Try to really fix compilation failures of the _ssl module under very old OpenSSLs.

diff --git a/Lib/ssl.py b/Lib/ssl.py
index 0282ee924a092e61af185b1c8c94ce15c1604797..e899059bad1e3469fd1ae661df92ca23e2cadf85 100644 (file)
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -68,12 +68,16 @@ from _ssl import (
 from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
 from _ssl import (
     OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1,
-    OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE, OP_SINGLE_ECDH_USE,
+    OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE
     )
 try:
     from _ssl import OP_NO_COMPRESSION
 except ImportError:
     pass
+try:
+    from _ssl import OP_SINGLE_ECDH_USE
+except ImportError:
+    pass
 from _ssl import RAND_status, RAND_egd, RAND_add, RAND_bytes, RAND_pseudo_bytes
 from _ssl import (
     SSL_ERROR_ZERO_RETURN,

diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index e25f354264612c2dee1e223940d2c2e0d47e6c99..8225e68f1d4e1aa66425ed2c26f681c86c92d56e 100644 (file)
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -145,6 +145,12 @@ static unsigned int _ssl_locks_count = 0;
 # define HAVE_OPENSSL_FINISHED 0
 #endif
 
+/* ECDH support got added to OpenSSL in 0.9.8 */
+#if OPENSSL_VERSION_NUMBER < 0x0090800fL && !defined(OPENSSL_NO_ECDH)
+# define OPENSSL_NO_ECDH
+#endif
+
+
 typedef struct {
     PyObject_HEAD
     SSL_CTX *ctx;