From af09025900863a2a196eb67b1ec844a8626caa0c Mon Sep 17 00:00:00 2001 From: Jean-Paul Calderone Date: Mon, 23 Dec 2013 08:22:03 -0500 Subject: bind a few more assorted random simple things --- cryptography/hazmat/backends/openssl/crypto.py | 6 ++++++ cryptography/hazmat/backends/openssl/opensslv.py | 1 + cryptography/hazmat/backends/openssl/rand.py | 1 + cryptography/hazmat/backends/openssl/ssl.py | 2 ++ 4 files changed, 10 insertions(+) diff --git a/cryptography/hazmat/backends/openssl/crypto.py b/cryptography/hazmat/backends/openssl/crypto.py index 8d88c16e..71d32c52 100644 --- a/cryptography/hazmat/backends/openssl/crypto.py +++ b/cryptography/hazmat/backends/openssl/crypto.py @@ -16,6 +16,11 @@ INCLUDES = """ """ TYPES = """ +static const int SSLEAY_VERSION; +static const int SSLEAY_CFLAGS; +static const int SSLEAY_PLATFORM; +static const int SSLEAY_DIR; +static const int SSLEAY_BUILT_ON; """ FUNCTIONS = """ @@ -32,6 +37,7 @@ MACROS = """ void CRYPTO_add(int *, int, int); void CRYPTO_malloc_init(); void CRYPTO_malloc_debug_init(); + #define CRYPTO_MEM_CHECK_ON ... #define CRYPTO_MEM_CHECK_OFF ... #define CRYPTO_MEM_CHECK_ENABLE ... diff --git a/cryptography/hazmat/backends/openssl/opensslv.py b/cryptography/hazmat/backends/openssl/opensslv.py index 37bbd2a7..4e110327 100644 --- a/cryptography/hazmat/backends/openssl/opensslv.py +++ b/cryptography/hazmat/backends/openssl/opensslv.py @@ -16,6 +16,7 @@ INCLUDES = """ """ TYPES = """ +static const int OPENSSL_VERSION_NUMBER; static char *const OPENSSL_VERSION_TEXT; """ diff --git a/cryptography/hazmat/backends/openssl/rand.py b/cryptography/hazmat/backends/openssl/rand.py index ddd0a3d8..5ac36cac 100644 --- a/cryptography/hazmat/backends/openssl/rand.py +++ b/cryptography/hazmat/backends/openssl/rand.py @@ -19,6 +19,7 @@ TYPES = """ """ FUNCTIONS = """ +void ERR_load_RAND_strings(); void RAND_seed(const void *, int); void RAND_add(const void *, int, double); int RAND_status(); diff --git a/cryptography/hazmat/backends/openssl/ssl.py b/cryptography/hazmat/backends/openssl/ssl.py index bf1ffcc6..168d5429 100644 --- a/cryptography/hazmat/backends/openssl/ssl.py +++ b/cryptography/hazmat/backends/openssl/ssl.py @@ -36,6 +36,7 @@ static const int SSL_RECEIVED_SHUTDOWN; static const int SSL_OP_NO_SSLv2; static const int SSL_OP_NO_SSLv3; static const int SSL_OP_NO_TLSv1; +static const int SSL_OP_NO_COMPRESSION; static const int SSL_OP_SINGLE_DH_USE; static const int SSL_OP_EPHEMERAL_RSA; static const int SSL_OP_MICROSOFT_SESS_ID_BUG; @@ -93,6 +94,7 @@ static const int SSL_CB_HANDSHAKE_DONE; static const int SSL_MODE_ENABLE_PARTIAL_WRITE; static const int SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER; static const int SSL_MODE_AUTO_RETRY; +static const int SSL_MODE_RELEASE_BUFFERS; static const int SSL3_RANDOM_SIZE; typedef ... X509_STORE_CTX; static const int X509_V_OK; -- cgit v1.2.3 From 21a37548b5c1cd2df9f2e3e7131e4ae3d72c333a Mon Sep 17 00:00:00 2001 From: Jean-Paul Calderone Date: Mon, 23 Dec 2013 11:13:34 -0500 Subject: Try making SSL_MODE_RELEASE_BUFFERS conditional on whether the underlying OpenSSL library has this flag --- cryptography/hazmat/backends/openssl/ssl.py | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/cryptography/hazmat/backends/openssl/ssl.py b/cryptography/hazmat/backends/openssl/ssl.py index 168d5429..3af0074e 100644 --- a/cryptography/hazmat/backends/openssl/ssl.py +++ b/cryptography/hazmat/backends/openssl/ssl.py @@ -94,7 +94,6 @@ static const int SSL_CB_HANDSHAKE_DONE; static const int SSL_MODE_ENABLE_PARTIAL_WRITE; static const int SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER; static const int SSL_MODE_AUTO_RETRY; -static const int SSL_MODE_RELEASE_BUFFERS; static const int SSL3_RANDOM_SIZE; typedef ... X509_STORE_CTX; static const int X509_V_OK; @@ -263,6 +262,13 @@ void (*SSL_CTX_set_tlsext_servername_callback)( SSL_CTX *, int (*)(const SSL *, int *, void *)) = NULL; #endif + +#ifdef SSL_MODE_RELEASE_BUFFERS +static const int Cryptography_HAS_RELEASE_BUFFERS = 1; +#else +static const int Cryptography_HAS_RELEASE_BUFFERS = 0; +const int SSL_MODE_RELEASE_BUFFERS = 0; +#endif """ CONDITIONAL_NAMES = { @@ -276,5 +282,10 @@ CONDITIONAL_NAMES = { "SSL_set_tlsext_host_name", "SSL_get_servername", "SSL_CTX_set_tlsext_servername_callback", - ] + ], + + "Cryptography_HAS_RELEASE_BUFFERS": [ + "SSL_MODE_RELEASE_BUFFERS", + ], + } -- cgit v1.2.3 From ab51df1d664fafe1426748e38ddb125cf31d4052 Mon Sep 17 00:00:00 2001 From: Jean-Paul Calderone Date: Mon, 23 Dec 2013 11:16:12 -0500 Subject: Finish that conditional support --- cryptography/hazmat/backends/openssl/ssl.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/cryptography/hazmat/backends/openssl/ssl.py b/cryptography/hazmat/backends/openssl/ssl.py index 3af0074e..a1acde38 100644 --- a/cryptography/hazmat/backends/openssl/ssl.py +++ b/cryptography/hazmat/backends/openssl/ssl.py @@ -22,6 +22,11 @@ static const int Cryptography_HAS_SSL2; /* Internally invented symbol to tell us if SNI is supported */ static const int Cryptography_HAS_TLSEXT_HOSTNAME; +/* Internally invented symbol to tell us if SSL_MODE_RELEASE_BUFFERS is + * supported + */ +static const int Cryptography_HAS_RELEASE_BUFFERS; + static const int SSL_FILETYPE_PEM; static const int SSL_FILETYPE_ASN1; static const int SSL_ERROR_NONE; @@ -91,6 +96,7 @@ static const int SSL_CB_CONNECT_LOOP; static const int SSL_CB_CONNECT_EXIT; static const int SSL_CB_HANDSHAKE_START; static const int SSL_CB_HANDSHAKE_DONE; +static const int SSL_MODE_RELEASE_BUFFERS; static const int SSL_MODE_ENABLE_PARTIAL_WRITE; static const int SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER; static const int SSL_MODE_AUTO_RETRY; -- cgit v1.2.3 From 22af23ebbbee831f8d9874ebf9080b4b5ed545b7 Mon Sep 17 00:00:00 2001 From: Jean-Paul Calderone Date: Mon, 23 Dec 2013 15:00:02 -0500 Subject: Also make SSL_OP_NO_COMPRESSION optional --- cryptography/hazmat/backends/openssl/ssl.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/cryptography/hazmat/backends/openssl/ssl.py b/cryptography/hazmat/backends/openssl/ssl.py index a1acde38..3fd0bf23 100644 --- a/cryptography/hazmat/backends/openssl/ssl.py +++ b/cryptography/hazmat/backends/openssl/ssl.py @@ -27,6 +27,11 @@ static const int Cryptography_HAS_TLSEXT_HOSTNAME; */ static const int Cryptography_HAS_RELEASE_BUFFERS; +/* Internally invented symbol to tell us if SSL_OP_NO_COMPRESSION is + * supported + */ +static const int Cryptography_HAS_OP_NO_COMPRESSION; + static const int SSL_FILETYPE_PEM; static const int SSL_FILETYPE_ASN1; static const int SSL_ERROR_NONE; @@ -275,6 +280,13 @@ static const int Cryptography_HAS_RELEASE_BUFFERS = 1; static const int Cryptography_HAS_RELEASE_BUFFERS = 0; const int SSL_MODE_RELEASE_BUFFERS = 0; #endif + +#ifdef SSL_OP_NO_COMPRESSION +static const int Cryptography_HAS_OP_NO_COMPRESSION = 1; +#else +static const int Cryptography_HAS_OP_NO_COMPRESSION = 0; +const int SSL_OP_NO_COMPRESSION = 0; +#endif """ CONDITIONAL_NAMES = { @@ -294,4 +306,8 @@ CONDITIONAL_NAMES = { "SSL_MODE_RELEASE_BUFFERS", ], + "Cryptography_HAS_OP_NO_COMPRESSION": [ + "SSL_OP_NO_COMPRESSION", + ], + } -- cgit v1.2.3