diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2016-12-19 06:03:48 -0600 |
---|---|---|
committer | Hynek Schlawack <hs@ox.cx> | 2016-12-19 13:03:48 +0100 |
commit | 6c6bf865acdd3c5ca5f47b1dbc2903023fd286b6 (patch) | |
tree | b6fbeeb2e3782030b4bf4d856a08494bbca9da7c /src/OpenSSL/SSL.py | |
parent | 63ef9bc5f98261ca9585919b929c13d015fc5d1f (diff) | |
download | pyopenssl-6c6bf865acdd3c5ca5f47b1dbc2903023fd286b6.tar.gz |
automatically set SSL_CTX_set_ecdh_auto when available (#575)
Diffstat (limited to 'src/OpenSSL/SSL.py')
-rw-r--r-- | src/OpenSSL/SSL.py | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py index 63a0b7e..eb0de10 100644 --- a/src/OpenSSL/SSL.py +++ b/src/OpenSSL/SSL.py @@ -475,6 +475,15 @@ class Context(object): _openssl_assert(context != _ffi.NULL) context = _ffi.gc(context, _lib.SSL_CTX_free) + # If SSL_CTX_set_ecdh_auto is available then set it so the ECDH curve + # will be auto-selected. This function was added in 1.0.2 and made a + # noop in 1.1.0+ (where it is set automatically). + try: + res = _lib.SSL_CTX_set_ecdh_auto(context, 1) + _openssl_assert(res == 1) + except AttributeError: + pass + self._context = context self._passphrase_helper = None self._passphrase_callback = None |