#endif
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
-# define HAVE_ALPN
+# define HAVE_ALPN 1
+#else
+# define HAVE_ALPN 0
#endif
/* We cannot rely on OPENSSL_NO_NEXTPROTONEG because LibreSSL 2.6.1 dropped
* NPN support but did not set OPENSSL_NO_NEXTPROTONEG for compatibility
* reasons. The check for TLSEXT_TYPE_next_proto_neg works with
* OpenSSL 1.0.1+ and LibreSSL.
+ * OpenSSL 1.1.1-pre1 dropped NPN but still has TLSEXT_TYPE_next_proto_neg.
*/
#ifdef OPENSSL_NO_NEXTPROTONEG
-# define HAVE_NPN 0
+# define HAVE_NPN 0
+#elif (OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(LIBRESSL_VERSION_NUMBER)
+# define HAVE_NPN 0
#elif defined(TLSEXT_TYPE_next_proto_neg)
-# define HAVE_NPN 1
+# define HAVE_NPN 1
#else
-# define HAVE_NPN 0
-# endif
+# define HAVE_NPN 0
+#endif
#ifndef INVALID_SOCKET /* MS defines this */
#define INVALID_SOCKET (-1)
typedef struct {
PyObject_HEAD
SSL_CTX *ctx;
-#ifdef HAVE_NPN
+#if HAVE_NPN
unsigned char *npn_protocols;
int npn_protocols_len;
#endif
-#ifdef HAVE_ALPN
+#if HAVE_ALPN
unsigned char *alpn_protocols;
unsigned int alpn_protocols_len;
#endif
return PyUnicode_FromString(version);
}
-#ifdef HAVE_NPN
+#if HAVE_NPN
/*[clinic input]
_ssl._SSLSocket.selected_npn_protocol
[clinic start generated code]*/
}
#endif
-#ifdef HAVE_ALPN
+#if HAVE_ALPN
/*[clinic input]
_ssl._SSLSocket.selected_alpn_protocol
[clinic start generated code]*/
self->ctx = ctx;
self->hostflags = X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS;
self->protocol = proto_version;
-#ifdef HAVE_NPN
+#if HAVE_NPN
self->npn_protocols = NULL;
#endif
-#ifdef HAVE_ALPN
+#if HAVE_ALPN
self->alpn_protocols = NULL;
#endif
#ifndef OPENSSL_NO_TLSEXT
PyObject_GC_UnTrack(self);
context_clear(self);
SSL_CTX_free(self->ctx);
-#ifdef HAVE_NPN
+#if HAVE_NPN
PyMem_FREE(self->npn_protocols);
#endif
-#ifdef HAVE_ALPN
+#if HAVE_ALPN
PyMem_FREE(self->alpn_protocols);
#endif
Py_TYPE(self)->tp_free(self);
#endif
-#if defined(HAVE_NPN) || defined(HAVE_ALPN)
+#if HAVE_NPN || HAVE_ALPN
static int
do_protocol_selection(int alpn, unsigned char **out, unsigned char *outlen,
const unsigned char *server_protocols, unsigned int server_protocols_len,
}
#endif
-#ifdef HAVE_NPN
+#if HAVE_NPN
/* this callback gets passed to SSL_CTX_set_next_protos_advertise_cb */
static int
_advertiseNPN_cb(SSL *s,
Py_buffer *protos)
/*[clinic end generated code: output=72b002c3324390c6 input=319fcb66abf95bd7]*/
{
-#ifdef HAVE_NPN
+#if HAVE_NPN
PyMem_Free(self->npn_protocols);
self->npn_protocols = PyMem_Malloc(protos->len);
if (self->npn_protocols == NULL)
#endif
}
-#ifdef HAVE_ALPN
+#if HAVE_ALPN
static int
_selectALPN_cb(SSL *s,
const unsigned char **out, unsigned char *outlen,
Py_buffer *protos)
/*[clinic end generated code: output=87599a7f76651a9b input=9bba964595d519be]*/
{
-#ifdef HAVE_ALPN
+#if HAVE_ALPN
if ((size_t)protos->len > UINT_MAX) {
PyErr_Format(PyExc_OverflowError,
"protocols longer than %d bytes", UINT_MAX);
Py_INCREF(r);
PyModule_AddObject(m, "HAS_ECDH", r);
-#ifdef HAVE_NPN
+#if HAVE_NPN
r = Py_True;
#else
r = Py_False;
Py_INCREF(r);
PyModule_AddObject(m, "HAS_NPN", r);
-#ifdef HAVE_ALPN
+#if HAVE_ALPN
r = Py_True;
#else
r = Py_False;
return _ssl__SSLSocket_version_impl(self);
}
-#if defined(HAVE_NPN)
+#if (HAVE_NPN)
PyDoc_STRVAR(_ssl__SSLSocket_selected_npn_protocol__doc__,
"selected_npn_protocol($self, /)\n"
return _ssl__SSLSocket_selected_npn_protocol_impl(self);
}
-#endif /* defined(HAVE_NPN) */
+#endif /* (HAVE_NPN) */
-#if defined(HAVE_ALPN)
+#if (HAVE_ALPN)
PyDoc_STRVAR(_ssl__SSLSocket_selected_alpn_protocol__doc__,
"selected_alpn_protocol($self, /)\n"
return _ssl__SSLSocket_selected_alpn_protocol_impl(self);
}
-#endif /* defined(HAVE_ALPN) */
+#endif /* (HAVE_ALPN) */
PyDoc_STRVAR(_ssl__SSLSocket_compression__doc__,
"compression($self, /)\n"
#ifndef _SSL_ENUM_CRLS_METHODDEF
#define _SSL_ENUM_CRLS_METHODDEF
#endif /* !defined(_SSL_ENUM_CRLS_METHODDEF) */
-/*[clinic end generated code: output=a00fef6a470cfc2c input=a9049054013a1b77]*/
+/*[clinic end generated code: output=e2417fee28666f7c input=a9049054013a1b77]*/
projects / python / commitdiff