Lines 72-77
Link Here
|
72 |
#include "openssl/ssl.h" |
72 |
#include "openssl/ssl.h" |
73 |
#include "openssl/err.h" |
73 |
#include "openssl/err.h" |
74 |
#include "openssl/rand.h" |
74 |
#include "openssl/rand.h" |
|
|
75 |
#include "openssl/dh.h" |
75 |
|
76 |
|
76 |
/* SSL error object */ |
77 |
/* SSL error object */ |
77 |
static PyObject *PySSLErrorObject; |
78 |
static PyObject *PySSLErrorObject; |
Lines 131-136
Link Here
|
131 |
#endif |
132 |
#endif |
132 |
|
133 |
|
133 |
#define TLS_method SSLv23_method |
134 |
#define TLS_method SSLv23_method |
|
|
135 |
#define TLS_client_method SSLv23_client_method |
136 |
#define TLS_server_method SSLv23_server_method |
137 |
#define X509_get0_notBefore X509_get_notBefore |
138 |
#define X509_get0_notAfter X509_get_notAfter |
139 |
#define ASN1_STRING_get0_data ASN1_STRING_data |
140 |
#define OpenSSL_version_num SSLeay |
141 |
#define OpenSSL_version SSLeay_version |
142 |
#define OPENSSL_VERSION SSLEAY_VERSION |
134 |
|
143 |
|
135 |
static int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne) |
144 |
static int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne) |
136 |
{ |
145 |
{ |
Lines 961-967
Link Here
|
961 |
goto fail; |
970 |
goto fail; |
962 |
} |
971 |
} |
963 |
PyTuple_SET_ITEM(t, 0, v); |
972 |
PyTuple_SET_ITEM(t, 0, v); |
964 |
v = PyUnicode_FromStringAndSize((char *)ASN1_STRING_data(as), |
973 |
v = PyUnicode_FromStringAndSize((char *)ASN1_STRING_get0_data(as), |
965 |
ASN1_STRING_length(as)); |
974 |
ASN1_STRING_length(as)); |
966 |
if (v == NULL) { |
975 |
if (v == NULL) { |
967 |
Py_DECREF(t); |
976 |
Py_DECREF(t); |
Lines 1237-1243
Link Here
|
1237 |
Py_DECREF(sn_obj); |
1246 |
Py_DECREF(sn_obj); |
1238 |
|
1247 |
|
1239 |
(void) BIO_reset(biobuf); |
1248 |
(void) BIO_reset(biobuf); |
1240 |
notBefore = X509_get_notBefore(certificate); |
1249 |
notBefore = X509_get0_notBefore(certificate); |
1241 |
ASN1_TIME_print(biobuf, notBefore); |
1250 |
ASN1_TIME_print(biobuf, notBefore); |
1242 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
1251 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
1243 |
if (len < 0) { |
1252 |
if (len < 0) { |
Lines 1254-1260
Link Here
|
1254 |
Py_DECREF(pnotBefore); |
1263 |
Py_DECREF(pnotBefore); |
1255 |
|
1264 |
|
1256 |
(void) BIO_reset(biobuf); |
1265 |
(void) BIO_reset(biobuf); |
1257 |
notAfter = X509_get_notAfter(certificate); |
1266 |
notAfter = X509_get0_notAfter(certificate); |
1258 |
ASN1_TIME_print(biobuf, notAfter); |
1267 |
ASN1_TIME_print(biobuf, notAfter); |
1259 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
1268 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
1260 |
if (len < 0) { |
1269 |
if (len < 0) { |
Lines 2053-2059
Link Here
|
2053 |
{ |
2062 |
{ |
2054 |
char *kwlist[] = {"protocol", NULL}; |
2063 |
char *kwlist[] = {"protocol", NULL}; |
2055 |
PySSLContext *self; |
2064 |
PySSLContext *self; |
2056 |
int proto_version = PY_SSL_VERSION_SSL23; |
2065 |
int proto_version = PY_SSL_VERSION_TLS; |
2057 |
long options; |
2066 |
long options; |
2058 |
SSL_CTX *ctx = NULL; |
2067 |
SSL_CTX *ctx = NULL; |
2059 |
int result = 0; |
2068 |
int result = 0; |
Lines 3419-3425
Link Here
|
3419 |
if (bytes == NULL) |
3428 |
if (bytes == NULL) |
3420 |
return NULL; |
3429 |
return NULL; |
3421 |
