Expose some new DTLS-related constants in OpenSSL.SSL - OP_NO_QUERY_MTU, OP_COOKIE_EXCHANGE, and OP_NO_TICKET.
diff --git a/ChangeLog b/ChangeLog
index dbb5894..fd7b45a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
2008-12-28 Jean-Paul Calderone <exarkun@twistedmatrix.com>
+ * test/test_ssl.py, src/ssl/ssl.c: Expose DTLS-related constants,
+ OP_NO_QUERY_MTU, OP_COOKIE_EXCHANGE, and OP_NO_TICKET.
+
+2008-12-28 Jean-Paul Calderone <exarkun@twistedmatrix.com>
+
* src/ssl/context.c: Add a capath parameter to
Context.load_verify_locations to allow Python code to specify
either or both arguments to the underlying
diff --git a/src/ssl/ssl.c b/src/ssl/ssl.c
index 1f8cbcc..5ce5689 100644
--- a/src/ssl/ssl.c
+++ b/src/ssl/ssl.c
@@ -193,7 +193,20 @@
PyModule_AddIntConstant(module, "OP_NETSCAPE_CA_DN_BUG", SSL_OP_NETSCAPE_CA_DN_BUG);
PyModule_AddIntConstant(module, "OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
- /* For SSL_set_shutdown */
+ /* DTLS related options */
+ PyModule_AddIntConstant(module, "OP_NO_QUERY_MTU", SSL_OP_NO_QUERY_MTU);
+ PyModule_AddIntConstant(module, "OP_COOKIE_EXCHANGE", SSL_OP_COOKIE_EXCHANGE);
+
+
+ /* SSL_OP_NO_TICKET was only added in August 2007. On the outside
+ * chance anyone still cares about using pyOpenSSL with a version of
+ * OpenSSL as old as that (and that the rest of the codebase is free of
+ * impediments towards that goal), make this optional. */
+#ifdef SSL_OP_NO_TICKET
+ PyModule_AddIntConstant(module, "OP_NO_TICKET", SSL_OP_NO_TICKET);
+#endif
+
+ /* For SSL_set_shutdown */
PyModule_AddIntConstant(module, "SENT_SHUTDOWN", SSL_SENT_SHUTDOWN);
PyModule_AddIntConstant(module, "RECEIVED_SHUTDOWN", SSL_RECEIVED_SHUTDOWN);
diff --git a/test/test_ssl.py b/test/test_ssl.py
index de6c5e1..991076b 100644
--- a/test/test_ssl.py
+++ b/test/test_ssl.py
@@ -13,7 +13,7 @@
from OpenSSL.crypto import TYPE_RSA, FILETYPE_PEM, PKey, dump_privatekey, load_certificate, load_privatekey
from OpenSSL.SSL import WantReadError, Context, Connection, Error
from OpenSSL.SSL import SSLv2_METHOD, SSLv3_METHOD, SSLv23_METHOD, TLSv1_METHOD
-from OpenSSL.SSL import VERIFY_PEER
+from OpenSSL.SSL import VERIFY_PEER, OP_NO_QUERY_MTU, OP_COOKIE_EXCHANGE, OP_NO_TICKET
from OpenSSL.test.test_crypto import _Python23TestCaseHelper, cleartextCertificatePEM, cleartextPrivateKeyPEM
@@ -245,3 +245,36 @@
self.assertRaises(TypeError, context.set_default_verify_paths, None)
self.assertRaises(TypeError, context.set_default_verify_paths, 1)
self.assertRaises(TypeError, context.set_default_verify_paths, "")
+
+
+
+class ConstantsTests(TestCase):
+ """
+ Tests for the values of constants exposed in L{OpenSSL.SSL}.
+
+ These are values defined by OpenSSL intended only to be used as flags to
+ OpenSSL APIs. The only assertions it seems can be made about them is
+ their values.
+ """
+ def test_op_no_query_mtu(self):
+ """
+ The value of L{OpenSSL.SSL.OP_NO_QUERY_MTU} is 0x1000, the value of
+ I{SSL_OP_NO_QUERY_MTU} defined by I{openssl/ssl.h}.
+ """
+ self.assertEqual(OP_NO_QUERY_MTU, 0x1000)
+
+
+ def test_op_cookie_exchange(self):
+ """
+ The value of L{OpenSSL.SSL.OP_COOKIE_EXCHANGE} is 0x2000, the value
+ of I{SSL_OP_COOKIE_EXCHANGE} defined by I{openssl/ssl.h}.
+ """
+ self.assertEqual(OP_COOKIE_EXCHANGE, 0x2000)
+
+
+ def test_op_no_ticket(self):
+ """
+ The value of L{OpenSSL.SSL.OP_NO_TICKET} is 0x4000, the value of
+ I{SSL_OP_NO_TICKET} defined by I{openssl/ssl.h}.
+ """
+ self.assertEqual(OP_NO_TICKET, 0x4000)