Fix rabbit driver use of ssl.PROTOCOL_SSLv3

The rabbit driver required that ssl.PROTOCOL_SSLv3 is defined, but
not all Python implementations define it.

The code was changed so that the "sslv3" value is only allowed for
the "kombu_ssl_version" version if ssl.PROTOCOL_SSLv3 is defined in
the Python standard library.

The title of the commit in master was:

 Remove the use of PROTOCOL_SSLv3

but this was changed since it didn't describe the actual change.

Closes-Bug: #1395095
Change-Id: I2c1977c3bfc1923bcb03744e909f2e70c7fdb14c
(cherry picked from commit 42f55a1dda96d4ceecf8cca5fba9cd723673f6e3)

1 files changed, 8 insertions, 4 deletions

diff --git a/oslo/messaging/_drivers/impl_rabbit.py b/oslo/messaging/_drivers/impl_rabbit.py
index bdb6693..c836eb9 100644
--- a/oslo/messaging/_drivers/impl_rabbit.py
+++ b/oslo/messaging/_drivers/impl_rabbit.py
@@ -39,8 +39,8 @@ rabbit_opts = [
     cfg.StrOpt('kombu_ssl_version',
                default='',
                help='SSL version to use (valid only if SSL enabled). '
-                    'valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may '
-                    'be available on some distributions.'
+                    'valid values are TLSv1 and SSLv23. SSLv2 and '
+                    'SSLv3 may be available on some distributions.'
                ),
     cfg.StrOpt('kombu_ssl_keyfile',
                default='',
@@ -493,8 +493,7 @@ class Connection(object):
     # FIXME(markmc): use oslo sslutils when it is available as a library
     _SSL_PROTOCOLS = {
         "tlsv1": ssl.PROTOCOL_TLSv1,
-        "sslv23": ssl.PROTOCOL_SSLv23,
-        "sslv3": ssl.PROTOCOL_SSLv3
+        "sslv23": ssl.PROTOCOL_SSLv23
     }
 
     try:
@@ -502,6 +501,11 @@ class Connection(object):
     except AttributeError:
         pass
 
+    try:
+        _SSL_PROTOCOLS["sslv3"] = ssl.PROTOCOL_SSLv3
+    except AttributeError:
+        pass
+
     @classmethod
     def validate_ssl_version(cls, version):
         key = version.lower()