- From 77b25307a743eb52ef5ead24c956e577f5bd025f Mon Sep 17 00:00:00 2001
- From: Rosen Penev <rosenp@gmail.com>
- Date: Fri, 7 Jun 2019 20:42:04 -0700
- Subject: [PATCH 2/7] Add compatibility for X509_STORE_set_get_issuer
-
- Deprecated under OpenSSL 1.1.
- ---
- src/_cffi_src/openssl/x509_vfy.py | 8 ++++++++
- src/cryptography/hazmat/bindings/openssl/_conditional.py | 8 ++++++++
- 2 files changed, 16 insertions(+)
-
- --- a/src/_cffi_src/openssl/x509_vfy.py
- +++ b/src/_cffi_src/openssl/x509_vfy.py
- @@ -22,6 +22,7 @@ TYPES = """
- static const long Cryptography_HAS_102_VERIFICATION;
- static const long Cryptography_HAS_110_VERIFICATION_PARAMS;
- static const long Cryptography_HAS_X509_STORE_CTX_GET_ISSUER;
- +static const long Cryptography_HAS_X509_CB_ISSUER_CHECK;
-
- typedef ... Cryptography_STACK_OF_ASN1_OBJECT;
- typedef ... Cryptography_STACK_OF_X509_OBJECT;
- @@ -252,4 +253,11 @@ void (*X509_STORE_set_get_issuer)(X509_S
- #else
- static const long Cryptography_HAS_X509_STORE_CTX_GET_ISSUER = 1;
- #endif
- +
- +#ifndef X509_V_FLAG_CB_ISSUER_CHECK
- +static const long Cryptography_HAS_X509_CB_ISSUER_CHECK = 0;
- +#define X509_V_FLAG_CB_ISSUER_CHECK 0x0
- +#else
- +static const long Cryptography_HAS_X509_CB_ISSUER_CHECK = 1;
- +#endif
- """
- --- a/src/cryptography/hazmat/bindings/openssl/_conditional.py
- +++ b/src/cryptography/hazmat/bindings/openssl/_conditional.py
- @@ -270,6 +270,11 @@ def cryptography_has_get_proto_version()
- "SSL_get_max_proto_version",
- ]
-
- +def cryptography_has_x509_cb_issuer_check():
- + return [
- + "X509_V_FLAG_CB_ISSUER_CHECK",
- + ]
- +
-
- # This is a mapping of
- # {condition: function-returning-names-dependent-on-that-condition} so we can
- @@ -319,4 +324,7 @@ CONDITIONAL_NAMES = {
- "Cryptography_HAS_VERIFIED_CHAIN": cryptography_has_verified_chain,
- "Cryptography_HAS_SRTP": cryptography_has_srtp,
- "Cryptography_HAS_GET_PROTO_VERSION": cryptography_has_get_proto_version,
- + "Cryptography_HAS_X509_CB_ISSUER_CHECK": (
- + cryptography_has_x509_cb_issuer_check
- + ),
- }
|