Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add SSL_CTX_(get|set)_keylog_callback #5187

Merged
merged 2 commits into from
Apr 12, 2020
Merged

add SSL_CTX_(get|set)_keylog_callback #5187

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b7ba87c
add SSL_CTX_(get|set)_keylog_callback
mhils Apr 3, 2020
2fdb226
For travis
alex Apr 11, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions src/_cffi_src/openssl/ssl.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@
static const long Cryptography_HAS_PSK;
static const long Cryptography_HAS_CIPHER_DETAILS;
static const long Cryptography_HAS_VERIFIED_CHAIN;
static const long Cryptography_HAS_KEYLOG;

/* Internally invented symbol to tell us if SNI is supported */
static const long Cryptography_HAS_TLSEXT_HOSTNAME;
Expand Down Expand Up @@ -285,6 +286,10 @@
void SSL_CTX_set_info_callback(SSL_CTX *, void (*)(const SSL *, int, int));
void (*SSL_CTX_get_info_callback(SSL_CTX *))(const SSL *, int, int);

void SSL_CTX_set_keylog_callback(SSL_CTX *,
void (*)(const SSL *, const char *));
void (*SSL_CTX_get_keylog_callback(SSL_CTX *))(const SSL *, const char *);

long SSL_CTX_set1_sigalgs_list(SSL_CTX *, const char *);

/* SSL_SESSION */
Expand Down Expand Up @@ -568,6 +573,19 @@
static const long Cryptography_HAS_VERIFIED_CHAIN = 1;
#endif

#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_111
static const long Cryptography_HAS_KEYLOG = 0;
void (*SSL_CTX_set_keylog_callback)(SSL_CTX *,
void (*) (const SSL *, const char *)
) = NULL;
void (*(*SSL_CTX_get_keylog_callback)(SSL_CTX *))(
const SSL *,
const char *
) = NULL;
#else
static const long Cryptography_HAS_KEYLOG = 1;
#endif

/* Added in 1.1.0 in the great opaquing, but we need to define it for older
OpenSSLs. Such is our burden. */
#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_IS_LIBRESSL
Expand Down
8 changes: 8 additions & 0 deletions src/cryptography/hazmat/bindings/openssl/_conditional.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -270,6 +270,13 @@ def cryptography_has_tlsv13():
]


def cryptography_has_keylog():
return [
"SSL_CTX_set_keylog_callback",
"SSL_CTX_get_keylog_callback",
]


def cryptography_has_raw_key():
return [
"EVP_PKEY_new_raw_private_key",
Expand Down Expand Up @@ -356,6 +363,7 @@ def cryptography_has_verified_chain():
"Cryptography_HAS_OPENSSL_CLEANUP": cryptography_has_openssl_cleanup,
"Cryptography_HAS_CIPHER_DETAILS": cryptography_has_cipher_details,
"Cryptography_HAS_TLSv1_3": cryptography_has_tlsv13,
"Cryptography_HAS_KEYLOG": cryptography_has_keylog,
"Cryptography_HAS_RAW_KEY": cryptography_has_raw_key,
"Cryptography_HAS_EVP_DIGESTFINAL_XOF": (
cryptography_has_evp_digestfinal_xof
Expand Down