From fe956dd583b983585bd5b258ab5c5db33db74e90 Mon Sep 17 00:00:00 2001 From: ndmalc <> Date: Tue, 21 Mar 2023 21:31:39 +0100 Subject: [PATCH 1/3] Add Context options for legacy renegotiation support --- src/OpenSSL/SSL.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py index efbf7907e..2061f291e 100644 --- a/src/OpenSSL/SSL.py +++ b/src/OpenSSL/SSL.py @@ -83,6 +83,8 @@ "OP_NO_QUERY_MTU", "OP_COOKIE_EXCHANGE", "OP_NO_TICKET", + "OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION", + "OP_LEGACY_SERVER_CONNECT", "OP_ALL", "VERIFY_PEER", "VERIFY_FAIL_IF_NO_PEER_CERT", @@ -210,6 +212,9 @@ except AttributeError: pass +OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION = _lib.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION +OP_LEGACY_SERVER_CONNECT = _lib.SSL_OP_LEGACY_SERVER_CONNECT + try: OP_IGNORE_UNEXPECTED_EOF = _lib.SSL_OP_IGNORE_UNEXPECTED_EOF __all__.append("OP_IGNORE_UNEXPECTED_EOF") From a524a9e6c147ab8b720e7df5c9b7f5098586f2f1 Mon Sep 17 00:00:00 2001 From: ndmalc <> Date: Tue, 21 Mar 2023 21:40:14 +0100 Subject: [PATCH 2/3] Fix style violation of line too long --- src/OpenSSL/SSL.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py index 2061f291e..b9e2e31bc 100644 --- a/src/OpenSSL/SSL.py +++ b/src/OpenSSL/SSL.py @@ -212,7 +212,8 @@ except AttributeError: pass -OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION = _lib.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION +OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION = \ + _lib.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION OP_LEGACY_SERVER_CONNECT = _lib.SSL_OP_LEGACY_SERVER_CONNECT try: From 3999c907db696838595c9c4f01d7f5378aec5731 Mon Sep 17 00:00:00 2001 From: ndmalc <> Date: Tue, 21 Mar 2023 21:51:18 +0100 Subject: [PATCH 3/3] Fix style violation used in line break --- src/OpenSSL/SSL.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py index b9e2e31bc..d73542525 100644 --- a/src/OpenSSL/SSL.py +++ b/src/OpenSSL/SSL.py @@ -212,8 +212,9 @@ except AttributeError: pass -OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION = \ +OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION = ( _lib.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION +) OP_LEGACY_SERVER_CONNECT = _lib.SSL_OP_LEGACY_SERVER_CONNECT try: