diff options
| -rw-r--r-- | Lib/ssl.py | 2 | ||||
| -rw-r--r-- | Lib/test/test_ssl.py | 2 | ||||
| -rw-r--r-- | Misc/NEWS | 4 | ||||
| -rw-r--r-- | Modules/_ssl.c | 34 |
4 files changed, 32 insertions, 10 deletions
@@ -78,6 +78,8 @@ from _ssl import ( from _ssl import HAS_SNI from _ssl import (PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1) +from _ssl import _OPENSSL_API_VERSION + _PROTOCOL_NAMES = { PROTOCOL_TLSv1: "TLSv1", PROTOCOL_SSLv23: "SSLv23", diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py index 5193c15..fd1cd2d 100644 --- a/Lib/test/test_ssl.py +++ b/Lib/test/test_ssl.py @@ -60,7 +60,7 @@ def handle_error(prefix): def can_clear_options(): # 0.9.8m or higher - return ssl.OPENSSL_VERSION_INFO >= (0, 9, 8, 13, 15) + return ssl._OPENSSL_API_VERSION >= (0, 9, 8, 13, 15) def no_sslv2_implies_sslv3_hello(): # 0.9.7h or higher @@ -1004,6 +1004,10 @@ Extension Modules Tests ----- +- Issue #12440: When testing whether some bits in SSLContext.options can be + reset, check the version of the OpenSSL headers Python was compiled against, + rather than the runtime version of the OpenSSL library. + - Issue #11512: Add a test suite for the cgitb module. Patch by Robbie Clemons. - Issue #12497: Install test/data to prevent failures of the various codecmaps diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 3f631e3..d2d2480 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -2101,6 +2101,24 @@ static struct PyModuleDef _sslmodule = { NULL }; + +static void +parse_openssl_version(unsigned long libver, + unsigned int *major, unsigned int *minor, + unsigned int *fix, unsigned int *patch, + unsigned int *status) +{ + *status = libver & 0xF; + libver >>= 4; + *patch = libver & 0xFF; + libver >>= 8; + *fix = libver & 0xFF; + libver >>= 8; + *minor = libver & 0xFF; + libver >>= 8; + *major = libver & 0xFF; +} + PyMODINIT_FUNC PyInit__ssl(void) { @@ -2213,15 +2231,7 @@ PyInit__ssl(void) return NULL; if (PyModule_AddObject(m, "OPENSSL_VERSION_NUMBER", r)) return NULL; - status = libver & 0xF; - libver >>= 4; - patch = libver & 0xFF; - libver >>= 8; - fix = libver & 0xFF; - libver >>= 8; - minor = libver & 0xFF; - libver >>= 8; - major = libver & 0xFF; + parse_openssl_version(libver, &major, &minor, &fix, &patch, &status); r = Py_BuildValue("IIIII", major, minor, fix, patch, status); if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION_INFO", r)) return NULL; @@ -2229,5 +2239,11 @@ PyInit__ssl(void) if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION", r)) return NULL; + libver = OPENSSL_VERSION_NUMBER; + parse_openssl_version(libver, &major, &minor, &fix, &patch, &status); + r = Py_BuildValue("IIIII", major, minor, fix, patch, status); + if (r == NULL || PyModule_AddObject(m, "_OPENSSL_API_VERSION", r)) + return NULL; + return m; } |