]> git.ipfire.org Git - thirdparty/Python/cpython.git/commitdiff
projects / thirdparty / Python / cpython.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 389212c)
bpo-43799: Also define SSLv3_method() (GH-25481)
authorChristian Heimes <christian@python.org>
Tue, 20 Apr 2021 16:10:10 +0000 (18:10 +0200)
committerGitHub <noreply@github.com>
Tue, 20 Apr 2021 16:10:10 +0000 (18:10 +0200)
Signed-off-by: Christian Heimes <christian@python.org>
Lib/test/test_ssl.py patch | blob | blame | history
Modules/_ssl.c patch | blob | blame | history

diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index ae66c3e7d4a56c55161206a7585c50f5bc8c1f29..697971e0a57d97c764d50e6cf62ad6176908d553 100644 (file)
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -3245,10 +3245,6 @@ class ThreadedTests(unittest.TestCase):
             try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, False)
         try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLSv1, False)
         # SSLv23 client with specific SSL options
-        if no_sslv2_implies_sslv3_hello():
-            # No SSLv2 => client will use an SSLv3 hello on recent OpenSSLs
-            try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLS, False,
-                               client_options=ssl.OP_NO_SSLv2)
         try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLS, False,
                            client_options=ssl.OP_NO_SSLv3)
         try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLS, False,
@@ -3309,10 +3305,6 @@ class ThreadedTests(unittest.TestCase):
         try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_TLS, False,
                            client_options=ssl.OP_NO_SSLv3)
         try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_TLSv1, False)
-        if no_sslv2_implies_sslv3_hello():
-            # No SSLv2 => client will use an SSLv3 hello on recent OpenSSLs
-            try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_TLS,
-                               False, client_options=ssl.OP_NO_SSLv2)
 
     @requires_tls_version('TLSv1')
     def test_protocol_tlsv1(self):
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index 4b84014d008c12983c0dd2cb58a2bee864240e2d..e28c1286784a45371fbd9151976ecadaaf6a4c09 100644 (file)
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -123,6 +123,9 @@ static void _PySSLFixErrno(void) {
 #endif
 
 /* OpenSSL API 1.1.0+ does not include version methods */
+#ifndef OPENSSL_NO_SSL3_METHOD
+extern const SSL_METHOD *SSLv3_method(void);
+#endif
 #ifndef OPENSSL_NO_TLS1_METHOD
 extern const SSL_METHOD *TLSv1_method(void);
 #endif
Mirror of https://github.com/python/cpython.git