--- src/_cffi_src/openssl/bignum.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/bignum.py

@@ -10,17 +10,21 @@ INCLUDES = """

 TYPES = """

 typedef ... BN_CTX;

+typedef ... BN_MONT_CTX;

 typedef ... BIGNUM;

 typedef int... BN_ULONG;

 """

 FUNCTIONS = """

+#define BN_FLG_CONSTTIME ...

+

+void BN_set_flags(BIGNUM *, int);

+

 BIGNUM *BN_new(void);

 void BN_free(BIGNUM *);

 void BN_clear_free(BIGNUM *);

-int BN_rand(BIGNUM *, int, int, int);

-int BN_rand_range(BIGNUM *, BIGNUM *);

+int BN_rand_range(BIGNUM *, const BIGNUM *);

 BN_CTX *BN_CTX_new(void);

 void BN_CTX_free(BN_CTX *);

@@ -29,17 +33,18 @@ void BN_CTX_start(BN_CTX *);

 BIGNUM *BN_CTX_get(BN_CTX *);

 void BN_CTX_end(BN_CTX *);

-BIGNUM *BN_copy(BIGNUM *, const BIGNUM *);

+BN_MONT_CTX *BN_MONT_CTX_new(void);

+int BN_MONT_CTX_set(BN_MONT_CTX *, const BIGNUM *, BN_CTX *);

+void BN_MONT_CTX_free(BN_MONT_CTX *);

+

 BIGNUM *BN_dup(const BIGNUM *);

 int BN_set_word(BIGNUM *, BN_ULONG);

-BN_ULONG BN_get_word(const BIGNUM *);

 const BIGNUM *BN_value_one(void);

 char *BN_bn2hex(const BIGNUM *);

 int BN_hex2bn(BIGNUM **, const char *);

-int BN_dec2bn(BIGNUM **, const char *);

 int BN_bn2bin(const BIGNUM *, unsigned char *);

 BIGNUM *BN_bin2bn(const unsigned char *, int, BIGNUM *);

@@ -49,9 +54,6 @@ int BN_num_bits(const BIGNUM *);

 int BN_cmp(const BIGNUM *, const BIGNUM *);

 int BN_add(BIGNUM *, const BIGNUM *, const BIGNUM *);

 int BN_sub(BIGNUM *, const BIGNUM *, const BIGNUM *);

-int BN_mul(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

-int BN_sqr(BIGNUM *, const BIGNUM *, BN_CTX *);

-int BN_div(BIGNUM *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

 int BN_nnmod(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

 int BN_mod_add(BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *,

                BN_CTX *);

@@ -59,31 +61,17 @@ int BN_mod_sub(BIGNUM *, const BIGNUM *, const BIGNUM 

                BN_CTX *);

 int BN_mod_mul(BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *,

                BN_CTX *);

-int BN_mod_sqr(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

-int BN_exp(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

 int BN_mod_exp(BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *,

                BN_CTX *);

-int BN_gcd(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

+int BN_mod_exp_mont(BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *,

+                    BN_CTX *, BN_MONT_CTX *);

+int BN_mod_exp_mont_consttime(BIGNUM *, const BIGNUM *, const BIGNUM *,

+                              const BIGNUM *, BN_CTX *, BN_MONT_CTX *);

 BIGNUM *BN_mod_inverse(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

-int BN_set_bit(BIGNUM *, int);

-int BN_clear_bit(BIGNUM *, int);

-

-int BN_is_bit_set(const BIGNUM *, int);

-

-int BN_mask_bits(BIGNUM *, int);

-

 int BN_num_bytes(const BIGNUM *);

-int BN_zero(BIGNUM *);

-int BN_one(BIGNUM *);

 int BN_mod(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

-

-int BN_lshift(BIGNUM *, const BIGNUM *, int);

-int BN_lshift1(BIGNUM *, BIGNUM *);

-

-int BN_rshift(BIGNUM *, BIGNUM *, int);

-int BN_rshift1(BIGNUM *, BIGNUM *);

 """

 CUSTOMIZATIONS = """

--- src/_cffi_src/openssl/bio.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/bio.py

@@ -9,142 +9,38 @@ INCLUDES = """

 """

 TYPES = """

-typedef struct bio_st BIO;

-typedef void bio_info_cb(BIO *, int, const char *, int, long, long);

-typedef ... bio_st;

+typedef ... BIO;

 typedef ... BIO_METHOD;

-typedef ... BUF_MEM;

-

-static const int BIO_TYPE_MEM;

-static const int BIO_TYPE_FILE;

-static const int BIO_TYPE_FD;

-static const int BIO_TYPE_SOCKET;

-static const int BIO_TYPE_CONNECT;

-static const int BIO_TYPE_ACCEPT;

-static const int BIO_TYPE_NULL;

-static const int BIO_CLOSE;

-static const int BIO_NOCLOSE;

-static const int BIO_TYPE_SOURCE_SINK;

-static const int BIO_CTRL_RESET;

-static const int BIO_CTRL_EOF;

-static const int BIO_CTRL_SET;

-static const int BIO_CTRL_SET_CLOSE;

-static const int BIO_CTRL_FLUSH;

-static const int BIO_CTRL_DUP;

-static const int BIO_CTRL_GET_CLOSE;

-static const int BIO_CTRL_INFO;

-static const int BIO_CTRL_GET;

-static const int BIO_CTRL_PENDING;

-static const int BIO_CTRL_WPENDING;

-static const int BIO_CTRL_DGRAM_SET_CONNECTED;

-static const int BIO_CTRL_DGRAM_SET_RECV_TIMEOUT;

-static const int BIO_CTRL_DGRAM_GET_RECV_TIMEOUT;

