Message367797
I'd be happy to work on a patch for this. I think the simplest approach would be to change this block starting on line 3087:
if (proto_version == PY_SSL_VERSION_TLS1)
ctx = SSL_CTX_new(TLSv1_method());
#if HAVE_TLSv1_2
else if (proto_version == PY_SSL_VERSION_TLS1_1)
ctx = SSL_CTX_new(TLSv1_1_method());
else if (proto_version == PY_SSL_VERSION_TLS1_2)
ctx = SSL_CTX_new(TLSv1_2_method());
#endif
#ifndef OPENSSL_NO_SSL3
else if (proto_version == PY_SSL_VERSION_SSL3)
ctx = SSL_CTX_new(SSLv3_method());
#endif
#ifndef OPENSSL_NO_SSL2
else if (proto_version == PY_SSL_VERSION_SSL2)
ctx = SSL_CTX_new(SSLv2_method());
#endif
else if (proto_version == PY_SSL_VERSION_TLS) /* SSLv23 */
ctx = SSL_CTX_new(TLS_method());
else if (proto_version == PY_SSL_VERSION_TLS_CLIENT)
ctx = SSL_CTX_new(TLS_client_method());
else if (proto_version == PY_SSL_VERSION_TLS_SERVER)
ctx = SSL_CTX_new(TLS_server_method());
else
proto_version = -1;
into a switch and add additional #if !defined(OPENSSL_NO_XXX) macros to exclude version-specific methods. Please let me know if this sounds okay. |
|
Date |
User |
Action |
Args |
2020-04-30 22:44:49 | Mitch Lindgren | set | recipients:
+ Mitch Lindgren, christian.heimes |
2020-04-30 22:44:49 | Mitch Lindgren | set | messageid: <1588286689.77.0.114174844073.issue40457@roundup.psfhosted.org> |
2020-04-30 22:44:49 | Mitch Lindgren | link | issue40457 messages |
2020-04-30 22:44:49 | Mitch Lindgren | create | |
|