_NO_SSL2 = 0; -#endif - -#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME -static const int PYOPENSSL_TLSEXT_HOSTNAME = 1; -#else -static const int PYOPENSSL_TLSEXT_HOSTNAME = 0; -void (*SSL_set_tlsext_host_name)(SSL *, char *) = NULL; -const char* (*SSL_get_servername)(const SSL *, const int) = NULL; -void (*SSL_CTX_set_tlsext_servername_callback)( - SSL_CTX *, - int (*cb)(const SSL *, int *, void *)) = NULL; -#endif """ -- cgit v1.2.3