Lines 136-142
Link Here
|
136 |
#define HAVE_OPENSSL_CRYPTO_LOCK |
136 |
#define HAVE_OPENSSL_CRYPTO_LOCK |
137 |
#endif |
137 |
#endif |
138 |
|
138 |
|
|
|
139 |
#ifndef OPENSSL_VERSION_1_1 |
139 |
#define TLS_method SSLv23_method |
140 |
#define TLS_method SSLv23_method |
|
|
141 |
#define X509_get0_notBefore X509_get_notBefore |
142 |
#define X509_get0_notAfter X509_get_notAfter |
143 |
#define ASN1_STRING_get0_data ASN1_STRING_data |
144 |
#define OpenSSL_version_num SSLeay |
145 |
#define OpenSSL_version SSLeay_version |
146 |
#define OPENSSL_VERSION SSLEAY_VERSION |
147 |
#endif |
140 |
|
148 |
|
141 |
static int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne) |
149 |
static int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne) |
142 |
{ |
150 |
{ |
Lines 944-950
Link Here
|
944 |
goto fail; |
952 |
goto fail; |
945 |
} |
953 |
} |
946 |
PyTuple_SET_ITEM(t, 0, v); |
954 |
PyTuple_SET_ITEM(t, 0, v); |
947 |
v = PyString_FromStringAndSize((char *)ASN1_STRING_data(as), |
955 |
v = PyString_FromStringAndSize((char *)ASN1_STRING_get0_data(as), |
948 |
ASN1_STRING_length(as)); |
956 |
ASN1_STRING_length(as)); |
949 |
if (v == NULL) { |
957 |
if (v == NULL) { |
950 |
Py_DECREF(t); |
958 |
Py_DECREF(t); |
Lines 1245-1251
Link Here
|
1245 |
Py_DECREF(sn_obj); |
1253 |
Py_DECREF(sn_obj); |
1246 |
|
1254 |
|
1247 |
(void) BIO_reset(biobuf); |
1255 |
(void) BIO_reset(biobuf); |
1248 |
notBefore = X509_get_notBefore(certificate); |
1256 |
notBefore = X509_get0_notBefore(certificate); |
1249 |
ASN1_TIME_print(biobuf, notBefore); |
1257 |
ASN1_TIME_print(biobuf, notBefore); |
1250 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
1258 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
1251 |
if (len < 0) { |
1259 |
if (len < 0) { |
Lines 1262-1268
Link Here
|
1262 |
Py_DECREF(pnotBefore); |
1270 |
Py_DECREF(pnotBefore); |
1263 |
|
1271 |
|
1264 |
(void) BIO_reset(biobuf); |
1272 |
(void) BIO_reset(biobuf); |
1265 |
notAfter = X509_get_notAfter(certificate); |
1273 |
notAfter = X509_get0_notAfter(certificate); |
1266 |
ASN1_TIME_print(biobuf, notAfter); |
1274 |
ASN1_TIME_print(biobuf, notAfter); |
1267 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
1275 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
1268 |
if (len < 0) { |
1276 |
if (len < 0) { |
Lines 2100-2121
Link Here
|
2100 |
return NULL; |
2108 |
return NULL; |
2101 |
|
2109 |
|
2102 |
PySSL_BEGIN_ALLOW_THREADS |
2110 |
PySSL_BEGIN_ALLOW_THREADS |
2103 |
if (proto_version == PY_SSL_VERSION_TLS1) |
2111 |
if (proto_version == PY_SSL_VERSION_TLS1) { |
|
|
2112 |
#ifdef OPENSSL_VERSION_1_1 |
2113 |
ctx = SSL_CTX_new(TLS_method()); |
2114 |
SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION); |
2115 |
#else |
2104 |
ctx = SSL_CTX_new(TLSv1_method()); |
2116 |
ctx = SSL_CTX_new(TLSv1_method()); |
|
|
2117 |
#endif |
2118 |
} |
2105 |
#if HAVE_TLSv1_2 |
2119 |
#if HAVE_TLSv1_2 |
2106 |
else if (proto_version == PY_SSL_VERSION_TLS1_1) |
2120 |
else if (proto_version == PY_SSL_VERSION_TLS1_1) { |
|
|
2121 |
#ifdef OPENSSL_VERSION_1_1 |
2122 |
ctx = SSL_CTX_new(TLS_method()); |
2123 |
SSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION); |
2124 |
#else |
2107 |
ctx = SSL_CTX_new(TLSv1_1_method()); |
2125 |
ctx = SSL_CTX_new(TLSv1_1_method()); |
2108 |
else if (proto_version == PY_SSL_VERSION_TLS1_2) |
2126 |
#endif |
|
|
2127 |
} |
2128 |
else if (proto_version == PY_SSL_VERSION_TLS1_2) { |
2129 |
#ifdef OPENSSL_VERSION_1_1 |
2130 |
ctx = SSL_CTX_new(TLS_method()); |
2131 |
SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION); |
2132 |
#else |
2109 |
ctx = SSL_CTX_new(TLSv1_2_method()); |
2133 |
ctx = SSL_CTX_new(TLSv1_2_method()); |
2110 |
#endif |
2134 |
#endif |
|
|
2135 |
} |
2136 |
#endif |
2111 |
#ifndef OPENSSL_NO_SSL3 |
2137 |
