This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author Mitch Lindgren
Recipients Mitch Lindgren, christian.heimes
Date 2020-04-30.22:44:49
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1588286689.77.0.114174844073.issue40457@roundup.psfhosted.org>
In-reply-to
Content 
I'd be happy to work on a patch for this. I think the simplest approach would be to change this block starting on line 3087:

    if (proto_version == PY_SSL_VERSION_TLS1)
        ctx = SSL_CTX_new(TLSv1_method());
#if HAVE_TLSv1_2
    else if (proto_version == PY_SSL_VERSION_TLS1_1)
        ctx = SSL_CTX_new(TLSv1_1_method());
    else if (proto_version == PY_SSL_VERSION_TLS1_2)
        ctx = SSL_CTX_new(TLSv1_2_method());
#endif
#ifndef OPENSSL_NO_SSL3
    else if (proto_version == PY_SSL_VERSION_SSL3)
        ctx = SSL_CTX_new(SSLv3_method());
#endif
#ifndef OPENSSL_NO_SSL2
    else if (proto_version == PY_SSL_VERSION_SSL2)
        ctx = SSL_CTX_new(SSLv2_method());
#endif
    else if (proto_version == PY_SSL_VERSION_TLS) /* SSLv23 */
        ctx = SSL_CTX_new(TLS_method());
    else if (proto_version == PY_SSL_VERSION_TLS_CLIENT)
        ctx = SSL_CTX_new(TLS_client_method());
    else if (proto_version == PY_SSL_VERSION_TLS_SERVER)
        ctx = SSL_CTX_new(TLS_server_method());
    else
        proto_version = -1;

into a switch and add additional #if !defined(OPENSSL_NO_XXX) macros to exclude version-specific methods. Please let me know if this sounds okay.
History
Date User Action Args
2020-04-30 22:44:49Mitch Lindgrensetrecipients: + Mitch Lindgren, christian.heimes
2020-04-30 22:44:49Mitch Lindgrensetmessageid: <1588286689.77.0.114174844073.issue40457@roundup.psfhosted.org>
2020-04-30 22:44:49Mitch Lindgrenlinkissue40457 messages
2020-04-30 22:44:49Mitch Lindgrencreate