[Python-Dev] Re: Problem with SSL and socketmodule on Debian Potato?

[Martin v. Loewis]

> So, is this a showstopper issue for the release candidate?

It will mean that the socket module does not work out-of-the-box on
some Debian systems; that could be fixed by enabling the socket module
in Modules/Setup so that it is built without SSL support.

> I believe Neil went on vacation today.  I'd like to have a release
> out in 6 hours.  Should I try to get this fixed???

How about this patch? I've verified that it works with my OpenSSL
installation (0.9.5a), and, by source code inspection, that it should
work with versions back to 0.9.1c (ie. that OPENSSL_VERSION_NUMBER was
always available through including <openssl/crypto.h>).

The logic about RAND_status being 0 if unknown might be flawed, but
that won't hurt unless SSL support is actually used.

If this won't get into 2.1, I'll put it on SF.

Regards,
Martin

Index: socketmodule.c
===================================================================
RCS file: /cvsroot/python/python/dist/src/Modules/socketmodule.c,v
retrieving revision 1.139
diff -u -r1.139 socketmodule.c
--- socketmodule.c	2001/03/18 17:11:56	1.139
+++ socketmodule.c	2001/04/13 15:56:04
@@ -195,6 +195,13 @@
 #include "openssl/ssl.h"
 #include "openssl/err.h"
 #include "openssl/rand.h"
+
+#if OPENSSL_VERSION_NUMBER < 0x0090510fL
+/* RAND_status was added in OpenSSL 0.9.5. If it is not available,
+   we assume that seeding the RNG is necessary every time. */
+#define RAND_status()	0
+#endif
+
 #endif /* USE_SSL */
 
 #if defined(MS_WINDOWS) || defined(__BEOS__)