|
Lines 72-77
Link Here
|
| 72 |
#include "openssl/ssl.h" |
72 |
#include "openssl/ssl.h" |
| 73 |
#include "openssl/err.h" |
73 |
#include "openssl/err.h" |
| 74 |
#include "openssl/rand.h" |
74 |
#include "openssl/rand.h" |
|
|
75 |
#include "openssl/dh.h" |
| 75 |
|
76 |
|
| 76 |
/* SSL error object */ |
77 |
/* SSL error object */ |
| 77 |
static PyObject *PySSLErrorObject; |
78 |
static PyObject *PySSLErrorObject; |
|
Lines 131-136
Link Here
|
| 131 |
#endif |
132 |
#endif |
| 132 |
|
133 |
|
| 133 |
#define TLS_method SSLv23_method |
134 |
#define TLS_method SSLv23_method |
|
|
135 |
#define TLS_client_method SSLv23_client_method |
| 136 |
#define TLS_server_method SSLv23_server_method |
| 137 |
#define X509_get0_notBefore X509_get_notBefore |
| 138 |
#define X509_get0_notAfter X509_get_notAfter |
| 139 |
#define ASN1_STRING_get0_data ASN1_STRING_data |
| 140 |
#define OpenSSL_version_num SSLeay |
| 141 |
#define OpenSSL_version SSLeay_version |
| 142 |
#define OPENSSL_VERSION SSLEAY_VERSION |
| 134 |
|
143 |
|
| 135 |
static int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne) |
144 |
static int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne) |
| 136 |
{ |
145 |
{ |
|
Lines 961-967
Link Here
|
| 961 |
goto fail; |
970 |
goto fail; |
| 962 |
} |
971 |
} |
| 963 |
PyTuple_SET_ITEM(t, 0, v); |
972 |
PyTuple_SET_ITEM(t, 0, v); |
| 964 |
v = PyUnicode_FromStringAndSize((char *)ASN1_STRING_data(as), |
973 |
v = PyUnicode_FromStringAndSize((char *)ASN1_STRING_get0_data(as), |
| 965 |
ASN1_STRING_length(as)); |
974 |
ASN1_STRING_length(as)); |
| 966 |
if (v == NULL) { |
975 |
if (v == NULL) { |
| 967 |
Py_DECREF(t); |
976 |
Py_DECREF(t); |
|
Lines 1237-1243
Link Here
|
| 1237 |
Py_DECREF(sn_obj); |
1246 |
Py_DECREF(sn_obj); |
| 1238 |
|
1247 |
|
| 1239 |
(void) BIO_reset(biobuf); |
1248 |
(void) BIO_reset(biobuf); |
| 1240 |
notBefore = X509_get_notBefore(certificate); |
1249 |
notBefore = X509_get0_notBefore(certificate); |
| 1241 |
ASN1_TIME_print(biobuf, notBefore); |
1250 |
ASN1_TIME_print(biobuf, notBefore); |
| 1242 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
1251 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
| 1243 |
if (len < 0) { |
1252 |
if (len < 0) { |
|
Lines 1254-1260
Link Here
|
| 1254 |
Py_DECREF(pnotBefore); |
1263 |
Py_DECREF(pnotBefore); |
| 1255 |
|
1264 |
|
| 1256 |
(void) BIO_reset(biobuf); |
1265 |
(void) BIO_reset(biobuf); |
| 1257 |
notAfter = X509_get_notAfter(certificate); |
1266 |
notAfter = X509_get0_notAfter(certificate); |
| 1258 |
ASN1_TIME_print(biobuf, notAfter); |
1267 |
ASN1_TIME_print(biobuf, notAfter); |
| 1259 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
1268 |
len = BIO_gets(biobuf, buf, sizeof(buf)-1); |
| 1260 |
if (len < 0) { |
1269 |
if (len < 0) { |
|
Lines 2053-2059
Link Here
|
| 2053 |
{ |
2062 |
{ |
| 2054 |
char *kwlist[] = {"protocol", NULL}; |
2063 |
char *kwlist[] = {"protocol", NULL}; |
| 2055 |
PySSLContext *self; |
2064 |
PySSLContext *self; |
| 2056 |
int proto_version = PY_SSL_VERSION_SSL23; |
2065 |
int proto_version = PY_SSL_VERSION_TLS; |
| 2057 |
long options; |
2066 |
long options; |
| 2058 |
SSL_CTX *ctx = NULL; |
2067 |
SSL_CTX *ctx = NULL; |
| 2059 |
int result = 0; |
2068 |
int result = 0; |
|
Lines 3419-3425
Link Here
|
| 3419 |
if (bytes == NULL) |
3428 |
if (bytes == NULL) |
| 3420 |
return NULL; |
3429 |
return NULL; |
| 3421 |
