PyPy's ssl module, the last missing macro and three macro functions#3270
PyPy's ssl module, the last missing macro and three macro functions#3270reaperhulk merged 3 commits intopyca:masterfrom planrich:master
Conversation
|
@planrich, thanks for your PR! By analyzing the history of the files in this pull request, we identified @reaperhulk, @lvh and @cyli to be potential reviewers. |
|
Jenkins, ok to test. |
src/_cffi_src/openssl/ssl.py
Outdated
|
|
||
| static const long Cryptography_HAS_SSL_CTX_CLEAR_OPTIONS = 1; | ||
|
|
||
| #ifdef OPENSSL_NO_TLSEXT |
There was a problem hiding this comment.
cryptography doesn't support OpenSSL compiled without TLS extensions so you can always assume this is not set. Do you still need it then?
There was a problem hiding this comment.
We use e.g. SSL_CTX_set_tlsext_servername_callback, I'm not sure if that is to be called with the macro OPENSSL_NO_TLSEXT defined.
There was a problem hiding this comment.
Rethinking that, I'm fine with removing it... But this means PyPy cannot support any openssl version that would set the macro?
There was a problem hiding this comment.
Correct. By using cryptography as the basis of the module you're bound by the versions we've chosen to support, but OPENSSL_NO_TLSEXT is extremely uncommon and in practice we've never had a single bug report complaining about not supporting that configuration.
src/_cffi_src/openssl/x509_vfy.py
Outdated
|
|
||
| int sk_X509_OBJECT_num(Cryptography_STACK_OF_X509_OBJECT *); | ||
| X509_OBJECT *sk_X509_OBJECT_value(Cryptography_STACK_OF_X509_OBJECT *, int); | ||
| X509_VERIFY_PARAM * X509_STORE_get0_param(X509_STORE *); |
There was a problem hiding this comment.
Style nit, this should be X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *); (space removed before function name)
Here are the last missing macro/functions needed. I'm not sure why
sk_GENERAL_NAME_freefunchas the type withstruct GENERAL_NAME_st*instead ofGENERAL_NAME*. Without that change I could not passGENERAL_NAME_freeto an argument requiring ask_GENERAL_NAME_freefunctype.