# HG changeset patch # User Paul Kehrer <paul.l.kehrer@gmail.com> # Date 1594003411 18000 # Sun Jul 05 21:43:31 2020 -0500 # Node ID d1eb32b2aca9f012facf1ee2d9c4402efcae5ab6 # Parent 00ba75d4fc4f2cd9f3e6cbdd7881433fe72c9a29 remove NPN bindings -- you should be using ALPN! (#4765) * remove NPN bindings -- you should be using ALPN! pyOpenSSL consumed these, but we've marked it as deprecated and it already handles the case where the bindings are not available. * set Cryptography_HAS_NEXTPROTONEG to 0 for pyOpenSSL we can remove this symbol in like...5 years. * remove another NPN related definition * suspicious * Revert "remove another NPN related definition" This reverts commit d872a7d1d776858c77b8c607f63cc9b5fef1ae39. Revert "suspicious" This reverts commit 5b767484f1cde132f686600a46e61a18e33cbdae. diff --git a/src/_cffi_src/openssl/ssl.py b/src/_cffi_src/openssl/ssl.py --- a/src/_cffi_src/openssl/ssl.py +++ b/src/_cffi_src/openssl/ssl.py @@ -139,8 +139,6 @@ static const long TLS_ST_BEFORE; static const long TLS_ST_OK; -static const long OPENSSL_NPN_NEGOTIATED; - typedef ... SSL_METHOD; typedef ... SSL_CTX; @@ -440,25 +438,9 @@ long SSL_session_reused(SSL *); -void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *, - int (*)(SSL *, - const unsigned char **, - unsigned int *, - void *), - void *); -void SSL_CTX_set_next_proto_select_cb(SSL_CTX *, - int (*)(SSL *, - unsigned char **, - unsigned char *, - const unsigned char *, - unsigned int, - void *), - void *); int SSL_select_next_proto(unsigned char **, unsigned char *, const unsigned char *, unsigned int, const unsigned char *, unsigned int); -void SSL_get0_next_proto_negotiated(const SSL *, - const unsigned char **, unsigned *); int sk_SSL_CIPHER_num(Cryptography_STACK_OF_SSL_CIPHER *); const SSL_CIPHER *sk_SSL_CIPHER_value(Cryptography_STACK_OF_SSL_CIPHER *, int); @@ -665,7 +647,7 @@ static const long Cryptography_HAS_SSL_OP_MSIE_SSLV2_RSA_PADDING = 1; static const long Cryptography_HAS_SSL_OP_NO_TICKET = 1; static const long Cryptography_HAS_SSL_SET_SSL_CTX = 1; -static const long Cryptography_HAS_NEXTPROTONEG = 1; +static const long Cryptography_HAS_NEXTPROTONEG = 0; static const long Cryptography_HAS_ALPN = 1; #if CRYPTOGRAPHY_IS_LIBRESSL