-static const int BIO_CTRL_DGRAM_SET_SEND_TIMEOUT;

-static const int BIO_CTRL_DGRAM_GET_SEND_TIMEOUT;

-static const int BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP;

-static const int BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP;

-static const int BIO_C_FILE_SEEK;

-static const int BIO_C_FILE_TELL;

-static const int BIO_TYPE_NONE;

-static const int BIO_TYPE_NBIO_TEST;

-static const int BIO_TYPE_BIO;

-static const int BIO_TYPE_DESCRIPTOR;

-static const int BIO_FLAGS_READ;

-static const int BIO_FLAGS_WRITE;

-static const int BIO_FLAGS_IO_SPECIAL;

-static const int BIO_FLAGS_RWS;

-static const int BIO_FLAGS_SHOULD_RETRY;

-static const int BIO_TYPE_NULL_FILTER;

-static const int BIO_TYPE_SSL;

-static const int BIO_TYPE_MD;

-static const int BIO_TYPE_BUFFER;

-static const int BIO_TYPE_CIPHER;

-static const int BIO_TYPE_BASE64;

-static const int BIO_TYPE_FILTER;

 """

 FUNCTIONS = """

 int BIO_free(BIO *);

-void BIO_vfree(BIO *);

-void BIO_free_all(BIO *);

-BIO *BIO_push(BIO *, BIO *);

-BIO *BIO_pop(BIO *);

-BIO *BIO_next(BIO *);

-BIO *BIO_find_type(BIO *, int);

 BIO *BIO_new_file(const char *, const char *);

-BIO *BIO_new_fp(FILE *, int);

-BIO *BIO_new_fd(int, int);

-BIO *BIO_new_socket(int, int);

 BIO *BIO_new_dgram(int, int);

-long BIO_ctrl(BIO *, int, long, void *);

-long BIO_callback_ctrl(

-    BIO *,

-    int,

-    void (*)(struct bio_st *, int, const char *, int, long, long)

-);

-long BIO_int_ctrl(BIO *, int, long, int);

 size_t BIO_ctrl_pending(BIO *);

-size_t BIO_ctrl_wpending(BIO *);

 int BIO_read(BIO *, void *, int);

 int BIO_gets(BIO *, char *, int);

 int BIO_write(BIO *, const void *, int);

-int BIO_puts(BIO *, const char *);

-int BIO_method_type(const BIO *);

 /* Added in 1.1.0 */

 int BIO_up_ref(BIO *);

-/* These added const to BIO_METHOD in 1.1.0 */

-BIO *BIO_new(BIO_METHOD *);

+BIO *BIO_new(const BIO_METHOD *);

 BIO_METHOD *BIO_s_mem(void);

-BIO_METHOD *BIO_s_file(void);

-BIO_METHOD *BIO_s_fd(void);

-BIO_METHOD *BIO_s_socket(void);

 BIO_METHOD *BIO_s_datagram(void);

-BIO_METHOD *BIO_s_null(void);

-BIO_METHOD *BIO_f_null(void);

-BIO_METHOD *BIO_f_buffer(void);

-/* BIO_new_mem_buf became const void * in 1.0.2g */

-BIO *BIO_new_mem_buf(void *, int);

-long BIO_set_fd(BIO *, int, long);

-long BIO_get_fd(BIO *, char *);

+BIO *BIO_new_mem_buf(const void *, int);

 long BIO_set_mem_eof_return(BIO *, int);

 long BIO_get_mem_data(BIO *, char **);

-long BIO_set_mem_buf(BIO *, BUF_MEM *, int);

-long BIO_get_mem_ptr(BIO *, BUF_MEM **);

-long BIO_set_fp(BIO *, FILE *, int);

-long BIO_get_fp(BIO *, FILE **);

-long BIO_read_filename(BIO *, char *);

-long BIO_write_filename(BIO *, char *);

-long BIO_append_filename(BIO *, char *);

-long BIO_rw_filename(BIO *, char *);

 int BIO_should_read(BIO *);

 int BIO_should_write(BIO *);

 int BIO_should_io_special(BIO *);

-int BIO_retry_type(BIO *);

 int BIO_should_retry(BIO *);

 int BIO_reset(BIO *);

-int BIO_seek(BIO *, int);

-int BIO_tell(BIO *);

-int BIO_flush(BIO *);

-int BIO_eof(BIO *);

-int BIO_set_close(BIO *,long);

-int BIO_get_close(BIO *);

-int BIO_pending(BIO *);

-int BIO_wpending(BIO *);

-int BIO_get_info_callback(BIO *, bio_info_cb **);

-int BIO_set_info_callback(BIO *, bio_info_cb *);

-long BIO_get_buffer_num_lines(BIO *);

-long BIO_set_read_buffer_size(BIO *, long);

-long BIO_set_write_buffer_size(BIO *, long);

-long BIO_set_buffer_size(BIO *, long);

-long BIO_set_buffer_read_data(BIO *, void *, long);

-long BIO_set_nbio(BIO *, long);

 void BIO_set_retry_read(BIO *);

 void BIO_clear_retry_flags(BIO *);

 """

 CUSTOMIZATIONS = """

-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE4

+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER

 int BIO_up_ref(BIO *b) {

     CRYPTO_add(&b->references, 1, CRYPTO_LOCK_BIO);

     return 1;

--- src/_cffi_src/openssl/callbacks.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/callbacks.py

@@ -11,7 +11,10 @@ INCLUDES = """

 #include <openssl/crypto.h>

 #ifdef _WIN32

+#define WIN32_LEAN_AND_MEAN

 #include <Windows.h>

+#include <Wincrypt.h>

+#include <Winsock2.h>

 #else

 #include <stdio.h>

 #include <stdlib.h>

--- src/_cffi_src/openssl/crypto.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/crypto.py

