From 8fd2d36c1c6da78b2402fcb8bcefdad8428c8bc3 Mon Sep 17 00:00:00 2001 From: "Miss Islington (bot)" <31488909+miss-islington@users.noreply.github.com> Date: Thu, 21 Jul 2022 12:10:53 -0700 Subject: gh-95095: Use SSL_CTX_get_max_proto_version instead of SSL_CTX_ctrl (GH-95096) The wrapper macros are more readable and match the form recommended in the OpenSSL documentation. They also slightly less error-prone, as the mapping of arguments to SSL_CTX_ctrl is not always clear. (Though in this case it's straightforward.) https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_get_max_proto_version.html (cherry picked from commit 936f71e5d4f50f2238b0320d44f7fb5f88e39809) Co-authored-by: David Benjamin --- Modules/_ssl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 51bb2d0..f1bb39f 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -3518,7 +3518,7 @@ set_min_max_proto_version(PySSLContext *self, PyObject *arg, int what) static PyObject * get_minimum_version(PySSLContext *self, void *c) { - int v = SSL_CTX_ctrl(self->ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, NULL); + int v = SSL_CTX_get_min_proto_version(self->ctx); if (v == 0) { v = PY_PROTO_MINIMUM_SUPPORTED; } @@ -3534,7 +3534,7 @@ set_minimum_version(PySSLContext *self, PyObject *arg, void *c) static PyObject * get_maximum_version(PySSLContext *self, void *c) { - int v = SSL_CTX_ctrl(self->ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL); + int v = SSL_CTX_get_max_proto_version(self->ctx); if (v == 0) { v = PY_PROTO_MAXIMUM_SUPPORTED; } -- cgit v0.12