fix sslwrap_simple (closes #22523)
Thanks Alex Gaynor.
diff --git a/Lib/ssl.py b/Lib/ssl.py
index 43c91a2..5bc07a7 100644
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -969,16 +969,16 @@
# a replacement for the old socket.ssl function
def sslwrap_simple(sock, keyfile=None, certfile=None):
-
"""A replacement for the old socket.ssl function. Designed
for compability with Python 2.5 and earlier. Will disappear in
Python 3.0."""
-
if hasattr(sock, "_sock"):
sock = sock._sock
- ssl_sock = _ssl.sslwrap(sock, 0, keyfile, certfile, CERT_NONE,
- PROTOCOL_SSLv23, None)
+ ctx = SSLContext(PROTOCOL_SSLv23)
+ if keyfile or certfile:
+ ctx.load_cert_chain(certfile, keyfile)
+ ssl_sock = ctx._wrap_socket(sock, server_side=False)
try:
sock.getpeername()
except socket_error:
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index eac994f..75bb1e0 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -94,6 +94,8 @@
pass
else:
raise
+
+
def can_clear_options():
# 0.9.8m or higher
return ssl._OPENSSL_API_VERSION >= (0, 9, 8, 13, 15)
@@ -2944,7 +2946,7 @@
if not os.path.exists(filename):
raise support.TestFailed("Can't read certificate file %r" % filename)
- tests = [ContextTests, BasicSocketTests, SSLErrorTests]
+ tests = [ContextTests, BasicTests, BasicSocketTests, SSLErrorTests]
if support.is_resource_enabled('network'):
tests.append(NetworkedTests)