@@ -143,6 +143,6 @@ void *Cryptography_realloc_wrapper(void *ptr, size_t s

 }

 void Cryptography_free_wrapper(void *ptr, const char *path, int line) {

-    return free(ptr);

+    free(ptr);

 }

 """

--- src/_cffi_src/openssl/cryptography.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/cryptography.py

@@ -22,9 +22,15 @@ INCLUDES = """

 #include <openssl/e_os2.h>

 #endif

 #if defined(_WIN32)

+#define WIN32_LEAN_AND_MEAN

 #include <windows.h>

+#include <Wincrypt.h>

+#include <Winsock2.h>

 #endif

+#define CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER \

+    (CRYPTOGRAPHY_IS_LIBRESSL && LIBRESSL_VERSION_NUMBER >= 0x2070000fL)

+

 #define CRYPTOGRAPHY_OPENSSL_102_OR_GREATER \

     (OPENSSL_VERSION_NUMBER >= 0x10002000 && !CRYPTOGRAPHY_IS_LIBRESSL)

 #define CRYPTOGRAPHY_OPENSSL_102L_OR_GREATER \

@@ -40,12 +46,6 @@ INCLUDES = """

     (OPENSSL_VERSION_NUMBER < 0x1000209f || CRYPTOGRAPHY_IS_LIBRESSL)

 #define CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 \

     (OPENSSL_VERSION_NUMBER < 0x10100000 || CRYPTOGRAPHY_IS_LIBRESSL)

-#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE4 \

-    (OPENSSL_VERSION_NUMBER < 0x10100004 || CRYPTOGRAPHY_IS_LIBRESSL)

-#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 \

-    (OPENSSL_VERSION_NUMBER < 0x10100005 || CRYPTOGRAPHY_IS_LIBRESSL)

-#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE6 \

-    (OPENSSL_VERSION_NUMBER < 0x10100006 || CRYPTOGRAPHY_IS_LIBRESSL)

 """

 TYPES = """

--- src/_cffi_src/openssl/dh.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/dh.py

@@ -45,8 +45,8 @@ int Cryptography_i2d_DHxparams_bio(BIO *bp, DH *x);

 """

 CUSTOMIZATIONS = """

-/* These functions were added in OpenSSL 1.1.0-pre5 (beta2) */

-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5

+/* These functions were added in OpenSSL 1.1.0 */

+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER

 void DH_get0_pqg(const DH *dh,

                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)

 {

--- src/_cffi_src/openssl/dsa.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/dsa.py

@@ -34,8 +34,8 @@ int DSA_generate_parameters_ex(DSA *, int, unsigned ch

 """

 CUSTOMIZATIONS = """

-/* These functions were added in OpenSSL 1.1.0-pre5 (beta2) */

-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5

+/* These functions were added in OpenSSL 1.1.0 */

+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER

 void DSA_get0_pqg(const DSA *d,

                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)

 {

--- src/_cffi_src/openssl/ec.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/ec.py

@@ -27,34 +27,16 @@ typedef struct {

 typedef enum {

     POINT_CONVERSION_COMPRESSED,

     POINT_CONVERSION_UNCOMPRESSED,

-    POINT_CONVERSION_HYBRID,

     ...

 } point_conversion_form_t;

 """

 FUNCTIONS = """

-EC_GROUP *EC_GROUP_new(const EC_METHOD *);

 void EC_GROUP_free(EC_GROUP *);

-void EC_GROUP_clear_free(EC_GROUP *);

-EC_GROUP *EC_GROUP_new_curve_GFp(

-    const BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

-EC_GROUP *EC_GROUP_new_curve_GF2m(

-    const BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

 EC_GROUP *EC_GROUP_new_by_curve_name(int);

-int EC_GROUP_set_curve_GFp(

-    EC_GROUP *, const BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

-int EC_GROUP_get_curve_GFp(

-    const EC_GROUP *, BIGNUM *, BIGNUM *, BIGNUM *, BN_CTX *);

-int EC_GROUP_set_curve_GF2m(

-    EC_GROUP *, const BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

-int EC_GROUP_get_curve_GF2m(

-    const EC_GROUP *, BIGNUM *, BIGNUM *, BIGNUM *, BN_CTX *);

-

 int EC_GROUP_get_degree(const EC_GROUP *);

-void EC_GROUP_set_asn1_flag(EC_GROUP *, int);

-void EC_GROUP_set_point_conversion_form(EC_GROUP *, point_conversion_form_t);

 const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *);

 const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *);

@@ -65,13 +47,7 @@ size_t EC_get_builtin_curves(EC_builtin_curve *, size_

 EC_KEY *EC_KEY_new(void);

 void EC_KEY_free(EC_KEY *);

-int EC_KEY_get_flags(const EC_KEY *);

-void EC_KEY_set_flags(EC_KEY *, int);

-void EC_KEY_clear_flags(EC_KEY *, int);

 EC_KEY *EC_KEY_new_by_curve_name(int);

-EC_KEY *EC_KEY_copy(EC_KEY *, EC_KEY *);

-EC_KEY *EC_KEY_dup(EC_KEY *);

-int EC_KEY_up_ref(EC_KEY *);

 const EC_GROUP *EC_KEY_get0_group(const EC_KEY *);

 int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *, BN_CTX *);

 int EC_KEY_set_group(EC_KEY *, const EC_GROUP *);

@@ -79,31 +55,15 @@ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *);

 int EC_KEY_set_private_key(EC_KEY *, const BIGNUM *);

 const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *);

 int EC_KEY_set_public_key(EC_KEY *, const EC_POINT *);

