Merge pull request #1305 from alex/backport-pkcs7

Backport pkcs7
pyca · Aug 15, 2014 · 93e8a15 · 93e8a15
2 parents c787791 + 568475e
commit 93e8a15
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 17 deletions.
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -1,6 +1,12 @@
 Changelog
 =========
 
+0.5.4
+~~~~~
+
+* Added a missing function to the OpenSSL bindings, which is needed by
+  pyOpenSSL.
+
 0.5.3 - 2014-08-06
 ~~~~~~~~~~~~~~~~~~
 

diff --git a/cryptography/hazmat/bindings/openssl/pem.py b/cryptography/hazmat/bindings/openssl/pem.py
@@ -41,6 +41,7 @@
 int i2d_PKCS8PrivateKey_nid_bio(BIO *, EVP_PKEY *, int,
                                 char *, int, pem_password_cb *, void *);
 
+PKCS7 *d2i_PKCS7_bio(BIO *, PKCS7 **);
 EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *, EVP_PKEY **, pem_password_cb *,
                                   void *);
 

diff --git a/cryptography/hazmat/bindings/openssl/x509_vfy.py b/cryptography/hazmat/bindings/openssl/x509_vfy.py
@@ -27,7 +27,6 @@
 """
 
 TYPES = """
-static const long Cryptography_HAS_X509_VERIFY_PARAM_SET_HOSTFLAGS;
 static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES;
 static const long Cryptography_HAS_102_VERIFICATION_PARAMS;
 static const long Cryptography_HAS_X509_V_FLAG_TRUSTED_FIRST;
@@ -186,26 +185,17 @@
                               Cryptography_STACK_OF_X509_CRL *);
 
 /* X509_VERIFY_PARAM */
-int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *, const unsigned char *,
+int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *, const char *,
                                 size_t);
 void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *, unsigned int);
-int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *, const unsigned char *,
+int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *, const char *,
                                  size_t);
 int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *, const unsigned char *,
                               size_t);
 int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *, const char *);
 """
 
 CUSTOMIZATIONS = """
-/* OpenSSL 1.0.2+, but only some very new releases */
-#ifdef X509_VERIFY_PARAM_set_hostflags
-static const long Cryptography_HAS_X509_VERIFY_PARAM_SET_HOSTFLAGS = 1;
-#else
-static const long Cryptography_HAS_X509_VERIFY_PARAM_SET_HOSTFLAGS = 0;
-void (*X509_VERIFY_PARAM_set_hostflags)(X509_VERIFY_PARAM *,
-                                        unsigned int) = NULL;
-#endif
-
 /* OpenSSL 1.0.2+ verification error codes */
 #if OPENSSL_VERSION_NUMBER >= 0x10002000L
 static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 1;
@@ -234,13 +224,15 @@
 static const long X509_V_FLAG_SUITEB_128_LOS = 0;
 static const long X509_V_FLAG_PARTIAL_CHAIN = 0;
 
-int (*X509_VERIFY_PARAM_set1_host)(X509_VERIFY_PARAM *, const unsigned char *,
+int (*X509_VERIFY_PARAM_set1_host)(X509_VERIFY_PARAM *, const char *,
                                    size_t) = NULL;
-int (*X509_VERIFY_PARAM_set1_email)(X509_VERIFY_PARAM *, const unsigned char *,
+int (*X509_VERIFY_PARAM_set1_email)(X509_VERIFY_PARAM *, const char *,
                                     size_t) = NULL;
 int (*X509_VERIFY_PARAM_set1_ip)(X509_VERIFY_PARAM *, const unsigned char *,
                                  size_t) = NULL;
 int (*X509_VERIFY_PARAM_set1_ip_asc)(X509_VERIFY_PARAM *, const char *) = NULL;
+void (*X509_VERIFY_PARAM_set_hostflags)(X509_VERIFY_PARAM *,
+                                        unsigned int) = NULL;
 #endif
 
 /* OpenSSL 1.0.2+, *or* Fedora 20's flavor of OpenSSL 1.0.1e... */
@@ -286,9 +278,6 @@
 """
 
 CONDITIONAL_NAMES = {
-    "Cryptography_HAS_X509_VERIFY_PARAM_SET_HOSTFLAGS": [
-        "X509_VERIFY_PARAM_set_hostflags",
-    ],
     "Cryptography_HAS_102_VERIFICATION_ERROR_CODES": [
         'X509_V_ERR_SUITE_B_INVALID_VERSION',
         'X509_V_ERR_SUITE_B_INVALID_ALGORITHM',
@@ -310,6 +299,7 @@
         "X509_VERIFY_PARAM_set1_email",
         "X509_VERIFY_PARAM_set1_ip",
         "X509_VERIFY_PARAM_set1_ip_asc",
+        "X509_VERIFY_PARAM_set_hostflags",
     ],
     "Cryptography_HAS_X509_V_FLAG_TRUSTED_FIRST": [
         "X509_V_FLAG_TRUSTED_FIRST",

diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt
@@ -38,6 +38,7 @@ plaintext
 preprocessor
 preprocessors
 pseudorandom
+pyOpenSSL
 Schneier
 scrypt
 Tanja