pypa · BuddhaOhneHals · Apr 11, 2016 · Apr 11, 2016 · Apr 11, 2016
diff --git a/ssl/__init__.py b/ssl/__init__.py
@@ -53,6 +53,8 @@
 PROTOCOL_SSLv3
 PROTOCOL_SSLv23
 PROTOCOL_TLSv1
+PROTOCOL_TLSv1_1
+PROTOCOL_TLSv1_2
 PROTOCOL_NOSSLv2 -- anything except version 2
 """
 
@@ -62,7 +64,8 @@
 
 from _ssl2 import SSLError
 from _ssl2 import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
-from _ssl2 import PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1, PROTOCOL_NOSSLv2
+from _ssl2 import PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1, PROTOCOL_TLSv1_1, PROTOCOL_TLSv1_2,\
+    PROTOCOL_NOSSLv2
 from _ssl2 import RAND_status, RAND_egd, RAND_add
 from _ssl2 import \
      SSL_ERROR_ZERO_RETURN, \
@@ -393,6 +396,10 @@ def get_server_certificate (addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
 def get_protocol_name (protocol_code):
     if protocol_code == PROTOCOL_TLSv1:
         return "TLSv1"
+    if protocol_code == PROTOCOL_TLSv1_1:
+        return "TLSv1_1"
+    if protocol_code == PROTOCOL_TLSv1_2:
+        return "TLSv1_2"
     elif protocol_code == PROTOCOL_SSLv23:
         return "SSLv23"
     elif protocol_code == PROTOCOL_SSLv2:

diff --git a/ssl/_ssl2.c b/ssl/_ssl2.c
@@ -69,7 +69,9 @@ enum py_ssl_version {
 	PY_SSL_VERSION_SSL3,
 	PY_SSL_VERSION_SSL23,
 	PY_SSL_VERSION_TLS1,
-        PY_SSL_VERSION_NOSSL2,
+	PY_SSL_VERSION_TLS1_1,
+	PY_SSL_VERSION_TLS1_2,
+	PY_SSL_VERSION_NOSSL2,
 };
 
 /* Include symbols from _socket module */
@@ -304,6 +306,10 @@ newPySSLObject(PySocketSockObject *Sock, char *key_file, char *cert_file,
 	PySSL_BEGIN_ALLOW_THREADS
 	if (proto_version == PY_SSL_VERSION_TLS1)
 		self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
+	if (proto_version == PY_SSL_VERSION_TLS1_1)
+		self->ctx = SSL_CTX_new(TLSv1_1_method()); /* Set up context */
+	if (proto_version == PY_SSL_VERSION_TLS1_2)
+		self->ctx = SSL_CTX_new(TLSv1_2_method()); /* Set up context */
 	else if (proto_version == PY_SSL_VERSION_SSL3)
 		self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
 #ifndef OPENSSL_NO_SSL2
@@ -1689,6 +1695,10 @@ init_ssl2(void)
 				PY_SSL_VERSION_SSL23);
 	PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",
 				PY_SSL_VERSION_TLS1);
+	PyModule_AddIntConstant(m, "PROTOCOL_TLSv1_1",
+				PY_SSL_VERSION_TLS1_1);
+	PyModule_AddIntConstant(m, "PROTOCOL_TLSv1_2",
+				PY_SSL_VERSION_TLS1_2);
 	PyModule_AddIntConstant(m, "PROTOCOL_NOSSLv2",
 				PY_SSL_VERSION_NOSSL2);
 }
diff --git a/test/test_ssl.py b/test/test_ssl.py
@@ -44,6 +44,8 @@ def testCrucialConstants(self):
         ssl.PROTOCOL_SSLv23
         ssl.PROTOCOL_SSLv3
         ssl.PROTOCOL_TLSv1
+        ssl.PROTOCOL_TLSv1_1
+        ssl.PROTOCOL_TLSv1_2
         ssl.CERT_NONE
         ssl.CERT_OPTIONAL
         ssl.CERT_REQUIRED