[pypy-commit] pypy py3k: adapt 1bf39957a7e8 from default
pjenvey
noreply at buildbot.pypy.org
Wed Jan 15 00:24:10 CET 2014
Author: Philip Jenvey <pjenvey at underboss.org>
Branch: py3k
Changeset: r68673:30065a062e2c
Date: 2014-01-14 15:22 -0800
http://bitbucket.org/pypy/pypy/changeset/30065a062e2c/
Log: adapt 1bf39957a7e8 from default
diff --git a/lib-python/3/test/test_ssl.py b/lib-python/3/test/test_ssl.py
--- a/lib-python/3/test/test_ssl.py
+++ b/lib-python/3/test/test_ssl.py
@@ -1259,7 +1259,7 @@
try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True)
try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_OPTIONAL)
try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_REQUIRED)
- try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True)
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False)
try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, False)
try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLSv1, False)
# SSLv23 client with specific SSL options
diff --git a/pypy/module/_ssl/interp_ssl.py b/pypy/module/_ssl/interp_ssl.py
--- a/pypy/module/_ssl/interp_ssl.py
+++ b/pypy/module/_ssl/interp_ssl.py
@@ -1,6 +1,7 @@
from __future__ import with_statement
from rpython.rtyper.lltypesystem import rffi, lltype
-from pypy.interpreter.error import OperationError, wrap_oserror
+from pypy.interpreter.error import (
+ OperationError, operationerrfmt, wrap_oserror)
from pypy.interpreter.baseobjspace import W_Root
from pypy.interpreter.typedef import TypeDef, GetSetProperty
from pypy.interpreter.gateway import interp2app, unwrap_spec
@@ -91,13 +92,26 @@
class SSLContext(W_Root):
- def __init__(self, method):
+ def __init__(self, protocol):
+ if protocol == PY_SSL_VERSION_TLS1:
+ method = libssl_TLSv1_method()
+ elif protocol == PY_SSL_VERSION_SSL3:
+ method = libssl_SSLv3_method()
+ elif protocol == PY_SSL_VERSION_SSL2 and not OPENSSL_NO_SSL2:
+ method = libssl_SSLv2_method()
+ elif protocol == PY_SSL_VERSION_SSL23:
+ method = libssl_SSLv23_method()
+ else:
+ raise operationerrfmt(space.w_ValueError,
+ "invalid protocol version")
self.ctx = libssl_SSL_CTX_new(method)
# Defaults
libssl_SSL_CTX_set_verify(self.ctx, SSL_VERIFY_NONE, None)
- libssl_SSL_CTX_set_options(
- self.ctx, SSL_OP_ALL & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
+ options = SSL_OP_ALL & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
+ if protocol != PY_SSL_VERSION_SSL2:
+ options |= SSL_OP_NO_SSLv2
+ libssl_SSL_CTX_set_options(self.ctx, options)
libssl_SSL_CTX_set_session_id_context(self.ctx, "Python", len("Python"))
def __del__(self):
@@ -107,18 +121,7 @@
@unwrap_spec(protocol=int)
def descr_new(space, w_subtype, protocol=PY_SSL_VERSION_SSL23):
self = space.allocate_instance(SSLContext, w_subtype)
- if protocol == PY_SSL_VERSION_TLS1:
- method = libssl_TLSv1_method()
- elif protocol == PY_SSL_VERSION_SSL3:
- method = libssl_SSLv3_method()
- elif protocol == PY_SSL_VERSION_SSL2 and not OPENSSL_NO_SSL2:
- method = libssl_SSLv2_method()
- elif protocol == PY_SSL_VERSION_SSL23:
- method = libssl_SSLv23_method()
- else:
- raise OperationError(
- space.w_ValueError, space.wrap("invalid protocol version"))
- self.__init__(method)
+ self.__init__(protocol)
if not self.ctx:
raise ssl_error(space, "failed to allocate SSL context")
return space.wrap(self)
More information about the pypy-commit
mailing list