We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 7e57640 commit fea40c6Copy full SHA for fea40c6
1 file changed
Modules/_ssl.c
@@ -4373,18 +4373,19 @@ _ssl__SSLContext_set_ecdh_curve(PySSLContext *self, PyObject *name)
4373
/*[clinic end generated code: output=23022c196e40d7d2 input=c2bafb6f6e34726b]*/
4374
{
4375
PyObject *name_bytes;
4376
- int nid;
+
4377
if (!PyUnicode_FSConverter(name, &name_bytes))
4378
return NULL;
4379
assert(PyBytes_Check(name_bytes));
4380
+#if OPENSSL_VERSION_MAJOR < 3
4381
+ int nid;
4382
nid = OBJ_sn2nid(PyBytes_AS_STRING(name_bytes));
4383
Py_DECREF(name_bytes);
4384
if (nid == 0) {
4385
PyErr_Format(PyExc_ValueError,
4386
"unknown elliptic curve name %R", name);
4387
4388
}
-#if OPENSSL_VERSION_MAJOR < 3
4389
EC_KEY *key = EC_KEY_new_by_curve_name(nid);
4390
if (key == NULL) {
4391
_setSSLError(get_state_ctx(self), NULL, 0, __FILE__, __LINE__);
@@ -4393,7 +4394,9 @@ _ssl__SSLContext_set_ecdh_curve(PySSLContext *self, PyObject *name)
4393
4394
SSL_CTX_set_tmp_ecdh(self->ctx, key);
4395
EC_KEY_free(key);
4396
#else
- if (!SSL_CTX_set1_groups(self->ctx, &nid, 1)) {
4397
+ int res = SSL_CTX_set1_groups_list(self->ctx, PyBytes_AS_STRING(name_bytes));
4398
+ Py_DECREF(name_bytes);
4399
+ if (!res) {
4400
4401
4402
0 commit comments