Merge pull request #1442 from reaperhulk/x509-interface
X509 interfaces
diff --git a/docs/installation.rst b/docs/installation.rst
index d1b6e69..d7645ca 100644
--- a/docs/installation.rst
+++ b/docs/installation.rst
@@ -15,7 +15,7 @@
* x86-64 CentOS 7.x, 6.4 and CentOS 5.x
* x86-64 FreeBSD 9.2 and FreeBSD 10
-* OS X 10.9 Mavericks, 10.8 Mountain Lion, and 10.7 Lion
+* OS X 10.10 Yosemite, 10.9 Mavericks, 10.8 Mountain Lion, and 10.7 Lion
* x86-64 Ubuntu 12.04 LTS
* 32-bit Python on 64-bit Windows Server 2008
* 64-bit Python on 64-bit Windows Server 2012
diff --git a/src/cryptography/hazmat/backends/openssl/dsa.py b/src/cryptography/hazmat/backends/openssl/dsa.py
index 4a47947..9488e26 100644
--- a/src/cryptography/hazmat/backends/openssl/dsa.py
+++ b/src/cryptography/hazmat/backends/openssl/dsa.py
@@ -57,11 +57,7 @@
len(self._signature), self._public_key._dsa_cdata)
if res != 1:
- errors = self._backend._consume_errors()
- assert errors
- if res == -1:
- assert errors[0].lib == self._backend._lib.ERR_LIB_ASN1
-
+ self._backend._consume_errors()
raise InvalidSignature
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/cf.py b/src/cryptography/hazmat/bindings/commoncrypto/cf.py
index 6a6dbc4..77d2d7c 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/cf.py
+++ b/src/cryptography/hazmat/bindings/commoncrypto/cf.py
@@ -16,7 +16,7 @@
typedef const void * CFAllocatorRef;
const CFAllocatorRef kCFAllocatorDefault;
-typedef const void * CFDataRef;
+typedef ... *CFDataRef;
typedef signed long long CFIndex;
typedef ... *CFStringRef;
typedef ... *CFArrayRef;
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/secimport.py b/src/cryptography/hazmat/bindings/commoncrypto/secimport.py
index 7ee535d..41a799f 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/secimport.py
+++ b/src/cryptography/hazmat/bindings/commoncrypto/secimport.py
@@ -75,6 +75,8 @@
const SecItemImportExportKeyParameters *,
SecKeychainRef, CFArrayRef *);
OSStatus SecPKCS12Import(CFDataRef, CFDictionaryRef, CFArrayRef *);
+OSStatus SecItemExport(CFTypeRef, SecExternalFormat, SecItemImportExportFlags,
+ const SecItemImportExportKeyParameters *, CFDataRef *);
"""
MACROS = """
diff --git a/src/cryptography/hazmat/bindings/openssl/ssl.py b/src/cryptography/hazmat/bindings/openssl/ssl.py
index 3d6fc42..1aed28d 100644
--- a/src/cryptography/hazmat/bindings/openssl/ssl.py
+++ b/src/cryptography/hazmat/bindings/openssl/ssl.py
@@ -15,6 +15,7 @@
* Internally invented symbols to tell which versions of SSL/TLS are supported.
*/
static const long Cryptography_HAS_SSL2;
+static const long Cryptography_HAS_SSL3_METHOD;
static const long Cryptography_HAS_TLSv1_1;
static const long Cryptography_HAS_TLSv1_2;
static const long Cryptography_HAS_SECURE_RENEGOTIATION;
@@ -384,6 +385,15 @@
static const long Cryptography_HAS_SSL2 = 1;
#endif
+#ifdef OPENSSL_NO_SSL3_METHOD
+static const long Cryptography_HAS_SSL3_METHOD = 0;
+SSL_METHOD* (*SSLv3_method)(void) = NULL;
+SSL_METHOD* (*SSLv3_client_method)(void) = NULL;
+SSL_METHOD* (*SSLv3_server_method)(void) = NULL;
+#else
+static const long Cryptography_HAS_SSL3_METHOD = 1;
+#endif
+
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
static const long Cryptography_HAS_TLSEXT_HOSTNAME = 1;
#else
@@ -554,6 +564,12 @@
"SSLv2_server_method",
],
+ "Cryptography_HAS_SSL3_METHOD": [
+ "SSLv3_method",
+ "SSLv3_client_method",
+ "SSLv3_server_method",
+ ],
+
"Cryptography_HAS_TLSEXT_HOSTNAME": [
"SSL_set_tlsext_host_name",
"SSL_get_servername",