Skip to content

Commit

Permalink
bpo-29697: Don't use OpenSSL <1.0.2 fallback on 1.1+ (#397)
Browse files Browse the repository at this point in the history
  • Loading branch information
dstufft authored Mar 2, 2017
1 parent b05d48e commit 784ba7c
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions Modules/_ssl.c
Original file line number Diff line number Diff line change
Expand Up @@ -2729,12 +2729,12 @@ _ssl__SSLContext_impl(PyTypeObject *type, int proto_version)
#endif


#ifndef OPENSSL_NO_ECDH
#if !defined(OPENSSL_NO_ECDH) && !defined(OPENSSL_VERSION_1_1)
/* Allow automatic ECDH curve selection (on OpenSSL 1.0.2+), or use
prime256v1 by default. This is Apache mod_ssl's initialization
policy, so we should be safe. OpenSSL 1.1 has it enabled by default.
*/
#if defined(SSL_CTX_set_ecdh_auto) && !defined(OPENSSL_VERSION_1_1)
#if defined(SSL_CTX_set_ecdh_auto)
SSL_CTX_set_ecdh_auto(self->ctx, 1);
#else
{
Expand Down

0 comments on commit 784ba7c

Please sign in to comment.