diff options
author | Victor Stinner <victor.stinner@haypocalc.com> | 2011-05-08 22:42:58 (GMT) |
---|---|---|
committer | Victor Stinner <victor.stinner@haypocalc.com> | 2011-05-08 22:42:58 (GMT) |
commit | 3de49192aa1a76e211a231f662f1926f439cae04 (patch) | |
tree | 7ef4bd5533e7bf02855ec79d51eb8c1ded72797e /Modules | |
parent | 3a0792da6ee18f6307172559fe19c7bb935e9ce6 (diff) | |
download | cpython-3de49192aa1a76e211a231f662f1926f439cae04.zip cpython-3de49192aa1a76e211a231f662f1926f439cae04.tar.gz cpython-3de49192aa1a76e211a231f662f1926f439cae04.tar.bz2 |
Issue #12012: ssl.PROTOCOL_SSLv2 becomes optional
OpenSSL is now compiled with OPENSSL_NO_SSL2 defined (without the SSLv2
protocol) on Debian: fix the ssl module on Debian Testing and Debian Sid.
Optimize also ssl.get_protocol_name(): speed does matter!
Diffstat (limited to 'Modules')
-rw-r--r-- | Modules/_ssl.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 0ae02a1..dc11fc8 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -63,8 +63,10 @@ enum py_ssl_cert_requirements { }; enum py_ssl_version { +#ifndef OPENSSL_NO_SSL2 PY_SSL_VERSION_SSL2, - PY_SSL_VERSION_SSL3, +#endif + PY_SSL_VERSION_SSL3=1, PY_SSL_VERSION_SSL23, PY_SSL_VERSION_TLS1 }; @@ -1447,8 +1449,10 @@ context_new(PyTypeObject *type, PyObject *args, PyObject *kwds) ctx = SSL_CTX_new(TLSv1_method()); else if (proto_version == PY_SSL_VERSION_SSL3) ctx = SSL_CTX_new(SSLv3_method()); +#ifndef OPENSSL_NO_SSL2 else if (proto_version == PY_SSL_VERSION_SSL2) ctx = SSL_CTX_new(SSLv2_method()); +#endif else if (proto_version == PY_SSL_VERSION_SSL23) ctx = SSL_CTX_new(SSLv23_method()); else @@ -2107,8 +2111,10 @@ PyInit__ssl(void) PY_SSL_CERT_REQUIRED); /* protocol versions */ +#ifndef OPENSSL_NO_SSL2 PyModule_AddIntConstant(m, "PROTOCOL_SSLv2", PY_SSL_VERSION_SSL2); +#endif PyModule_AddIntConstant(m, "PROTOCOL_SSLv3", PY_SSL_VERSION_SSL3); PyModule_AddIntConstant(m, "PROTOCOL_SSLv23", |