Revision - 7316c6d - [3.6] bpo-30622: Change NPN detection: (GH-2079) (#3314) - origin: https://github.com/python/cpython

Staging
v0.5.1

visit type:

https://github.com/python/cpython

09 December 2020, 11:06:31 UTC

Revision 7316c6d4a57931e9786c06eae168b227d7463317 authored by Christian Heimes on 05 September 2017, 14:00:44 UTC, committed by GitHub on 05 September 2017, 14:00:44 UTC

[3.6] bpo-30622: Change NPN detection: (GH-2079) (#3314)

* Change NPN detection:

Version breakdown, support disabled (pre-patch/post-patch):
- pre-1.0.1: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False
- 1.0.1 and 1.0.2: OPENSSL_NPN_NEGOTIATED will not be defined ->
False/False
- 1.1.0+: OPENSSL_NPN_NEGOTIATED will be defined and
OPENSSL_NO_NEXTPROTONEG will be defined -> True/False

Version breakdown support enabled (pre-patch/post-patch):
- pre-1.0.1: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False
- 1.0.1 and 1.0.2: OPENSSL_NPN_NEGOTIATED will be defined and
OPENSSL_NO_NEXTPROTONEG will not be defined -> True/True
- 1.1.0+: OPENSSL_NPN_NEGOTIATED will be defined and
OPENSSL_NO_NEXTPROTONEG will not be defined -> True/True

* Refine NPN guard:

- If NPN is disabled, but ALPN is available we need our callback
- Make clinic's ssl behave the same way

This created a working ssl module for me, with NPN disabled and ALPN
enabled for OpenSSL 1.1.0f.

Concerns to address:
The initial commit for NPN support into OpenSSL [1], had the
OPENSSL_NPN_* variables defined inside the OPENSSL_NO_NEXTPROTONEG
guard. The question is if that ever made it into a release.
This would need an ugly hack, something like:

	GH-if defined(OPENSSL_NO_NEXTPROTONEG) && \
		!defined(OPENSSL_NPN_NEGOTIATED)
	GH-	define OPENSSL_NPN_UNSUPPORTED 0
	GH-	define OPENSSL_NPN_NEGOTIATED 1
	GH-	define OPENSSL_NPN_NO_OVERLAP 2
	GH-endif

[1] https://github.com/openssl/openssl/commit/68b33cc5c7
(cherry picked from commit b2d096b)

1 parent e2543a6

Files
Changes

Permalinks

Tip revision: 7316c6d4a57931e9786c06eae168b227d7463317 authored by Christian Heimes on 05 September 2017, 14:00:44 UTC
[3.6] bpo-30622: Change NPN detection: (GH-2079) (#3314)

Tip revision: 7316c6d

.hgeol

[patterns]

# Non human-editable files are binary

**.dsp  = BIN
**.dsw  = BIN
**.mk   = BIN
**.sln  = BIN
**.vcproj  = BIN
**.vsprops = BIN

**.aif  = BIN
**.aifc = BIN
**.aiff = BIN
**.au   = BIN
**.bmp  = BIN
**.db   = BIN
**.exe  = BIN
**.icns = BIN
**.gif  = BIN
**.ico  = BIN
**.info = BIN
**.jpg  = BIN
**.pck  = BIN
**.png  = BIN
**.psd  = BIN
**.tar  = BIN
**.wav  = BIN
**.whl  = BIN
**.xar  = BIN
**.zip  = BIN

Lib/test/cjkencodings/* = BIN
Lib/test/decimaltestdata/*.decTest = BIN
Lib/test/sndhdrdata/sndhdr.* = BIN
Lib/test/test_email/data/msg_26.txt = BIN
Lib/test/xmltestdata/* = BIN

Lib/venv/scripts/nt/* = BIN

Lib/test/coding20731.py = BIN

# Windows only zlib upstream file
Modules/zlib/zlib.map = CRLF

# Windows batch files work best with CRLF, there can be subtle problems with LF
**.bat = CRLF

# The Windows readme is likely to be read in Notepad, so make it readable
PCbuild/readme.txt = CRLF

# All other files (which presumably are human-editable) are "native".
# This must be the last rule!

** = native

[repository]
native = LF

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...