From 7eb2e748eb372826ff8057957b1592c4e36d1232 Mon Sep 17 00:00:00 2001 From: Jean-Paul Calderone Date: Fri, 9 Mar 2012 14:57:47 -0800 Subject: Get rid of the OPENSSL_NO_SSL2 check, which is not a complete solution on all platforms; replace it with a check (which should always have been there) of the SSL_CTX_new return value. If SSLv2 is unavailable, the context creation should fail and we will notice at that point. --- OpenSSL/ssl/context.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/OpenSSL/ssl/context.c b/OpenSSL/ssl/context.c index 0b9f4b6..534d207 100644 --- a/OpenSSL/ssl/context.c +++ b/OpenSSL/ssl/context.c @@ -1246,12 +1246,7 @@ ssl_Context_init(ssl_ContextObj *self, int i_method) { switch (i_method) { case ssl_SSLv2_METHOD: -#ifdef OPENSSL_NO_SSL2 - PyErr_SetString(PyExc_ValueError, "SSLv2_METHOD not supported by this version of OpenSSL"); - return NULL; -#else method = SSLv2_method(); -#endif break; case ssl_SSLv23_METHOD: method = SSLv23_method(); @@ -1268,6 +1263,11 @@ ssl_Context_init(ssl_ContextObj *self, int i_method) { } self->ctx = SSL_CTX_new(method); + if (self->ctx == NULL) { + exception_from_error_queue(ssl_Error); + return NULL; + } + Py_INCREF(Py_None); self->passphrase_callback = Py_None; Py_INCREF(Py_None); -- cgit v1.2.1