Issue #18777: The ssl module now uses the new CRYPTO_THREADID API of

OpenSSL 1.0.0+ instead of the deprecated CRYPTO id callback function.

2 files changed, 20 insertions, 1 deletions

diff --git a/Misc/NEWS b/Misc/NEWS
index 94b91bc..450f862 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -66,6 +66,9 @@ Core and Builtins
 Library
 -------
 
+- Issue #18777: The ssl module now uses the new CRYPTO_THREADID API of
+  OpenSSL 1.0.0+ instead of the deprecated CRYPTO id callback function.
+
 - Issue #18768: Correct doc string of RAND_edg(). Patch by Vajrasky Kok.
 
 - Issue #18178: Fix ctypes on BSD. dlmalloc.c was compiled twice which broke
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index 98e8975..95ed73d 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -2610,9 +2610,21 @@ static PyMethodDef PySSL_methods[] = {
 
 static PyThread_type_lock *_ssl_locks = NULL;
 
-static unsigned long _ssl_thread_id_function (void) {
+#if OPENSSL_VERSION_NUMBER >= 0x10000000
+/* use new CRYPTO_THREADID API. */
+static void
+_ssl_threadid_callback(CRYPTO_THREADID *id)
+{
+    CRYPTO_THREADID_set_numeric(id,
+                                (unsigned long)PyThread_get_thread_ident());
+}
+#else
+/* deprecated CRYPTO_set_id_callback() API. */
+static unsigned long
+_ssl_thread_id_function (void) {
     return PyThread_get_thread_ident();
 }
+#endif
 
 static void _ssl_thread_locking_function
     (int mode, int n, const char *file, int line) {
@@ -2665,7 +2677,11 @@ static int _setup_ssl_threads(void) {
             }
         }
         CRYPTO_set_locking_callback(_ssl_thread_locking_function);
+#if OPENSSL_VERSION_NUMBER >= 0x10000000
+        CRYPTO_THREADID_set_callback(_ssl_threadid_callback);
+#else
         CRYPTO_set_id_callback(_ssl_thread_id_function);
+#endif
     }
     return 1;
 }