From e09754c74d75c1ba59c989cb053aaf61b519188d Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 19 Nov 2016 11:30:25 +0800 Subject: add SSL_CTX_set_ecdh_auto where supported (#3250) In 1.1.0 this is a noop and occurs by default, and this wasn't supported < 1.0.2 --- src/_cffi_src/openssl/ecdh.py | 9 +++++++++ src/cryptography/hazmat/bindings/openssl/_conditional.py | 3 +++ 2 files changed, 12 insertions(+) (limited to 'src') diff --git a/src/_cffi_src/openssl/ecdh.py b/src/_cffi_src/openssl/ecdh.py index 099f53cb..2dd5fd72 100644 --- a/src/_cffi_src/openssl/ecdh.py +++ b/src/_cffi_src/openssl/ecdh.py @@ -12,6 +12,7 @@ INCLUDES = """ TYPES = """ static const int Cryptography_HAS_ECDH; +static const int Cryptography_HAS_SET_ECDH_AUTO; """ FUNCTIONS = """ @@ -20,6 +21,7 @@ FUNCTIONS = """ MACROS = """ int ECDH_compute_key(void *, size_t, const EC_POINT *, EC_KEY *, void *(*)(const void *, size_t, void *, size_t *)); +int SSL_CTX_set_ecdh_auto(SSL_CTX *, int); """ CUSTOMIZATIONS = """ @@ -33,4 +35,11 @@ int (*ECDH_compute_key)(void *, size_t, const EC_POINT *, EC_KEY *, #else static const long Cryptography_HAS_ECDH = 1; #endif + +#ifndef SSL_CTX_set_ecdh_auto +static const long Cryptography_HAS_SET_ECDH_AUTO = 0; +int (*SSL_CTX_set_ecdh_auto)(SSL_CTX *, int) = NULL; +#else +static const long Cryptography_HAS_SET_ECDH_AUTO = 1; +#endif """ diff --git a/src/cryptography/hazmat/bindings/openssl/_conditional.py b/src/cryptography/hazmat/bindings/openssl/_conditional.py index 4da09870..02032a0d 100644 --- a/src/cryptography/hazmat/bindings/openssl/_conditional.py +++ b/src/cryptography/hazmat/bindings/openssl/_conditional.py @@ -158,6 +158,9 @@ CONDITIONAL_NAMES = { "Cryptography_HAS_ECDH": [ "ECDH_compute_key", ], + "Cryptography_HAS_SET_ECDH_AUTO": [ + "SSL_CTX_set_ecdh_auto", + ], "Cryptography_HAS_ECDSA": [ "ECDSA_SIG_new", "ECDSA_SIG_free", -- cgit v1.2.3