summaryrefslogtreecommitdiffstats
path: root/Modules
diff options
context:
space:
mode:
authorVictor Stinner <victor.stinner@haypocalc.com>2011-05-08 22:42:58 (GMT)
committerVictor Stinner <victor.stinner@haypocalc.com>2011-05-08 22:42:58 (GMT)
commit3de49192aa1a76e211a231f662f1926f439cae04 (patch)
tree7ef4bd5533e7bf02855ec79d51eb8c1ded72797e /Modules
parent3a0792da6ee18f6307172559fe19c7bb935e9ce6 (diff)
downloadcpython-3de49192aa1a76e211a231f662f1926f439cae04.zip
cpython-3de49192aa1a76e211a231f662f1926f439cae04.tar.gz
cpython-3de49192aa1a76e211a231f662f1926f439cae04.tar.bz2
Issue #12012: ssl.PROTOCOL_SSLv2 becomes optional
OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2 protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid. Optimize also ssl.get_protocol_name(): speed does matter!
Diffstat (limited to 'Modules')
-rw-r--r--Modules/_ssl.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index 0ae02a1..dc11fc8 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -63,8 +63,10 @@ enum py_ssl_cert_requirements {
};
enum py_ssl_version {
+#ifndef OPENSSL_NO_SSL2
PY_SSL_VERSION_SSL2,
- PY_SSL_VERSION_SSL3,
+#endif
+ PY_SSL_VERSION_SSL3=1,
PY_SSL_VERSION_SSL23,
PY_SSL_VERSION_TLS1
};
@@ -1447,8 +1449,10 @@ context_new(PyTypeObject *type, PyObject *args, PyObject *kwds)
ctx = SSL_CTX_new(TLSv1_method());
else if (proto_version == PY_SSL_VERSION_SSL3)
ctx = SSL_CTX_new(SSLv3_method());
+#ifndef OPENSSL_NO_SSL2
else if (proto_version == PY_SSL_VERSION_SSL2)
ctx = SSL_CTX_new(SSLv2_method());
+#endif
else if (proto_version == PY_SSL_VERSION_SSL23)
ctx = SSL_CTX_new(SSLv23_method());
else
@@ -2107,8 +2111,10 @@ PyInit__ssl(void)
PY_SSL_CERT_REQUIRED);
/* protocol versions */
+#ifndef OPENSSL_NO_SSL2
PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
PY_SSL_VERSION_SSL2);
+#endif
PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
PY_SSL_VERSION_SSL3);
PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",