From 1265945f55604f32d99c3dd7c1efd13b3f2ecd9b Mon Sep 17 00:00:00 2001
From: Maximilian Hils <git@maximilianhils.com>
Date: Sat, 29 Aug 2015 12:30:35 +0200
Subject: [PATCH] move sslversion mapping to netlib

---
 netlib/tcp.py | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/netlib/tcp.py b/netlib/tcp.py
index 9dfa8d228..0d83816b1 100644
--- a/netlib/tcp.py
+++ b/netlib/tcp.py
@@ -32,6 +32,23 @@ SSL_DEFAULT_OPTIONS = (
 if hasattr(SSL, "OP_NO_COMPRESSION"):
     SSL_DEFAULT_OPTIONS |= SSL.OP_NO_COMPRESSION
 
+"""
+Map a reasonable SSL version specification into the format OpenSSL expects.
+Don't ask...
+https://bugs.launchpad.net/pyopenssl/+bug/1020632/comments/3
+"""
+sslversion_choices = {
+    "all": (SSL.SSLv23_METHOD, 0),
+    # SSLv23_METHOD + NO_SSLv2 + NO_SSLv3 == TLS 1.0+
+    # TLSv1_METHOD would be TLS 1.0 only
+    "secure": (SSL.SSLv23_METHOD, (SSL.OP_NO_SSLv2 | SSL.OP_NO_SSLv3)),
+    "SSLv2": (SSL.SSLv2_METHOD, 0),
+    "SSLv3": (SSL.SSLv3_METHOD, 0),
+    "TLSv1": (SSL.TLSv1_METHOD, 0),
+    "TLSv1_1": (SSL.TLSv1_1_METHOD, 0),
+    "TLSv1_2": (SSL.TLSv1_2_METHOD, 0),
+}
+
 
 class NetLibError(Exception):
     pass