-unsigned int EC_KEY_get_enc_flags(const EC_KEY *);

-void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int);

-point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *);

-void EC_KEY_set_conv_form(EC_KEY *, point_conversion_form_t);

 void EC_KEY_set_asn1_flag(EC_KEY *, int);

-int EC_KEY_precompute_mult(EC_KEY *, BN_CTX *);

 int EC_KEY_generate_key(EC_KEY *);

-int EC_KEY_check_key(const EC_KEY *);

 int EC_KEY_set_public_key_affine_coordinates(EC_KEY *, BIGNUM *, BIGNUM *);

 EC_POINT *EC_POINT_new(const EC_GROUP *);

 void EC_POINT_free(EC_POINT *);

 void EC_POINT_clear_free(EC_POINT *);

-int EC_POINT_copy(EC_POINT *, const EC_POINT *);

 EC_POINT *EC_POINT_dup(const EC_POINT *, const EC_GROUP *);

-const EC_METHOD *EC_POINT_method_of(const EC_POINT *);

-int EC_POINT_set_to_infinity(const EC_GROUP *, EC_POINT *);

-

-int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *, EC_POINT *,

-    const BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

-

-int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *,

-    const EC_POINT *, BIGNUM *, BIGNUM *, BIGNUM *, BN_CTX *);

-

 int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *, EC_POINT *,

     const BIGNUM *, const BIGNUM *, BN_CTX *);

@@ -129,18 +89,6 @@ size_t EC_POINT_point2oct(const EC_GROUP *, const EC_P

 int EC_POINT_oct2point(const EC_GROUP *, EC_POINT *,

     const unsigned char *, size_t, BN_CTX *);

-BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,

-    point_conversion_form_t form, BIGNUM *, BN_CTX *);

-

-EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *,

-    EC_POINT *, BN_CTX *);

-

-char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,

-    point_conversion_form_t form, BN_CTX *);

-

-EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,

-    EC_POINT *, BN_CTX *);

-

 int EC_POINT_add(const EC_GROUP *, EC_POINT *, const EC_POINT *,

     const EC_POINT *, BN_CTX *);

@@ -152,25 +100,9 @@ int EC_POINT_is_on_curve(const EC_GROUP *, const EC_PO

 int EC_POINT_cmp(

     const EC_GROUP *, const EC_POINT *, const EC_POINT *, BN_CTX *);

-int EC_POINT_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);

-int EC_POINTs_make_affine(const EC_GROUP *, size_t, EC_POINT *[], BN_CTX *);

-

-int EC_POINTs_mul(

-    const EC_GROUP *, EC_POINT *, const BIGNUM *,

-    size_t, const EC_POINT *[], const BIGNUM *[], BN_CTX *);

-

 int EC_POINT_mul(const EC_GROUP *, EC_POINT *, const BIGNUM *,

     const EC_POINT *, const BIGNUM *, BN_CTX *);

-int EC_GROUP_precompute_mult(EC_GROUP *, BN_CTX *);

-int EC_GROUP_have_precompute_mult(const EC_GROUP *);

-

-const EC_METHOD *EC_GFp_simple_method();

-const EC_METHOD *EC_GFp_mont_method();

-const EC_METHOD *EC_GFp_nist_method();

-

-const EC_METHOD *EC_GF2m_simple_method();

-

 int EC_METHOD_get_field_type(const EC_METHOD *);

 const char *EC_curve_nid2nist(int);

@@ -182,8 +114,6 @@ static const long Cryptography_HAS_EC = 1;

 #if defined(OPENSSL_NO_EC2M)

 static const long Cryptography_HAS_EC2M = 0;

-const EC_METHOD *(*EC_GF2m_simple_method)() = NULL;

-

 int (*EC_POINT_set_affine_coordinates_GF2m)(const EC_GROUP *, EC_POINT *,

     const BIGNUM *, const BIGNUM *, BN_CTX *) = NULL;

@@ -192,15 +122,6 @@ int (*EC_POINT_get_affine_coordinates_GF2m)(const EC_G

 int (*EC_POINT_set_compressed_coordinates_GF2m)(const EC_GROUP *, EC_POINT *,

     const BIGNUM *, int, BN_CTX *) = NULL;

-

-int (*EC_GROUP_set_curve_GF2m)(

-    EC_GROUP *, const BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

-

-int (*EC_GROUP_get_curve_GF2m)(

-    const EC_GROUP *, BIGNUM *, BIGNUM *, BIGNUM *, BN_CTX *);

-

-EC_GROUP *(*EC_GROUP_new_curve_GF2m)(

-    const BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);

 #else

 static const long Cryptography_HAS_EC2M = 1;

 #endif

--- src/_cffi_src/openssl/ecdsa.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/ecdsa.py

@@ -24,14 +24,9 @@ void ECDSA_SIG_free(ECDSA_SIG *);

 int i2d_ECDSA_SIG(const ECDSA_SIG *, unsigned char **);

 ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **s, const unsigned char **, long);

 ECDSA_SIG *ECDSA_do_sign(const unsigned char *, int, EC_KEY *);

-ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *, int, const BIGNUM *,

-                            const BIGNUM *, EC_KEY *);

 int ECDSA_do_verify(const unsigned char *, int, const ECDSA_SIG *, EC_KEY *);

-int ECDSA_sign_setup(EC_KEY *, BN_CTX *, BIGNUM **, BIGNUM **);

 int ECDSA_sign(int, const unsigned char *, int, unsigned char *,

                unsigned int *, EC_KEY *);

-int ECDSA_sign_ex(int, const unsigned char *, int dgstlen, unsigned char *,

-                  unsigned int *, const BIGNUM *, const BIGNUM *, EC_KEY *);

 int ECDSA_verify(int, const unsigned char *, int, const unsigned char *, int,

                  EC_KEY *);

 int ECDSA_size(const EC_KEY *);