#ifndef OPENSSL_NO_SSL3 |
2112 |
else if (proto_version == PY_SSL_VERSION_SSL3) |
2138 |
else if (proto_version == PY_SSL_VERSION_SSL3) { |
|
|
2139 |
#ifdef OPENSSL_VERSION_1_1 |
2140 |
ctx = SSL_CTX_new(TLS_method()); |
2141 |
SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION); |
2142 |
#else |
2113 |
ctx = SSL_CTX_new(SSLv3_method()); |
2143 |
ctx = SSL_CTX_new(SSLv3_method()); |
2114 |
#endif |
2144 |
#endif |
|
|
2145 |
} |
2146 |
#endif |
2115 |
#ifndef OPENSSL_NO_SSL2 |
2147 |
#ifndef OPENSSL_NO_SSL2 |
2116 |
else if (proto_version == PY_SSL_VERSION_SSL2) |
2148 |
else if (proto_version == PY_SSL_VERSION_SSL2) { |
|
|
2149 |
#ifdef OPENSSL_VERSION_1_1 |
2150 |
ctx = SSL_CTX_new(TLS_method()); |
2151 |
SSL_CTX_set_min_proto_version(ctx, SSL2_VERSION); |
2152 |
#else |
2117 |
ctx = SSL_CTX_new(SSLv2_method()); |
2153 |
ctx = SSL_CTX_new(SSLv2_method()); |
2118 |
#endif |
2154 |
#endif |
|
|
2155 |
} |
2156 |
#endif |
2119 |
else if (proto_version == PY_SSL_VERSION_TLS) |
2157 |
else if (proto_version == PY_SSL_VERSION_TLS) |
2120 |
ctx = SSL_CTX_new(TLS_method()); |
2158 |
ctx = SSL_CTX_new(TLS_method()); |
2121 |
else |
2159 |
else |
Lines 4081-4088
Link Here
|
4081 |
return; |
4119 |
return; |
4082 |
|
4120 |
|
4083 |
/* Init OpenSSL */ |
4121 |
/* Init OpenSSL */ |
|
|
4122 |
#ifdef OPENSSL_VERSION_1_1 |
4123 |
OPENSSL_init_ssl(0, NULL); |
4124 |
#else |
4084 |
SSL_load_error_strings(); |
4125 |
SSL_load_error_strings(); |
4085 |
SSL_library_init(); |
4126 |
SSL_library_init(); |
|
|
4127 |
#endif |
4086 |
#ifdef WITH_THREAD |
4128 |
#ifdef WITH_THREAD |
4087 |
#ifdef HAVE_OPENSSL_CRYPTO_LOCK |
4129 |
#ifdef HAVE_OPENSSL_CRYPTO_LOCK |
4088 |
/* note that this will start threading if not already started */ |
4130 |
/* note that this will start threading if not already started */ |
Lines 4094-4101
Link Here
|
4094 |
_ssl_locks_count++; |
4136 |
_ssl_locks_count++; |
4095 |
#endif |
4137 |
#endif |
4096 |
#endif /* WITH_THREAD */ |
4138 |
#endif /* WITH_THREAD */ |
|
|
4139 |
#ifndef OPENSSL_VERSION_1_1 |
4097 |
OpenSSL_add_all_algorithms(); |
4140 |
OpenSSL_add_all_algorithms(); |
4098 |
|
4141 |
#endif |
4099 |
/* Add symbols to module dict */ |
4142 |
/* Add symbols to module dict */ |
4100 |
PySSLErrorObject = PyErr_NewExceptionWithDoc( |
4143 |
PySSLErrorObject = PyErr_NewExceptionWithDoc( |
4101 |
"ssl.SSLError", SSLError_doc, |
4144 |
"ssl.SSLError", SSLError_doc, |
Lines 4364-4373
Link Here
|
4364 |
return; |
4407 |
return; |
4365 |
|
4408 |
|
4366 |
/* OpenSSL version */ |
4409 |
/* OpenSSL version */ |
4367 |
/* SSLeay() gives us the version of the library linked against, |
4410 |
/* OpenSSL_version_num() gives us the version of the library linked against, |
4368 |
which could be different from the headers version. |
4411 |
which could be different from the headers version. |
4369 |
*/ |
4412 |
*/ |
4370 |
libver = SSLeay(); |
4413 |
libver = OpenSSL_version_num(); |
4371 |
r = PyLong_FromUnsignedLong(libver); |
4414 |
r = PyLong_FromUnsignedLong(libver); |
4372 |
if (r == NULL) |
4415 |
if (r == NULL) |
4373 |
return; |
4416 |
return; |
Lines 4377-4383
Link Here
|
4377 |
r = Py_BuildValue("IIIII", major, minor, fix, patch, status); |
4420 |
r = Py_BuildValue("IIIII", major, minor, fix, patch, status); |
4378 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION_INFO", r)) |
4421 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION_INFO", r)) |
4379 |
return; |
4422 |
return; |
4380 |
r = PyString_FromString(SSLeay_version(SSLEAY_VERSION)); |
4423 |
r = PyString_FromString(OpenSSL_version(OPENSSL_VERSION)); |
4381 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION", r)) |
4424 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION", r)) |
4382 |
return; |
4425 |
return; |
4383 |
|
4426 |
|