Add more TLS protocols to rabbit impl

Python 2.7.9 added PROTOCOL_TLSv1_1 and PROTOCOL_TLSv1_2, so these
are added to the allowed kombu_ssl_version values.

See https://docs.python.org/2/library/ssl.html#ssl.PROTOCOL_TLSv1_1

Change-Id: I1dd590d916ab524284a941db91b9cb81fd4639bb
This commit is contained in:
Brant Knudson 2014-11-25 10:59:05 -06:00
parent 42f55a1dda
commit 1624793088
1 changed files with 15 additions and 11 deletions

View File

@ -41,8 +41,9 @@ rabbit_opts = [
cfg.StrOpt('kombu_ssl_version', cfg.StrOpt('kombu_ssl_version',
default='', default='',
help='SSL version to use (valid only if SSL enabled). ' help='SSL version to use (valid only if SSL enabled). '
'valid values are TLSv1 and SSLv23. SSLv2 and ' 'Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, '
'SSLv3 may be available on some distributions.' 'TLSv1_1, and TLSv1_2 may be available on some '
'distributions.'
), ),
cfg.StrOpt('kombu_ssl_keyfile', cfg.StrOpt('kombu_ssl_keyfile',
default='', default='',
@ -499,15 +500,18 @@ class Connection(object):
"sslv23": ssl.PROTOCOL_SSLv23 "sslv23": ssl.PROTOCOL_SSLv23
} }
try: _OPTIONAL_PROTOCOLS = {
_SSL_PROTOCOLS["sslv2"] = ssl.PROTOCOL_SSLv2 'sslv2': 'PROTOCOL_SSLv2',
except AttributeError: 'sslv3': 'PROTOCOL_SSLv3',
pass 'tlsv1_1': 'PROTOCOL_TLSv1_1',
'tlsv1_2': 'PROTOCOL_TLSv1_2',
try: }
_SSL_PROTOCOLS["sslv3"] = ssl.PROTOCOL_SSLv3 for protocol in _OPTIONAL_PROTOCOLS:
except AttributeError: try:
pass _SSL_PROTOCOLS[protocol] = getattr(ssl,
_OPTIONAL_PROTOCOLS[protocol])
except AttributeError:
pass
@classmethod @classmethod
def validate_ssl_version(cls, version): def validate_ssl_version(cls, version):