if (pseudo) { |
3430 |
if (pseudo) { |
|
|
3431 |
#ifdef OPENSSL_VERSION_1_1 |
| 3432 |
ok = RAND_bytes((unsigned char*)PyBytes_AS_STRING(bytes), len); |
| 3433 |
#else |
| 3422 |
ok = RAND_pseudo_bytes((unsigned char*)PyBytes_AS_STRING(bytes), len); |
3434 |
ok = RAND_pseudo_bytes((unsigned char*)PyBytes_AS_STRING(bytes), len); |
|
|
3435 |
#endif |
| 3423 |
if (ok == 0 || ok == 1) |
3436 |
if (ok == 0 || ok == 1) |
| 3424 |
return Py_BuildValue("NO", bytes, ok == 1 ? Py_True : Py_False); |
3437 |
return Py_BuildValue("NO", bytes, ok == 1 ? Py_True : Py_False); |
| 3425 |
} |
3438 |
} |
|
Lines 4082-4090
Link Here
|
| 4082 |
return NULL; |
4095 |
return NULL; |
| 4083 |
PySocketModule = *socket_api; |
4096 |
PySocketModule = *socket_api; |
| 4084 |
|
4097 |
|
|
|
4098 |
#ifdef OPENSSL_VERSION_1_1 |
| 4099 |
OPENSSL_init_ssl(0, NULL); |
| 4100 |
#else |
| 4085 |
/* Init OpenSSL */ |
4101 |
/* Init OpenSSL */ |
| 4086 |
SSL_load_error_strings(); |
4102 |
SSL_load_error_strings(); |
| 4087 |
SSL_library_init(); |
4103 |
SSL_library_init(); |
|
|
4104 |
#endif |
| 4105 |
|
| 4088 |
#ifdef WITH_THREAD |
4106 |
#ifdef WITH_THREAD |
| 4089 |
#ifdef HAVE_OPENSSL_CRYPTO_LOCK |
4107 |
#ifdef HAVE_OPENSSL_CRYPTO_LOCK |
| 4090 |
/* note that this will start threading if not already started */ |
4108 |
/* note that this will start threading if not already started */ |
|
Lines 4096-4102
Link Here
|
| 4096 |
_ssl_locks_count++; |
4114 |
_ssl_locks_count++; |
| 4097 |
#endif |
4115 |
#endif |
| 4098 |
#endif /* WITH_THREAD */ |
4116 |
#endif /* WITH_THREAD */ |
|
|
4117 |
|
| 4118 |
#ifndef OPENSSL_VERSION_1_1 |
| 4099 |
OpenSSL_add_all_algorithms(); |
4119 |
OpenSSL_add_all_algorithms(); |
|
|
4120 |
#endif |
| 4100 |
|
4121 |
|
| 4101 |
/* Add symbols to module dict */ |
4122 |
/* Add symbols to module dict */ |
| 4102 |
sslerror_type_slots[0].pfunc = PyExc_OSError; |
4123 |
sslerror_type_slots[0].pfunc = PyExc_OSError; |
|
Lines 4349-4358
Link Here
|
| 4349 |
return NULL; |
4370 |
return NULL; |
| 4350 |
|
4371 |
|
| 4351 |
/* OpenSSL version */ |
4372 |
/* OpenSSL version */ |
| 4352 |
/* SSLeay() gives us the version of the library linked against, |
4373 |
/* OpenSSL_version_num() gives us the version of the library linked against, |
| 4353 |
which could be different from the headers version. |
4374 |
which could be different from the headers version. |
| 4354 |
*/ |
4375 |
*/ |
| 4355 |
libver = SSLeay(); |
4376 |
libver = OpenSSL_version_num(); |
| 4356 |
r = PyLong_FromUnsignedLong(libver); |
4377 |
r = PyLong_FromUnsignedLong(libver); |
| 4357 |
if (r == NULL) |
4378 |
if (r == NULL) |
| 4358 |
return NULL; |
4379 |
return NULL; |
|
Lines 4362-4368
Link Here
|
| 4362 |
r = Py_BuildValue("IIIII", major, minor, fix, patch, status); |
4383 |
r = Py_BuildValue("IIIII", major, minor, fix, patch, status); |
| 4363 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION_INFO", r)) |
4384 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION_INFO", r)) |
| 4364 |
return NULL; |
4385 |
return NULL; |
| 4365 |
r = PyUnicode_FromString(SSLeay_version(SSLEAY_VERSION)); |
4386 |
r = PyUnicode_FromString(OpenSSL_version(OPENSSL_VERSION)); |
| 4366 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION", r)) |
4387 |
if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION", r)) |
| 4367 |
return NULL; |
4388 |
return NULL; |
| 4368 |
|
4389 |
|