--- src/_cffi_src/openssl/err.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/err.py

@@ -12,13 +12,6 @@ TYPES = """

 static const int Cryptography_HAS_EC_CODES;

 static const int Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR;

-struct ERR_string_data_st {

-    unsigned long error;

-    const char *string;

-};

-typedef struct ERR_string_data_st ERR_STRING_DATA;

-typedef ... ERR_STATE;

-

 static const int ERR_LIB_DH;

 static const int ERR_LIB_EVP;

 static const int ERR_LIB_EC;

@@ -29,36 +22,6 @@ static const int ERR_LIB_PKCS12;

 static const int ERR_LIB_SSL;

 static const int ERR_LIB_X509;

-static const int ASN1_F_ASN1_EX_C2I;

-static const int ASN1_F_ASN1_FIND_END;

-static const int ASN1_F_ASN1_GENERATE_V3;

-static const int ASN1_F_ASN1_GET_OBJECT;

-static const int ASN1_F_ASN1_ITEM_I2D_FP;

-static const int ASN1_F_ASN1_ITEM_PACK;

-static const int ASN1_F_ASN1_ITEM_SIGN;

-static const int ASN1_F_ASN1_ITEM_UNPACK;

-static const int ASN1_F_ASN1_ITEM_VERIFY;

-static const int ASN1_F_ASN1_MBSTRING_NCOPY;

-static const int ASN1_F_ASN1_TEMPLATE_EX_D2I;

-static const int ASN1_F_ASN1_TEMPLATE_NEW;

-static const int ASN1_F_ASN1_TEMPLATE_NOEXP_D2I;

-static const int ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING;

-static const int ASN1_F_ASN1_TYPE_GET_OCTETSTRING;

-static const int ASN1_F_ASN1_VERIFY;

-static const int ASN1_F_BITSTR_CB;

-static const int ASN1_F_D2I_ASN1_UINTEGER;

-static const int ASN1_F_D2I_PRIVATEKEY;

-static const int ASN1_F_I2D_DSA_PUBKEY;

-static const int ASN1_F_LONG_C2I;

-static const int ASN1_F_OID_MODULE_INIT;

-static const int ASN1_F_PARSE_TAGGING;

-static const int ASN1_F_PKCS5_PBE_SET;

-static const int ASN1_F_B64_READ_ASN1;

-static const int ASN1_F_B64_WRITE_ASN1;

-static const int ASN1_F_SMIME_READ_ASN1;

-static const int ASN1_F_SMIME_TEXT;

-static const int ASN1_F_ASN1_CHECK_TLEN;

-

 static const int ASN1_R_BOOLEAN_IS_WRONG_LENGTH;

 static const int ASN1_R_BUFFER_TOO_SMALL;

 static const int ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER;

@@ -84,33 +47,9 @@ static const int ASN1_R_NO_MULTIPART_BODY_FAILURE;

 static const int ASN1_R_NO_MULTIPART_BOUNDARY;

 static const int ASN1_R_HEADER_TOO_LONG;

-static const int DH_F_COMPUTE_KEY;

-

 static const int DH_R_INVALID_PUBKEY;

-static const int EVP_F_AES_INIT_KEY;

-static const int EVP_F_EVP_CIPHER_CTX_CTRL;

-static const int EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH;

-static const int EVP_F_EVP_CIPHERINIT_EX;

-static const int EVP_F_EVP_DECRYPTFINAL_EX;

-static const int EVP_F_EVP_DIGESTINIT_EX;

 static const int EVP_F_EVP_ENCRYPTFINAL_EX;

-static const int EVP_F_EVP_MD_CTX_COPY_EX;

-static const int EVP_F_EVP_OPENINIT;

-static const int EVP_F_EVP_PBE_ALG_ADD;

-static const int EVP_F_EVP_PBE_CIPHERINIT;

-static const int EVP_F_EVP_PKCS82PKEY;

-static const int EVP_F_EVP_PKEY_COPY_PARAMETERS;

-static const int EVP_F_EVP_PKEY_DECRYPT;

-static const int EVP_F_EVP_PKEY_ENCRYPT;

-static const int EVP_F_EVP_PKEY_NEW;

-static const int EVP_F_EVP_SIGNFINAL;

-static const int EVP_F_EVP_VERIFYFINAL;

-static const int EVP_F_PKCS5_PBE_KEYIVGEN;

-static const int EVP_F_PKCS5_V2_PBE_KEYIVGEN;

-static const int EVP_F_RC2_MAGIC_TO_METH;

-static const int EVP_F_RC5_CTRL;

-static const int EVP_F_CAMELLIA_INIT_KEY;

 static const int EVP_R_AES_KEY_SETUP_FAILED;

 static const int EVP_R_BAD_DECRYPT;

@@ -137,33 +76,8 @@ static const int EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORIT

 static const int EVP_R_WRONG_FINAL_BLOCK_LENGTH;

 static const int EVP_R_CAMELLIA_KEY_SETUP_FAILED;

-static const int EC_F_EC_GROUP_NEW_BY_CURVE_NAME;

-

 static const int EC_R_UNKNOWN_GROUP;

-static const int PEM_F_D2I_PKCS8PRIVATEKEY_BIO;

-static const int PEM_F_D2I_PKCS8PRIVATEKEY_FP;

-static const int PEM_F_DO_PK8PKEY;

-static const int PEM_F_DO_PK8PKEY_FP;

-static const int PEM_F_LOAD_IV;

-static const int PEM_F_PEM_ASN1_READ;

-static const int PEM_F_PEM_ASN1_READ_BIO;

