diff options
| author | Victor Stinner <victor.stinner@haypocalc.com> | 2011-05-09 23:52:03 (GMT) |
|---|---|---|
| committer | Victor Stinner <victor.stinner@haypocalc.com> | 2011-05-09 23:52:03 (GMT) |
| commit | b1241f96190492416ebef457f0e8078fe7f82e60 (patch) | |
| tree | 6b307aa3b5e286cf3dfb32fffa94502bd46d0ac6 /Lib/ssl.py | |
| parent | 2c585f607e9164e4e416414010cbd09a6f361801 (diff) | |
| download | cpython-b1241f96190492416ebef457f0e8078fe7f82e60.zip cpython-b1241f96190492416ebef457f0e8078fe7f82e60.tar.gz cpython-b1241f96190492416ebef457f0e8078fe7f82e60.tar.bz2 | |
(Merge 3.1) Issue #12012: ssl.PROTOCOL_SSLv2 becomes optional
OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2
protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid.
Optimize also ssl.get_protocol_name(): speed does matter!
Diffstat (limited to 'Lib/ssl.py')
| -rw-r--r-- | Lib/ssl.py | 24 |
1 files changed, 13 insertions, 11 deletions
@@ -62,7 +62,6 @@ import _ssl # if we can't import it, let the error propagate from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION from _ssl import SSLError from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED -from _ssl import PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1 from _ssl import RAND_status, RAND_egd, RAND_add from _ssl import \ SSL_ERROR_ZERO_RETURN, \ @@ -74,6 +73,18 @@ from _ssl import \ SSL_ERROR_WANT_CONNECT, \ SSL_ERROR_EOF, \ SSL_ERROR_INVALID_ERROR_CODE +from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1 +_PROTOCOL_NAMES = { + PROTOCOL_TLSv1: "TLSv1", + PROTOCOL_SSLv23: "SSLv23", + PROTOCOL_SSLv3: "SSLv3", +} +try: + from _ssl import PROTOCOL_SSLv2 +except ImportError: + pass +else: + _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2" from socket import socket, _fileobject, _delegate_methods, error as socket_error from socket import getnameinfo as _getnameinfo @@ -425,16 +436,7 @@ def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None): return DER_cert_to_PEM_cert(dercert) def get_protocol_name(protocol_code): - if protocol_code == PROTOCOL_TLSv1: - return "TLSv1" - elif protocol_code == PROTOCOL_SSLv23: - return "SSLv23" - elif protocol_code == PROTOCOL_SSLv2: - return "SSLv2" - elif protocol_code == PROTOCOL_SSLv3: - return "SSLv3" - else: - return "<unknown>" + return _PROTOCOL_NAMES.get(protocol_code, '<unknown>') # a replacement for the old socket.ssl function |