Issue #12440: When testing whether some bits in SSLContext.options can be

reset, check the version of the OpenSSL headers Python was compiled against, rather than the runtime version of the OpenSSL library.
2011-07-08 18:47:06 +02:00 · 2011-07-08 18:47:06 +02:00 · b9ac25d1c3
parent 6e2e3b9e81
commit b9ac25d1c3
4 changed files with 32 additions and 10 deletions
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@ -77,6 +77,8 @@ from _ssl import (
    )
 from _ssl import HAS_SNI
 from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+from _ssl import _OPENSSL_API_VERSION
+
 _PROTOCOL_NAMES = {
    PROTOCOL_TLSv1: "TLSv1",
    PROTOCOL_SSLv23: "SSLv23",
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@ -60,7 +60,7 @@ def handle_error(prefix):

 def can_clear_options():
    # 0.9.8m or higher
-    return ssl.OPENSSL_VERSION_INFO >= (0, 9, 8, 13, 15)
+    return ssl._OPENSSL_API_VERSION >= (0, 9, 8, 13, 15)

 def no_sslv2_implies_sslv3_hello():
    # 0.9.7h or higher
--- a/Misc/NEWS
+++ b/Misc/NEWS
@ -47,6 +47,10 @@ C-API
 Tests
 -----

+- Issue #12440: When testing whether some bits in SSLContext.options can be
+  reset, check the version of the OpenSSL headers Python was compiled against,
+  rather than the runtime version of the OpenSSL library.
+
 - Issue #12497: Install test/data to prevent failures of the various codecmaps
  tests.

--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@ -2037,6 +2037,24 @@ static struct PyModuleDef _sslmodule = {
    NULL
 };

+
+static void
+parse_openssl_version(unsigned long libver,
+                      unsigned int *major, unsigned int *minor,
+                      unsigned int *fix, unsigned int *patch,
+                      unsigned int *status)
+{
+    *status = libver & 0xF;
+    libver >>= 4;
+    *patch = libver & 0xFF;
+    libver >>= 8;
+    *fix = libver & 0xFF;
+    libver >>= 8;
+    *minor = libver & 0xFF;
+    libver >>= 8;
+    *major = libver & 0xFF;
+}
+
 PyMODINIT_FUNC
 PyInit__ssl(void)
 {
@ -2149,15 +2167,7 @@ PyInit__ssl(void)
        return NULL;
    if (PyModule_AddObject(m, "OPENSSL_VERSION_NUMBER", r))
        return NULL;
-    status = libver & 0xF;
-    libver >>= 4;
-    patch = libver & 0xFF;
-    libver >>= 8;
-    fix = libver & 0xFF;
-    libver >>= 8;
-    minor = libver & 0xFF;
-    libver >>= 8;
-    major = libver & 0xFF;
+    parse_openssl_version(libver, &major, &minor, &fix, &patch, &status);
    r = Py_BuildValue("IIIII", major, minor, fix, patch, status);
    if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION_INFO", r))
        return NULL;
@ -2165,5 +2175,11 @@ PyInit__ssl(void)
    if (r == NULL || PyModule_AddObject(m, "OPENSSL_VERSION", r))
        return NULL;

+    libver = OPENSSL_VERSION_NUMBER;
+    parse_openssl_version(libver, &major, &minor, &fix, &patch, &status);
+    r = Py_BuildValue("IIIII", major, minor, fix, patch, status);
+    if (r == NULL || PyModule_AddObject(m, "_OPENSSL_API_VERSION", r))
+        return NULL;
+
    return m;
 }