-static const int PEM_F_PEM_ASN1_WRITE;

-static const int PEM_F_PEM_ASN1_WRITE_BIO;

-static const int PEM_F_PEM_DEF_CALLBACK;

-static const int PEM_F_PEM_DO_HEADER;

-static const int PEM_F_PEM_GET_EVP_CIPHER_INFO;

-static const int PEM_F_PEM_READ;

-static const int PEM_F_PEM_READ_BIO;

-static const int PEM_F_PEM_READ_BIO_PRIVATEKEY;

-static const int PEM_F_PEM_READ_PRIVATEKEY;

-static const int PEM_F_PEM_SIGNFINAL;

-static const int PEM_F_PEM_WRITE;

-static const int PEM_F_PEM_WRITE_BIO;

-static const int PEM_F_PEM_X509_INFO_READ;

-static const int PEM_F_PEM_X509_INFO_READ_BIO;

-static const int PEM_F_PEM_X509_INFO_WRITE_BIO;

-

 static const int PEM_R_BAD_BASE64_DECODE;

 static const int PEM_R_BAD_DECRYPT;

 static const int PEM_R_BAD_END_LINE;

@@ -180,8 +94,6 @@ static const int PEM_R_SHORT_HEADER;

 static const int PEM_R_UNSUPPORTED_CIPHER;

 static const int PEM_R_UNSUPPORTED_ENCRYPTION;

-static const int PKCS12_F_PKCS12_PBE_CRYPT;

-

 static const int PKCS12_R_PKCS12_CIPHERFINAL_ERROR;

 static const int RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;

@@ -191,7 +103,6 @@ static const int RSA_R_BLOCK_TYPE_IS_NOT_01;

 static const int RSA_R_BLOCK_TYPE_IS_NOT_02;

 static const int RSA_R_PKCS_DECODING_ERROR;

 static const int RSA_R_OAEP_DECODING_ERROR;

-static const int RSA_F_RSA_SIGN;

 static const int SSL_TLSEXT_ERR_OK;

 static const int SSL_TLSEXT_ERR_ALERT_WARNING;

@@ -235,29 +146,12 @@ void ERR_error_string_n(unsigned long, char *, size_t)

 const char *ERR_lib_error_string(unsigned long);

 const char *ERR_func_error_string(unsigned long);

 const char *ERR_reason_error_string(unsigned long);

-void ERR_print_errors(BIO *);

-void ERR_print_errors_fp(FILE *);

 unsigned long ERR_get_error(void);

 unsigned long ERR_peek_error(void);

 unsigned long ERR_peek_last_error(void);

-unsigned long ERR_get_error_line(const char **, int *);

-unsigned long ERR_peek_error_line(const char **, int *);

-unsigned long ERR_peek_last_error_line(const char **, int *);

-unsigned long ERR_get_error_line_data(const char **, int *,

-                                      const char **, int *);

 void ERR_clear_error(void);

-unsigned long ERR_peek_error_line_data(const char **,

-                                       int *, const char **, int *);

-unsigned long ERR_peek_last_error_line_data(const char **,

-                                            int *, const char **, int *);

 void ERR_put_error(int, int, int, const char *, int);

-void ERR_add_error_data(int, ...);

-int ERR_get_next_error_library(void);

-ERR_STATE *ERR_get_state(void);

-/* ERR_free_strings became a macro in 1.1.0 */

-void ERR_free_strings(void);

-unsigned long ERR_PACK(int, int, int);

 int ERR_GET_LIB(unsigned long);

 int ERR_GET_FUNC(unsigned long);

 int ERR_GET_REASON(unsigned long);

--- src/_cffi_src/openssl/rand.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/rand.py

@@ -13,12 +13,8 @@ static const long Cryptography_HAS_EGD;

 """

 FUNCTIONS = """

-void RAND_seed(const void *, int);

 void RAND_add(const void *, int, double);

 int RAND_status(void);

-const char *RAND_file_name(char *, size_t);

-int RAND_load_file(const char *, long);

-int RAND_write_file(const char *);

 int RAND_bytes(unsigned char *, int);

 /* ERR_load_RAND_strings started returning an int in 1.1.0. Unfortunately we

    can't declare a conditional signature like that. Since it always returns

--- src/_cffi_src/openssl/rsa.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/rsa.py

@@ -12,10 +12,8 @@ TYPES = """

 typedef ... RSA;

 typedef ... BN_GENCB;

 static const int RSA_PKCS1_PADDING;

-static const int RSA_SSLV23_PADDING;

 static const int RSA_NO_PADDING;

 static const int RSA_PKCS1_OAEP_PADDING;

-static const int RSA_X931_PADDING;

 static const int RSA_PKCS1_PSS_PADDING;

 static const int RSA_F4;

@@ -32,7 +30,6 @@ int RSA_generate_key_ex(RSA *, int, BIGNUM *, BN_GENCB

 int RSA_check_key(const RSA *);

 RSA *RSAPublicKey_dup(RSA *);

 int RSA_blinding_on(RSA *, BN_CTX *);

-void RSA_blinding_off(RSA *);

 int RSA_public_encrypt(int, const unsigned char *, unsigned char *,

                        RSA *, int);

 int RSA_private_encrypt(int, const unsigned char *, unsigned char *,

@@ -42,14 +39,6 @@ int RSA_public_decrypt(int, const unsigned char *, uns

 int RSA_private_decrypt(int, const unsigned char *, unsigned char *,

                         RSA *, int);

 int RSA_print(BIO *, const RSA *, int);

-int RSA_verify_PKCS1_PSS(RSA *, const unsigned char *, const EVP_MD *,

-                         const unsigned char *, int);

