Remove a binding and comments that reference 0.9.8 (#2984)
diff --git a/src/_cffi_src/openssl/bio.py b/src/_cffi_src/openssl/bio.py
index 7014891..eb175a1 100644
--- a/src/_cffi_src/openssl/bio.py
+++ b/src/_cffi_src/openssl/bio.py
@@ -82,6 +82,7 @@
int BIO_gets(BIO *, char *, int);
int BIO_write(BIO *, const void *, int);
int BIO_puts(BIO *, const char *);
+int BIO_method_type(const BIO *);
"""
MACROS = """
@@ -131,10 +132,6 @@
long BIO_set_buffer_size(BIO *, long);
long BIO_set_buffer_read_data(BIO *, void *, long);
long BIO_set_nbio(BIO *, long);
-
-/* The following was a macro in 0.9.8e. Once we drop support for RHEL/CentOS 5
- we should move this back to FUNCTIONS. */
-int BIO_method_type(const BIO *);
"""
CUSTOMIZATIONS = """
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 37621b1..72f5931 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -273,8 +273,7 @@
if (isinstance(mode, CTR) and isinstance(cipher, AES) and
not self._evp_cipher_supported(cipher, mode)):
# This is needed to provide support for AES CTR mode in OpenSSL
- # 0.9.8. It can be removed when we drop 0.9.8 support (RHEL 5
- # extended life ends 2020).
+ # 1.0.0. It can be removed when we drop 1.0.0 support (RHEL 6.4).
return _AESCTRCipherContext(self, cipher, mode)
else:
return _CipherContext(self, cipher, mode, _CipherContext._ENCRYPT)
@@ -283,8 +282,7 @@
if (isinstance(mode, CTR) and isinstance(cipher, AES) and
not self._evp_cipher_supported(cipher, mode)):
# This is needed to provide support for AES CTR mode in OpenSSL
- # 0.9.8. It can be removed when we drop 0.9.8 support (RHEL 5
- # extended life ends 2020).
+ # 1.0.0. It can be removed when we drop 1.0.0 support (RHEL 6.4).
return _AESCTRCipherContext(self, cipher, mode)
else:
return _CipherContext(self, cipher, mode, _CipherContext._DECRYPT)
diff --git a/src/cryptography/hazmat/backends/openssl/dsa.py b/src/cryptography/hazmat/backends/openssl/dsa.py
index 1608df0..20b5f40 100644
--- a/src/cryptography/hazmat/backends/openssl/dsa.py
+++ b/src/cryptography/hazmat/backends/openssl/dsa.py
@@ -17,9 +17,8 @@
"""
This function truncates digests that are longer than a given DS
key's length so they can be signed. OpenSSL does this for us in
- 1.0.0c+ and it isn't needed in 0.9.8, but that leaves us with three
- releases (1.0.0, 1.0.0a, and 1.0.0b) where this is a problem. This
- truncation is not required in 0.9.8 because DSA is limited to SHA-1.
+ 1.0.0c+, leaving us with three releases (1.0.0, 1.0.0a, and 1.0.0b) where
+ this is a problem.
"""
q = backend._ffi.new("BIGNUM **")
diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index a85262d..c0a5600 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py
@@ -76,7 +76,7 @@
assert backend.cipher_supported(None, None) is False
def test_aes_ctr_always_available(self):
- # AES CTR should always be available in both 0.9.8 and 1.0.0+
+ # AES CTR should always be available, even in 1.0.0.
assert backend.cipher_supported(AES(b"\x00" * 16),
CTR(b"\x00" * 16)) is True