OpenSSL 1.1.0 compatibility fixes
- function check missed 1.1.0 release - TLS didn't work with anonymous ciphers
This commit is contained in:
parent
6247e1d3ea
commit
59b5ac3a61
|
@ -495,3 +495,9 @@ else:
|
|||
# this means TLSv1, there is no way to set "TLSv1 or higher" or
|
||||
# "TLSv1.2" in < 2.7.9
|
||||
sslProtocolVersion = ssl.PROTOCOL_TLSv1
|
||||
|
||||
# ciphers
|
||||
if ssl.OPENSSL_VERSION_NUMBER >= 0x10100000
|
||||
sslProtocolCiphers = "AECDH-AES256-SHA@SECLEVEL=0"
|
||||
else:
|
||||
sslProtocolCiphers = "AECDH-AES256-SHA"
|
||||
|
|
|
@ -170,7 +170,7 @@ class _OpenSSL:
|
|||
self.EC_KEY_set_private_key.argtypes = [ctypes.c_void_p,
|
||||
ctypes.c_void_p]
|
||||
|
||||
if self._hexversion > 0x10100000:
|
||||
if self._hexversion >= 0x10100000:
|
||||
self.EC_KEY_OpenSSL = self._lib.EC_KEY_OpenSSL
|
||||
self._lib.EC_KEY_OpenSSL.restype = ctypes.c_void_p
|
||||
self._lib.EC_KEY_OpenSSL.argtypes = []
|
||||
|
@ -250,7 +250,7 @@ class _OpenSSL:
|
|||
self.EVP_rc4.restype = ctypes.c_void_p
|
||||
self.EVP_rc4.argtypes = []
|
||||
|
||||
if self._hexversion > 0x10100000:
|
||||
if self._hexversion >= 0x10100000:
|
||||
self.EVP_CIPHER_CTX_reset = self._lib.EVP_CIPHER_CTX_reset
|
||||
self.EVP_CIPHER_CTX_reset.restype = ctypes.c_int
|
||||
self.EVP_CIPHER_CTX_reset.argtypes = [ctypes.c_void_p]
|
||||
|
@ -306,7 +306,7 @@ class _OpenSSL:
|
|||
self.ECDSA_verify.argtypes = [ctypes.c_int, ctypes.c_void_p,
|
||||
ctypes.c_int, ctypes.c_void_p, ctypes.c_int, ctypes.c_void_p]
|
||||
|
||||
if self._hexversion > 0x10100000:
|
||||
if self._hexversion >= 0x10100000:
|
||||
self.EVP_MD_CTX_new = self._lib.EVP_MD_CTX_new
|
||||
self.EVP_MD_CTX_new.restype = ctypes.c_void_p
|
||||
self.EVP_MD_CTX_new.argtypes = []
|
||||
|
|
Reference in New Issue
Block a user