[prev in list] [next in list] [prev in thread] [next in thread]
List: pypy-svn
Subject: [pypy-commit] pypy openssl-1.1: Copy behavioural change from cpython: OpenSSL has ecdh enabled by de
From: stefanor <pypy.commits () gmail ! com>
Date: 2016-10-28 23:36:16
Message-ID: 5813e0f0.e128c20a.44610.6433 () mx ! google ! com
[Download RAW message or body]
Author: Stefano Rivera <stefano@rivera.za.net>
Branch: openssl-1.1
Changeset: r87982:201233507447
Date: 2016-10-28 15:38 -0700
http://bitbucket.org/pypy/pypy/changeset/201233507447/
Log: Copy behavioural change from cpython: OpenSSL has ecdh enabled by
default.
diff --git a/pypy/module/_ssl/interp_ssl.py b/pypy/module/_ssl/interp_ssl.py
--- a/pypy/module/_ssl/interp_ssl.py
+++ b/pypy/module/_ssl/interp_ssl.py
@@ -1310,6 +1310,7 @@
# OpenSSL 1.0.2+), or use prime256v1 by default.
# This is Apache mod_ssl's initialization
# policy, so we should be safe.
+ # OpenSSL 1.1 has it enabled by default.
if libssl_SSL_CTX_set_ecdh_auto:
libssl_SSL_CTX_set_ecdh_auto(self.ctx, 1)
else:
diff --git a/rpython/rlib/ropenssl.py b/rpython/rlib/ropenssl.py
--- a/rpython/rlib/ropenssl.py
+++ b/rpython/rlib/ropenssl.py
@@ -344,7 +344,7 @@
lltype.Void, macro=True)
ssl_external('SSL_CTX_set_tlsext_servername_arg', [SSL_CTX, rffi.VOIDP], lltype.Void, macro=True)
ssl_external('SSL_CTX_set_tmp_ecdh', [SSL_CTX, EC_KEY], lltype.Void, macro=True)
-if OPENSSL_VERSION_NUMBER >= 0x10002000:
+if 0x10100000 > OPENSSL_VERSION_NUMBER >= 0x10002000:
ssl_external('SSL_CTX_set_ecdh_auto', [SSL_CTX, rffi.INT], lltype.Void,
macro=True)
else:
_______________________________________________
pypy-commit mailing list
pypy-commit@python.org
https://mail.python.org/mailman/listinfo/pypy-commit
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic