From 02a7c59de8326df573f1aa00abc45f3a1808b5d0 Mon Sep 17 00:00:00 2001
From: Peter Surda <surda@economicsofbitcoin.com>
Date: Sat, 14 Jan 2017 17:50:49 +0100
Subject: [PATCH] OpenSSL 1.1.0 compatibility fixes

- part 2, continued from previous commit
---
 src/class_receiveDataThread.py | 4 ++--
 src/protocol.py                | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/class_receiveDataThread.py b/src/class_receiveDataThread.py
index 821eedc2..ca4430ab 100644
--- a/src/class_receiveDataThread.py
+++ b/src/class_receiveDataThread.py
@@ -295,7 +295,7 @@ class receiveDataThread(threading.Thread):
             logger.debug("Initialising TLS")
             if sys.version_info >= (2,7,9):
                 context = ssl.SSLContext(protocol.sslProtocolVersion)
-                context.set_ciphers("AECDH-AES256-SHA")
+                context.set_ciphers(protocol.sslProtocolCiphers)
                 context.set_ecdh_curve("secp256k1")
                 context.check_hostname = False
                 context.verify_mode = ssl.CERT_NONE
@@ -303,7 +303,7 @@ class receiveDataThread(threading.Thread):
                 context.options = ssl.OP_ALL | ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3 | ssl.OP_SINGLE_ECDH_USE | ssl.OP_CIPHER_SERVER_PREFERENCE
                 self.sslSock = context.wrap_socket(self.sock, server_side = not self.initiatedConnection, do_handshake_on_connect=False)
             else:
-                self.sslSock = ssl.wrap_socket(self.sock, keyfile = os.path.join(paths.codePath(), 'sslkeys', 'key.pem'), certfile = os.path.join(paths.codePath(), 'sslkeys', 'cert.pem'), server_side = not self.initiatedConnection, ssl_version=protocol.sslProtocolVersion, do_handshake_on_connect=False, ciphers='AECDH-AES256-SHA')
+                self.sslSock = ssl.wrap_socket(self.sock, keyfile = os.path.join(paths.codePath(), 'sslkeys', 'key.pem'), certfile = os.path.join(paths.codePath(), 'sslkeys', 'cert.pem'), server_side = not self.initiatedConnection, ssl_version=protocol.sslProtocolVersion, do_handshake_on_connect=False, ciphers=protocol.sslProtocolCiphers)
             self.sendDataThreadQueue.join()
             while True:
                 try:
diff --git a/src/protocol.py b/src/protocol.py
index 3a3ccebe..816b2c1d 100644
--- a/src/protocol.py
+++ b/src/protocol.py
@@ -497,7 +497,7 @@ else:
     sslProtocolVersion = ssl.PROTOCOL_TLSv1
 
 # ciphers
-if ssl.OPENSSL_VERSION_NUMBER >= 0x10100000
+if ssl.OPENSSL_VERSION_NUMBER >= 0x10100000:
     sslProtocolCiphers = "AECDH-AES256-SHA@SECLEVEL=0"
 else:
     sslProtocolCiphers = "AECDH-AES256-SHA"