OpenSSL 1.1.0 compatibility fixes

- function check missed 1.1.0 release
- TLS didn't work with anonymous ciphers
This commit is contained in:
Peter Šurda 2017-01-14 17:47:57 +01:00
parent 6247e1d3ea
commit 59b5ac3a61
Signed by: PeterSurda
GPG Key ID: 0C5F50C0B5F37D87
2 changed files with 9 additions and 3 deletions

View File

@ -495,3 +495,9 @@ else:
# this means TLSv1, there is no way to set "TLSv1 or higher" or # this means TLSv1, there is no way to set "TLSv1 or higher" or
# "TLSv1.2" in < 2.7.9 # "TLSv1.2" in < 2.7.9
sslProtocolVersion = ssl.PROTOCOL_TLSv1 sslProtocolVersion = ssl.PROTOCOL_TLSv1
# ciphers
if ssl.OPENSSL_VERSION_NUMBER >= 0x10100000
sslProtocolCiphers = "AECDH-AES256-SHA@SECLEVEL=0"
else:
sslProtocolCiphers = "AECDH-AES256-SHA"

View File

@ -170,7 +170,7 @@ class _OpenSSL:
self.EC_KEY_set_private_key.argtypes = [ctypes.c_void_p, self.EC_KEY_set_private_key.argtypes = [ctypes.c_void_p,
ctypes.c_void_p] ctypes.c_void_p]
if self._hexversion > 0x10100000: if self._hexversion >= 0x10100000:
self.EC_KEY_OpenSSL = self._lib.EC_KEY_OpenSSL self.EC_KEY_OpenSSL = self._lib.EC_KEY_OpenSSL
self._lib.EC_KEY_OpenSSL.restype = ctypes.c_void_p self._lib.EC_KEY_OpenSSL.restype = ctypes.c_void_p
self._lib.EC_KEY_OpenSSL.argtypes = [] self._lib.EC_KEY_OpenSSL.argtypes = []
@ -250,7 +250,7 @@ class _OpenSSL:
self.EVP_rc4.restype = ctypes.c_void_p self.EVP_rc4.restype = ctypes.c_void_p
self.EVP_rc4.argtypes = [] self.EVP_rc4.argtypes = []
if self._hexversion > 0x10100000: if self._hexversion >= 0x10100000:
self.EVP_CIPHER_CTX_reset = self._lib.EVP_CIPHER_CTX_reset self.EVP_CIPHER_CTX_reset = self._lib.EVP_CIPHER_CTX_reset
self.EVP_CIPHER_CTX_reset.restype = ctypes.c_int self.EVP_CIPHER_CTX_reset.restype = ctypes.c_int
self.EVP_CIPHER_CTX_reset.argtypes = [ctypes.c_void_p] self.EVP_CIPHER_CTX_reset.argtypes = [ctypes.c_void_p]
@ -306,7 +306,7 @@ class _OpenSSL:
self.ECDSA_verify.argtypes = [ctypes.c_int, ctypes.c_void_p, self.ECDSA_verify.argtypes = [ctypes.c_int, ctypes.c_void_p,
ctypes.c_int, ctypes.c_void_p, ctypes.c_int, ctypes.c_void_p] ctypes.c_int, ctypes.c_void_p, ctypes.c_int, ctypes.c_void_p]
if self._hexversion > 0x10100000: if self._hexversion >= 0x10100000:
self.EVP_MD_CTX_new = self._lib.EVP_MD_CTX_new self.EVP_MD_CTX_new = self._lib.EVP_MD_CTX_new
self.EVP_MD_CTX_new.restype = ctypes.c_void_p self.EVP_MD_CTX_new.restype = ctypes.c_void_p
self.EVP_MD_CTX_new.argtypes = [] self.EVP_MD_CTX_new.argtypes = []