Add more TLS protocols to rabbit impl
Python 2.7.9 added PROTOCOL_TLSv1_1 and PROTOCOL_TLSv1_2, so these are added to the allowed kombu_ssl_version values. See https://docs.python.org/2/library/ssl.html#ssl.PROTOCOL_TLSv1_1 Change-Id: I1dd590d916ab524284a941db91b9cb81fd4639bb
This commit is contained in:
parent
42f55a1dda
commit
1624793088
|
@ -41,8 +41,9 @@ rabbit_opts = [
|
||||||
cfg.StrOpt('kombu_ssl_version',
|
cfg.StrOpt('kombu_ssl_version',
|
||||||
default='',
|
default='',
|
||||||
help='SSL version to use (valid only if SSL enabled). '
|
help='SSL version to use (valid only if SSL enabled). '
|
||||||
'valid values are TLSv1 and SSLv23. SSLv2 and '
|
'Valid values are TLSv1 and SSLv23. SSLv2, SSLv3, '
|
||||||
'SSLv3 may be available on some distributions.'
|
'TLSv1_1, and TLSv1_2 may be available on some '
|
||||||
|
'distributions.'
|
||||||
),
|
),
|
||||||
cfg.StrOpt('kombu_ssl_keyfile',
|
cfg.StrOpt('kombu_ssl_keyfile',
|
||||||
default='',
|
default='',
|
||||||
|
@ -499,15 +500,18 @@ class Connection(object):
|
||||||
"sslv23": ssl.PROTOCOL_SSLv23
|
"sslv23": ssl.PROTOCOL_SSLv23
|
||||||
}
|
}
|
||||||
|
|
||||||
try:
|
_OPTIONAL_PROTOCOLS = {
|
||||||
_SSL_PROTOCOLS["sslv2"] = ssl.PROTOCOL_SSLv2
|
'sslv2': 'PROTOCOL_SSLv2',
|
||||||
except AttributeError:
|
'sslv3': 'PROTOCOL_SSLv3',
|
||||||
pass
|
'tlsv1_1': 'PROTOCOL_TLSv1_1',
|
||||||
|
'tlsv1_2': 'PROTOCOL_TLSv1_2',
|
||||||
try:
|
}
|
||||||
_SSL_PROTOCOLS["sslv3"] = ssl.PROTOCOL_SSLv3
|
for protocol in _OPTIONAL_PROTOCOLS:
|
||||||
except AttributeError:
|
try:
|
||||||
pass
|
_SSL_PROTOCOLS[protocol] = getattr(ssl,
|
||||||
|
_OPTIONAL_PROTOCOLS[protocol])
|
||||||
|
except AttributeError:
|
||||||
|
pass
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def validate_ssl_version(cls, version):
|
def validate_ssl_version(cls, version):
|
||||||
|
|
Loading…
Reference in New Issue