From: Antoine Pitrou <solipsis@pitrou.net>
Date: Fri, 17 Feb 2012 17:47:54 +0000 (+0100)
Subject: Try to really fix compilation failures of the _ssl module under very old OpenSSLs.
X-Git-Tag: v3.3.0a1~152
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a9bf2ac7265c143eb11538a0ecd491d96edbf4da;p=thirdparty%2FPython%2Fcpython.git

Try to really fix compilation failures of the _ssl module under very old OpenSSLs.
---

diff --git a/Lib/ssl.py b/Lib/ssl.py
index 0282ee924a09..e899059bad1e 100644
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -68,12 +68,16 @@ from _ssl import (
 from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
 from _ssl import (
     OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1,
-    OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE, OP_SINGLE_ECDH_USE,
+    OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE
     )
 try:
     from _ssl import OP_NO_COMPRESSION
 except ImportError:
     pass
+try:
+    from _ssl import OP_SINGLE_ECDH_USE
+except ImportError:
+    pass
 from _ssl import RAND_status, RAND_egd, RAND_add, RAND_bytes, RAND_pseudo_bytes
 from _ssl import (
     SSL_ERROR_ZERO_RETURN,
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index e25f35426461..8225e68f1d4e 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -145,6 +145,12 @@ static unsigned int _ssl_locks_count = 0;
 # define HAVE_OPENSSL_FINISHED 0
 #endif
 
+/* ECDH support got added to OpenSSL in 0.9.8 */
+#if OPENSSL_VERSION_NUMBER < 0x0090800fL && !defined(OPENSSL_NO_ECDH)
+# define OPENSSL_NO_ECDH
+#endif
+
+
 typedef struct {
     PyObject_HEAD
     SSL_CTX *ctx;