-int RSA_padding_add_PKCS1_PSS(RSA *, unsigned char *, const unsigned char *,

-                              const EVP_MD *, int);

-int RSA_padding_add_PKCS1_OAEP(unsigned char *, int, const unsigned char *,

-                               int, const unsigned char *, int);

-int RSA_padding_check_PKCS1_OAEP(unsigned char *, int, const unsigned char *,

-                                 int, int, const unsigned char *, int);

 /* added in 1.1.0 when the RSA struct was opaqued */

 int RSA_set0_key(RSA *, BIGNUM *, BIGNUM *, BIGNUM *);

@@ -86,8 +75,8 @@ int (*EVP_PKEY_CTX_set0_rsa_oaep_label)(EVP_PKEY_CTX *

                                         int) = NULL;

 #endif

-/* These functions were added in OpenSSL 1.1.0-pre5 (beta2) */

-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5

+/* These functions were added in OpenSSL 1.1.0 */

+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER

 int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)

 {

     /* If the fields n and e in r are NULL, the corresponding input

--- src/_cffi_src/openssl/ssl.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/ssl.py

@@ -48,6 +48,7 @@ static const long Cryptography_HAS_SSL_OP_NO_TICKET;

 static const long Cryptography_HAS_ALPN;

 static const long Cryptography_HAS_NEXTPROTONEG;

 static const long Cryptography_HAS_SET_CERT_CB;

+static const long Cryptography_HAS_CUSTOM_EXT;

 static const long SSL_FILETYPE_PEM;

 static const long SSL_FILETYPE_ASN1;

@@ -251,7 +252,7 @@ void SSL_CTX_set_psk_server_callback(SSL_CTX *,

                                          SSL *,

                                          const char *,

                                          unsigned char *,

-                                         int

+                                         unsigned int

                                      ));

 void SSL_CTX_set_psk_client_callback(SSL_CTX *,

                                      unsigned int (*)(

@@ -305,6 +306,10 @@ int SSL_CTX_set_ex_data(SSL_CTX *, int, void *);

 SSL_SESSION *SSL_get_session(const SSL *);

 const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *, unsigned int *);

+long SSL_SESSION_get_time(const SSL_SESSION *);

+long SSL_SESSION_get_timeout(const SSL_SESSION *);

+int SSL_SESSION_has_ticket(const SSL_SESSION *);

+long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *);

 /* not a macro, but older OpenSSLs don't pass the args as const */

 char *SSL_CIPHER_description(const SSL_CIPHER *, char *, int);

@@ -396,7 +401,7 @@ void *SSL_get_ex_data(const SSL *, int);

 void SSL_set_tlsext_host_name(SSL *, char *);

 void SSL_CTX_set_tlsext_servername_callback(

     SSL_CTX *,

-    int (*)(const SSL *, int *, void *));

+    int (*)(SSL *, int *, void *));

 void SSL_CTX_set_tlsext_servername_arg(

     SSL_CTX *, void *);

@@ -488,6 +493,35 @@ long Cryptography_DTLSv1_get_timeout(SSL *, time_t *, 

 long DTLSv1_handle_timeout(SSL *);

 long DTLS_set_link_mtu(SSL *, long);

 long DTLS_get_link_min_mtu(SSL *);

+

+/* Custom extensions. */

+typedef int (*custom_ext_add_cb)(SSL *, unsigned int,

+                                 const unsigned char **,

+                                 size_t *, int *,

+                                 void *);

+

+typedef void (*custom_ext_free_cb)(SSL *, unsigned int,

+                                   const unsigned char *,

+                                   void *);

+

+typedef int (*custom_ext_parse_cb)(SSL *, unsigned int,

+                                   const unsigned char *,

+                                   size_t, int *,

+                                   void *);

+

+int SSL_CTX_add_client_custom_ext(SSL_CTX *, unsigned int,

+                                  custom_ext_add_cb,

+                                  custom_ext_free_cb, void *,

+                                  custom_ext_parse_cb,

+                                  void *);

+

+int SSL_CTX_add_server_custom_ext(SSL_CTX *, unsigned int,

+                                  custom_ext_add_cb,

+                                  custom_ext_free_cb, void *,

+                                  custom_ext_parse_cb,

+                                  void *);

+

+int SSL_extension_supported(unsigned int);

 """

 CUSTOMIZATIONS = """

@@ -502,7 +536,7 @@ const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx)

 /* Added in 1.1.0 in the great opaquing, but we need to define it for older

    OpenSSLs. Such is our burden. */

-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110

+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER

 /* from ssl/ssl_lib.c */

 size_t SSL_get_client_random(const SSL *ssl, unsigned char *out, size_t outlen)

 {

@@ -540,6 +574,16 @@ size_t SSL_SESSION_get_master_key(const SSL_SESSION *s

     memcpy(out, session->master_key, outlen);

     return outlen;

 }

+/* from ssl/ssl_sess.c */

+int SSL_SESSION_has_ticket(const SSL_SESSION *s)

+{

+    return (s->tlsext_ticklen > 0) ? 1 : 0;

+}

+/* from ssl/ssl_sess.c */

+unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)

+{

+    return s->tlsext_tick_lifetime_hint;

+}

 #endif

 static const long Cryptography_HAS_SECURE_RENEGOTIATION = 1;

@@ -694,7 +738,7 @@ void (*SSL_CTX_set_psk_server_callback)(SSL_CTX *,

                                             SSL *,

                                             const char *,

                                             unsigned char *,

-                                            int

+                                            unsigned int

                                         )) = NULL;

 void (*SSL_CTX_set_psk_client_callback)(SSL_CTX *,

                                         unsigned int (*)(

@@ -707,5 +751,43 @@ void (*SSL_CTX_set_psk_client_callback)(SSL_CTX *,

                                         )) = NULL;

 #else

 static const long Cryptography_HAS_PSK = 1;

+#endif

+

+/*

+ * Custom extensions were added in 1.0.2. 1.1.1 is adding a more general

+ * SSL_CTX_add_custom_ext function, but we're not binding that yet.

