|
Lines 136-142
Link Here
|
| 136 |
#define HAVE_OPENSSL_CRYPTO_LOCK |
136 |
#define HAVE_OPENSSL_CRYPTO_LOCK |
| 137 |
#endif |
137 |
#endif |
| 138 |
|
138 |
|
|
|
139 |
#ifndef OPENSSL_VERSION_1_1 |
| 139 |
#define TLS_method SSLv23_method |
140 |
#define TLS_method SSLv23_method |
|
|
141 |
#define X509_get0_notBefore X509_get_notBefore |
| 142 |
#define X509_get0_notAfter X509_get_notAfter |
| 143 |
#define ASN1_STRING_get0_data ASN1_STRING_data |
| 144 |
#define OpenSSL_version_num SSLeay |
| 145 |
#define OpenSSL_version SSLeay_version |
| 146 |
#define OPENSSL_VERSION SSLEAY_VERSION |
| 147 |
#endif |
| 140 |
|
148 |
|
| 141 |
static int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne) |
149 |
static int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne) |
| 142 |
{ |
150 |
{ |
|
Lines 944-950
Link Here
|
| 944 |
goto fail; |
952 |
goto fail; |
| 945 |
} |
953 |
} |
| 946 |
PyTuple_SET_ITEM(t, 0, v); |
954 |
PyTuple_SET_ITEM(t, 0, v); |
| 947 |
v = PyString_FromStringAndSize((char *)ASN1_STRING_data(as), |
955 |
v = PyString_FromStringAndSize((char *)ASN1_STRING_get0_data(as), |
| 948 |
ASN1_STRING_length(as)); |
956 |
ASN1_STRING_length(as)); |
| 949 |
if (v == NULL) { |
957 |
if (v == NULL) { |
| 950 |
Py_DECREF(t); |
958 |
Py_DECREF(t); |
|
Lines 1245-1251
Link Here
|
| 1245 |
Py_DECREF(sn_obj); |
1253 |
Py_DECREF(sn_obj); |
| 1246 |
|
1254 |
|
| 1247 |
(void) BIO_reset(biobuf); |
1255 |
(void) BIO_reset(biobuf); |
| 1248 |
notBefore = X509_get_notBefore(certificate); |
1256 |
notBefore = X509_get0_notBefore(certificate); |
| 1249 |
ASN1_TIME_print(biobuf, notBefore); |
1257 |
ASN1_TIME_print(biobuf, notBefore); |
| 1250 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
1258 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
| 1251 |
if (len < 0) { |
1259 |
if (len < 0) { |
|
Lines 1262-1268
Link Here
|
| 1262 |
Py_DECREF(pnotBefore); |
1270 |
Py_DECREF(pnotBefore); |
| 1263 |
|
1271 |
|
| 1264 |
(void) BIO_reset(biobuf); |
1272 |
(void) BIO_reset(biobuf); |
| 1265 |
notAfter = X509_get_notAfter(certificate); |
1273 |
notAfter = X509_get0_notAfter(certificate); |
| 1266 |
ASN1_TIME_print(biobuf, notAfter); |
1274 |
ASN1_TIME_print(biobuf, notAfter); |
| 1267 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
1275 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
| 1268 |
if (len < 0) { |
1276 |
if (len < 0) { |
|
Lines 2100-2121
Link Here
|
| 2100 |
return NULL; |
2108 |
return NULL; |
| 2101 |
|
2109 |
|
| 2102 |
PySSL_BEGIN_ALLOW_THREADS |
2110 |
PySSL_BEGIN_ALLOW_THREADS |
| 2103 |
if (proto_version == PY_SSL_VERSION_TLS1) |
2111 |
if (proto_version == PY_SSL_VERSION_TLS1) { |
|
|
2112 |
#ifdef OPENSSL_VERSION_1_1 |
| 2113 |
ctx = SSL_CTX_new(TLS_method()); |
| 2114 |
SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION); |
| 2115 |
#else |
| 2104 |
ctx = SSL_CTX_new(TLSv1_method()); |
2116 |
ctx = SSL_CTX_new(TLSv1_method()); |
|
|
2117 |
#endif |
| 2118 |
} |
| 2105 |
#if HAVE_TLSv1_2 |
2119 |
#if HAVE_TLSv1_2 |
| 2106 |
else if (proto_version == PY_SSL_VERSION_TLS1_1) |
2120 |
else if (proto_version == PY_SSL_VERSION_TLS1_1) { |
|
|
2121 |
#ifdef OPENSSL_VERSION_1_1 |
| 2122 |
ctx = SSL_CTX_new(TLS_method()); |
| 2123 |
SSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION); |
| 2124 |
#else |
| 2107 |
ctx = SSL_CTX_new(TLSv1_1_method()); |
2125 |
ctx = SSL_CTX_new(TLSv1_1_method()); |
| 2108 |
else if (proto_version == PY_SSL_VERSION_TLS1_2) |
2126 |
#endif |
|
|
2127 |
} |
| 2128 |
else if (proto_version == PY_SSL_VERSION_TLS1_2) { |
| 2129 |
#ifdef OPENSSL_VERSION_1_1 |
| 2130 |
ctx = SSL_CTX_new(TLS_method()); |
| 2131 |
SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION); |
| 2132 |
#else |
| 2109 |
ctx = SSL_CTX_new(TLSv1_2_method()); |
2133 |
ctx = SSL_CTX_new(TLSv1_2_method()); |
| 2110 |
#endif |
2134 |
#endif |
|
|
2135 |
} |
| 2136 |
#endif |
| 2111 |
#ifndef OPENSSL_NO_SSL3 |