if (pseudo) { |
3430 |
if (pseudo) { |
|
|
3431 |
#ifdef OPENSSL_VERSION_1_1 |
3432 |
ok = RAND_bytes((unsigned char*)PyBytes_AS_STRING(bytes), len); |
3433 |
#else |
3422 |
ok = RAND_pseudo_bytes((unsigned char*)PyBytes_AS_STRING(bytes), len); |
3434 |
ok = RAND_pseudo_bytes((unsigned char*)PyBytes_AS_STRING(bytes), len); |
|
|
3435 |
#endif |
3423 |
if (ok == 0 || ok == 1) |
3436 |
if (ok == 0 || ok == 1) |
3424 |
return Py_BuildValue("NO", bytes, ok == 1 ? Py_True : Py_False); |
3437 |
return Py_BuildValue("NO", bytes, ok == 1 ? Py_True : Py_False); |
3425 |
} |
3438 |
} |
Lines 4082-4090
Link Here
|
4082 |
return NULL; |
4095 |
return NULL; |
4083 |
PySocketModule = *socket_api; |
4096 |
PySocketModule = *socket_api; |
4084 |
|
4097 |
|
|
|
4098 |
#ifdef OPENSSL_VERSION_1_1 |
4099 |
OPENSSL_init_ssl(0, NULL); |
4100 |
#else |
4085 |
/* Init OpenSSL */ |
4101 |
/* Init OpenSSL */ |
4086 |
SSL_load_error_strings(); |
4102 |
SSL_load_error_strings(); |
4087 |
SSL_library_init(); |
4103 |
SSL_library_init(); |
|
|
4104 |
#endif |
4105 |
|
4088 |
#ifdef WITH_THREAD |
4106 |
#ifdef WITH_THREAD |
4089 |
#ifdef HAVE_OPENSSL_CRYPTO_LOCK |
4107 |
#ifdef HAVE_OPENSSL_CRYPTO_LOCK |
4090 |
/* note that this will start threading if not already started */ |
4108 |
/* note that this will start threading if not already started */ |
Lines 4096-4102
Link Here
|
4096 |
_ssl_locks_count++; |
4114 |
_ssl_locks_count++; |
4097 |
#endif |
4115 |
#endif |
4098 |
#endif /* WITH_THREAD */ |
4116 |
#endif /* WITH_THREAD */ |
|
|
4117 |
|
4118 |
#ifndef OPENSSL_VERSION_1_1 |
4099 |
OpenSSL_add_all_algorithms(); |
4119 |
OpenSSL_add_all_algorithms(); |
|
|
4120 |
#endif |
4100 |
|
4121 |
|
4101 |
/* Add symbols to module dict */ |
4122 |
/* Add symbols to module dict */ |
4102 |
sslerror_type_slots[0].pfunc = PyExc_OSError; |
4123 |
sslerror_type_slots[0].pfunc = PyExc_OSError; |
Lines 4349-4358
Link Here
|
4349 |
return NULL; |
4370 |
return NULL; |
4350 |
|
4371 |
|
4351 |
/* OpenSSL version */ |
4372 |
/* OpenSSL version */ |
4352 |
/* SSLeay() gives us the version of the library linked against, |
4373 |
/* OpenSSL_version_num() gives us the version of the library linked against, |
4353 |
which could be different from the headers version. |
4374 |
which could be different from the headers version. |
4354 |
*/ |
4375 |
*/ |
4355 |
libver = SSLeay(); |
4376 |
libver = OpenSSL_version_num(); |
4356 |
r = PyLong_FromUnsignedLong(libver); |
4377 |
r = PyLong_FromUnsignedLong(libver); |
4357 |
if (r == NULL) |
4378 |
if (r == NULL) |
4358 |
return NULL; |
4379 |
return NULL; |
Lines 4362-4368
Link Here
|
4362 |
r = Py_BuildValue("IIIII", major, minor, fix, patch, status); |
4383 |
r = Py_BuildValue("IIIII", major, minor, fix, patch, status); |
4363 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION_INFO", r)) |
4384 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION_INFO", r)) |
4364 |
return NULL; |
4385 |
return NULL; |
4365 |
r = PyUnicode_FromString(SSLeay_version(SSLEAY_VERSION)); |
4386 |
r = PyUnicode_FromString(OpenSSL_version(OPENSSL_VERSION)); |
4366 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION", r)) |
4387 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION", r)) |
4367 |
return NULL; |
4388 |
return NULL; |
4368 |
|
4389 |
|