+ */

+#if CRYPTOGRAPHY_OPENSSL_102_OR_GREATER

+static const long Cryptography_HAS_CUSTOM_EXT = 1;

+#else

+static const long Cryptography_HAS_CUSTOM_EXT = 0;

+

+typedef int (*custom_ext_add_cb)(SSL *, unsigned int,

+                                 const unsigned char **,

+                                 size_t *, int *,

+                                 void *);

+

+typedef void (*custom_ext_free_cb)(SSL *, unsigned int,

+                                   const unsigned char *,

+                                   void *);

+

+typedef int (*custom_ext_parse_cb)(SSL *, unsigned int,

+                                   const unsigned char *,

+                                   size_t, int *,

+                                   void *);

+

+int (*SSL_CTX_add_client_custom_ext)(SSL_CTX *, unsigned int,

+                                     custom_ext_add_cb,

+                                     custom_ext_free_cb, void *,

+                                     custom_ext_parse_cb,

+                                     void *) = NULL;

+

+int (*SSL_CTX_add_server_custom_ext)(SSL_CTX *, unsigned int,

+                                     custom_ext_add_cb,

+                                     custom_ext_free_cb, void *,

+                                     custom_ext_parse_cb,

+                                     void *) = NULL;

+

+int (*SSL_extension_supported)(unsigned int) = NULL;

 #endif

 """

--- src/_cffi_src/openssl/x509.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/x509.py

@@ -340,7 +340,7 @@ void X509_REQ_get0_signature(const X509_REQ *, const A

 CUSTOMIZATIONS = """

 /* Added in 1.0.2 beta but we need it in all versions now due to the great

    opaquing. */

-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102

+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER

 /* from x509/x_x509.c version 1.0.2 */

 void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,

                          const X509 *x)

@@ -387,7 +387,17 @@ X509_REVOKED *Cryptography_X509_REVOKED_dup(X509_REVOK

 /* Added in 1.1.0 but we need it in all versions now due to the great

    opaquing. */

 #if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110

+int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp)

+{

+    req->req_info->enc.modified = 1;

+    return i2d_X509_REQ_INFO(req->req_info, pp);

+}

+int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp) {

+    crl->crl->enc.modified = 1;

+    return i2d_X509_CRL_INFO(crl->crl, pp);

+}

+#if !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER

 int X509_up_ref(X509 *x) {

    return CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);

 }

@@ -406,16 +416,6 @@ void X509_REQ_get0_signature(const X509_REQ *req, cons

     if (palg != NULL)

         *palg = req->sig_alg;

 }

-int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp)

-{

-    req->req_info->enc.modified = 1;

-    return i2d_X509_REQ_INFO(req->req_info, pp);

-}

-int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp) {

-    crl->crl->enc.modified = 1;

-    return i2d_X509_CRL_INFO(crl->crl, pp);

-}

-

 void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,

                              const X509_ALGOR **palg)

 {

@@ -432,5 +432,6 @@ const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(con

 {

     return x->serialNumber;

 }

+#endif

 #endif

 """

--- src/_cffi_src/openssl/x509_vfy.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/x509_vfy.py

@@ -246,6 +246,7 @@ static const long X509_V_FLAG_SUITEB_128_LOS_ONLY = 0;

 static const long X509_V_FLAG_SUITEB_192_LOS = 0;

 static const long X509_V_FLAG_SUITEB_128_LOS = 0;

+#if !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER

 int (*X509_VERIFY_PARAM_set1_host)(X509_VERIFY_PARAM *, const char *,

                                    size_t) = NULL;

 int (*X509_VERIFY_PARAM_set1_email)(X509_VERIFY_PARAM *, const char *,

@@ -256,6 +257,7 @@ int (*X509_VERIFY_PARAM_set1_ip_asc)(X509_VERIFY_PARAM

 void (*X509_VERIFY_PARAM_set_hostflags)(X509_VERIFY_PARAM *,

                                         unsigned int) = NULL;

 #endif

+#endif

 /* OpenSSL 1.0.2+ or Solaris's backport */

 #ifdef X509_V_FLAG_PARTIAL_CHAIN

@@ -273,7 +275,7 @@ static const long Cryptography_HAS_X509_V_FLAG_TRUSTED

 static const long X509_V_FLAG_TRUSTED_FIRST = 0;

 #endif

-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE6

+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER

 Cryptography_STACK_OF_X509_OBJECT *X509_STORE_get0_objects(X509_STORE *ctx) {

     return ctx->objs;

 }

@@ -283,9 +285,7 @@ X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *s

 int X509_OBJECT_get_type(const X509_OBJECT *x) {

     return x->type;

 }

-#endif

-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5

 /* from x509/x509_vfy.c */

 X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx)

 {

--- src/_cffi_src/openssl/x509name.py.orig	2018-03-27 14:12:05 UTC

+++ src/_cffi_src/openssl/x509name.py

@@ -40,6 +40,7 @@ int Cryptography_X509_NAME_ENTRY_set(X509_NAME_ENTRY *

 int X509_NAME_entry_count(X509_NAME *);

 X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *, int);

 char *X509_NAME_oneline(X509_NAME *, char *, int);

+int X509_NAME_print_ex(BIO *, X509_NAME *, int, unsigned long);

 /* These became const X509_NAME_ENTRY * in 1.1.0 */

 ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *);