bpo-28182: restore backwards compatibility (#3464)
b3ad0e5 broke backwards compatibility with OpenSSL < 1.0.2. Signed-off-by: Christian Heimes <christian@python.org>
This commit is contained in:
Christian Heimes
GitHub
parent
db610e909b
commit
0915360b9e
@ -485,18 +485,23 @@ fill_and_set_sslerror(PySSLSocket *sslsock, PyObject *type, int ssl_errno,
|
|||||||
}
|
}
|
||||||
|
|
||||||
switch (verify_code) {
|
switch (verify_code) {
|
||||||
|
#ifdef X509_V_ERR_HOSTNAME_MISMATCH
|
||||||
|
/* OpenSSL >= 1.0.2, LibreSSL >= 2.5.3 */
|
||||||
case X509_V_ERR_HOSTNAME_MISMATCH:
|
case X509_V_ERR_HOSTNAME_MISMATCH:
|
||||||
verify_obj = PyUnicode_FromFormat(
|
verify_obj = PyUnicode_FromFormat(
|
||||||
"Hostname mismatch, certificate is not valid for '%S'.",
|
"Hostname mismatch, certificate is not valid for '%S'.",
|
||||||
sslsock->server_hostname
|
sslsock->server_hostname
|
||||||
);
|
);
|
||||||
break;
|
break;
|
||||||
|
#endif
|
||||||
|
#ifdef X509_V_ERR_IP_ADDRESS_MISMATCH
|
||||||
case X509_V_ERR_IP_ADDRESS_MISMATCH:
|
case X509_V_ERR_IP_ADDRESS_MISMATCH:
|
||||||
verify_obj = PyUnicode_FromFormat(
|
verify_obj = PyUnicode_FromFormat(
|
||||||
"IP address mismatch, certificate is not valid for '%S'.",
|
"IP address mismatch, certificate is not valid for '%S'.",
|
||||||
sslsock->server_hostname
|
sslsock->server_hostname
|
||||||
);
|
);
|
||||||
break;
|
break;
|
||||||
|
#endif
|
||||||
default:
|
default:
|
||||||
verify_str = X509_verify_cert_error_string(verify_code);
|
verify_str = X509_verify_cert_error_string(verify_code);
|
||||||
if (verify_str != NULL) {
|
if (verify_str != NULL) {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user