equal
deleted
inserted
replaced
|
1 This patch comes from in-house, and will not be passed upstream, since |
|
2 Python 2.6 has been abandoned in favor of later versions. |
|
3 |
|
4 --- Python-2.6.8/Modules/_ssl.c.~2~ 2014-12-16 00:06:40.398956147 -0800 |
|
5 +++ Python-2.6.8/Modules/_ssl.c 2015-01-08 12:43:53.326916627 -0800 |
|
6 @@ -269,6 +269,7 @@ |
|
7 char *errstr = NULL; |
|
8 int ret; |
|
9 int verification_mode; |
|
10 + long options; |
|
11 |
|
12 self = PyObject_New(PySSLObject, &PySSL_Type); /* Create new object */ |
|
13 if (self == NULL) |
|
14 @@ -359,8 +360,12 @@ |
|
15 } |
|
16 |
|
17 /* ssl compatibility */ |
|
18 - SSL_CTX_set_options(self->ctx, |
|
19 - SSL_OP_ALL & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS); |
|
20 + options = SSL_OP_ALL & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS; |
|
21 + if (proto_version != PY_SSL_VERSION_SSL2) |
|
22 + options |= SSL_OP_NO_SSLv2; |
|
23 + if (proto_version != PY_SSL_VERSION_SSL3) |
|
24 + options |= SSL_OP_NO_SSLv3; |
|
25 + SSL_CTX_set_options(self->ctx, options); |
|
26 |
|
27 verification_mode = SSL_VERIFY_NONE; |
|
28 if (certreq == PY_SSL_CERT_OPTIONAL) |