92 The `ssl` module does not have the `SSLContext` class. This indicates an old |
92 The `ssl` module does not have the `SSLContext` class. This indicates an old |
93 Python version which does not support modern security features (which were |
93 Python version which does not support modern security features (which were |
94 added to Python 2.7 as part of "PEP 466"). Please make sure you have installed |
94 added to Python 2.7 as part of "PEP 466"). Please make sure you have installed |
95 at least Python 2.7.9 or a Python version with backports of these security |
95 at least Python 2.7.9 or a Python version with backports of these security |
96 features. |
96 features. |
|
97 """ |
|
98 printf(error, file=sys.stderr) |
|
99 sys.exit(1) |
|
100 |
|
101 # ssl.HAS_TLSv1* are preferred to check support but they were added in Python |
|
102 # 3.7. Prior to CPython commit 6e8cda91d92da72800d891b2fc2073ecbc134d98 |
|
103 # (backported to the 3.7 branch), ssl.PROTOCOL_TLSv1_1 / ssl.PROTOCOL_TLSv1_2 |
|
104 # were defined only if compiled against a OpenSSL version with TLS 1.1 / 1.2 |
|
105 # support. At the mentioned commit, they were unconditionally defined. |
|
106 _notset = object() |
|
107 has_tlsv1_1 = getattr(ssl, 'HAS_TLSv1_1', _notset) |
|
108 if has_tlsv1_1 is _notset: |
|
109 has_tlsv1_1 = getattr(ssl, 'PROTOCOL_TLSv1_1', _notset) is not _notset |
|
110 has_tlsv1_2 = getattr(ssl, 'HAS_TLSv1_2', _notset) |
|
111 if has_tlsv1_2 is _notset: |
|
112 has_tlsv1_2 = getattr(ssl, 'PROTOCOL_TLSv1_2', _notset) is not _notset |
|
113 if not (has_tlsv1_1 or has_tlsv1_2): |
|
114 error = """ |
|
115 The `ssl` module does not advertise support for TLS 1.1 or TLS 1.2. |
|
116 Please make sure that your Python installation was compiled against an OpenSSL |
|
117 version enabling these features (likely this requires the OpenSSL version to |
|
118 be at least 1.0.1). |
97 """ |
119 """ |
98 printf(error, file=sys.stderr) |
120 printf(error, file=sys.stderr) |
99 sys.exit(1) |
121 sys.exit(1) |
100 |
122 |
101 if sys.version_info[0] >= 3: |
123 if sys.version_info[0] >= 3: |