2137 |
#ifndef OPENSSL_NO_SSL3 |
| 2112 |
else if (proto_version == PY_SSL_VERSION_SSL3) |
2138 |
else if (proto_version == PY_SSL_VERSION_SSL3) { |
|
|
2139 |
#ifdef OPENSSL_VERSION_1_1 |
| 2140 |
ctx = SSL_CTX_new(TLS_method()); |
| 2141 |
SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION); |
| 2142 |
#else |
| 2113 |
ctx = SSL_CTX_new(SSLv3_method()); |
2143 |
ctx = SSL_CTX_new(SSLv3_method()); |
| 2114 |
#endif |
2144 |
#endif |
|
|
2145 |
} |
| 2146 |
#endif |
| 2115 |
#ifndef OPENSSL_NO_SSL2 |
2147 |
#ifndef OPENSSL_NO_SSL2 |
| 2116 |
else if (proto_version == PY_SSL_VERSION_SSL2) |
2148 |
else if (proto_version == PY_SSL_VERSION_SSL2) { |
|
|
2149 |
#ifdef OPENSSL_VERSION_1_1 |
| 2150 |
ctx = SSL_CTX_new(TLS_method()); |
| 2151 |
SSL_CTX_set_min_proto_version(ctx, SSL2_VERSION); |
| 2152 |
#else |
| 2117 |
ctx = SSL_CTX_new(SSLv2_method()); |
2153 |
ctx = SSL_CTX_new(SSLv2_method()); |
| 2118 |
#endif |
2154 |
#endif |
|
|
2155 |
} |
| 2156 |
#endif |
| 2119 |
else if (proto_version == PY_SSL_VERSION_TLS) |
2157 |
else if (proto_version == PY_SSL_VERSION_TLS) |
| 2120 |
ctx = SSL_CTX_new(TLS_method()); |
2158 |
ctx = SSL_CTX_new(TLS_method()); |
| 2121 |
else |
2159 |
else |
|
Lines 4081-4088
Link Here
|
| 4081 |
return; |
4119 |
return; |
| 4082 |
|
4120 |
|
| 4083 |
/* Init OpenSSL */ |
4121 |
/* Init OpenSSL */ |
|
|
4122 |
#ifdef OPENSSL_VERSION_1_1 |
| 4123 |
OPENSSL_init_ssl(0, NULL); |
| 4124 |
#else |
| 4084 |
SSL_load_error_strings(); |
4125 |
SSL_load_error_strings(); |
| 4085 |
SSL_library_init(); |
4126 |
SSL_library_init(); |
|
|
4127 |
#endif |
| 4086 |
#ifdef WITH_THREAD |
4128 |
#ifdef WITH_THREAD |
| 4087 |
#ifdef HAVE_OPENSSL_CRYPTO_LOCK |
4129 |
#ifdef HAVE_OPENSSL_CRYPTO_LOCK |
| 4088 |
/* note that this will start threading if not already started */ |
4130 |
/* note that this will start threading if not already started */ |
|
Lines 4094-4101
Link Here
|
| 4094 |
_ssl_locks_count++; |
4136 |
_ssl_locks_count++; |
| 4095 |
#endif |
4137 |
#endif |
| 4096 |
#endif /* WITH_THREAD */ |
4138 |
#endif /* WITH_THREAD */ |
|
|
4139 |
#ifndef OPENSSL_VERSION_1_1 |
| 4097 |
OpenSSL_add_all_algorithms(); |
4140 |
OpenSSL_add_all_algorithms(); |
| 4098 |
|
4141 |
#endif |
| 4099 |
/* Add symbols to module dict */ |
4142 |
/* Add symbols to module dict */ |
| 4100 |
PySSLErrorObject = PyErr_NewExceptionWithDoc( |
4143 |
PySSLErrorObject = PyErr_NewExceptionWithDoc( |
| 4101 |
"ssl.SSLError", SSLError_doc, |
4144 |
"ssl.SSLError", SSLError_doc, |
|
Lines 4364-4373
Link Here
|
| 4364 |
return; |
4407 |
return; |
| 4365 |
|
4408 |
|
| 4366 |
/* OpenSSL version */ |
4409 |
/* OpenSSL version */ |
| 4367 |
/* SSLeay() gives us the version of the library linked against, |
4410 |
/* OpenSSL_version_num() gives us the version of the library linked against, |
| 4368 |
which could be different from the headers version. |
4411 |
which could be different from the headers version. |
| 4369 |
*/ |
4412 |
*/ |
| 4370 |
libver = SSLeay(); |
4413 |
libver = OpenSSL_version_num(); |
| 4371 |
r = PyLong_FromUnsignedLong(libver); |
4414 |
r = PyLong_FromUnsignedLong(libver); |
| 4372 |
if (r == NULL) |
4415 |
if (r == NULL) |
| 4373 |
return; |
4416 |
return; |
|
Lines 4377-4383
Link Here
|
| 4377 |
r = Py_BuildValue("IIIII", major, minor, fix, patch, status); |
4420 |
r = Py_BuildValue("IIIII", major, minor, fix, patch, status); |
| 4378 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION_INFO", r)) |
4421 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION_INFO", r)) |
| 4379 |
return; |
4422 |
return; |
| 4380 |
r = PyString_FromString(SSLeay_version(SSLEAY_VERSION)); |
4423 |
r = PyString_FromString(OpenSSL_version(OPENSSL_VERSION)); |
| 4381 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION", r)) |
4424 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION", r)) |
| 4382 |
return; |
4425 |
return; |
| 4383 |
|
4426 |
|
