diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2020-07-20 22:58:57 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-07-20 21:58:57 -0500 |
| commit | f7bc5ef7c3e585662c0c29ba9478995c6630e5bd (patch) | |
| tree | 3307d41e7fd10fa92af02e9942f6d04725d6c3bd /src | |
| parent | 82da2316f1e5d18d02b2ab5ed7353a020f2ccaa1 (diff) | |
| download | cryptography-f7bc5ef7c3e585662c0c29ba9478995c6630e5bd.tar.gz | |
fixes #5321 -- deprecate support for OpenSSL 1.0.2 (#5333)
Diffstat (limited to 'src')
| -rw-r--r-- | src/_cffi_src/openssl/cryptography.py | 1 | ||||
| -rw-r--r-- | src/cryptography/hazmat/bindings/openssl/binding.py | 16 |
2 files changed, 17 insertions, 0 deletions
diff --git a/src/_cffi_src/openssl/cryptography.py b/src/_cffi_src/openssl/cryptography.py index 369c23c74..bae7da3ad 100644 --- a/src/_cffi_src/openssl/cryptography.py +++ b/src/_cffi_src/openssl/cryptography.py @@ -66,6 +66,7 @@ static const int CRYPTOGRAPHY_OPENSSL_110_OR_GREATER; static const int CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER; static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_102I; +static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_110; static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111; static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B; static const int CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE; diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index fbe5ca9a5..398cfd55a 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -7,6 +7,7 @@ from __future__ import absolute_import, division, print_function import collections import threading import types +import warnings import cryptography from cryptography import utils @@ -153,6 +154,19 @@ class Binding(object): _openssl_assert(cls.lib, res == 1) +def _verify_openssl_version(lib): + if ( + lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 + and not lib.CRYPTOGRAPHY_IS_LIBRESSL + ): + warnings.warn( + "OpenSSL version 1.0.2 is no longer supported by the OpenSSL " + "project, please upgrade. A future version of cryptography will " + "drop support for it.", + utils.CryptographyDeprecationWarning, + ) + + def _verify_package_version(version): # Occasionally we run into situations where the version of the Python # package does not match the version of the shared object that is loaded. @@ -182,3 +196,5 @@ _verify_package_version(cryptography.__version__) # condition registering the OpenSSL locks. On Python 3.4+ the import lock # is per module so this approach will not work. Binding.init_static_locks() + +_verify_openssl_version(Binding.lib) |