v20151222

`OPENSSL_NO_SSL3` patch for 3.0.x, 3.1.x and 3.2.x

CHANGELOG.md

@@ -1,12 +1,18 @@
 ## Version History
 
+### 20151222
+
+* pyenv: Merge recent changes from rbenv as of 2015-12-14 (#504)
+* python-build: Add a `OPENSSL_NO_SSL3` patch for CPython 2.6, 2.7, 3.0, 3.1, 3.2 and 3.3 series (#507, #511)
+* python-build: Stopped using mirror at yyuu.github.io for CPython since http://www.python.org is on fast.ly
+
 ### 20151210
 
-+ pyenv: Add a default hook for Anaconda to look for original `$PATH` (#491)
-+ pyenv: Skip virtualenv aliases on `pyenv versions --skip-aliases` (yyuu/pyenv-virtualenv#126)
-+ python-build: Add CPython 2.7.11, 3.5.1 (#494, #498)
-+ python-build: Update OpenSSL to 1.0.1q (#496)
-+ python-build: Adding SSL patch to build 2.7.3 on Debian (#495)
+* pyenv: Add a default hook for Anaconda to look for original `$PATH` (#491)
+* pyenv: Skip virtualenv aliases on `pyenv versions --skip-aliases` (yyuu/pyenv-virtualenv#126)
+* python-build: Add CPython 2.7.11, 3.5.1 (#494, #498)
+* python-build: Update OpenSSL to 1.0.1q (#496)
+* python-build: Adding SSL patch to build 2.7.3 on Debian (#495)
 
 ### 20151124
 

README.md

@@ -67,7 +67,6 @@ executables injected into your `PATH`, determines which Python version
 has been specified by your application, and passes your commands along
 to the correct Python installation.
 
-
 ### Understanding PATH
 
 When you run a command like `python` or `pip`, your operating system
@@ -83,7 +82,6 @@ precedence over another one at the end. In this example, the
 `/usr/local/bin` directory will be searched first, then `/usr/bin`,
 then `/bin`.
 
-
 ### Understanding Shims
 
 pyenv works by inserting a directory of _shims_ at the front of your
@@ -104,7 +102,6 @@ operating system will do the following:
 * Run the shim named `pip`, which in turn passes the command along to
   pyenv
 
-
 ### Choosing the Python Version
 
 When you execute a shim, pyenv determines which Python version to use by

libexec/pyenv

@@ -28,26 +28,26 @@ if enable -f "${BASH_SOURCE%/*}"/../libexec/pyenv-realpath.dylib realpath 2>/dev
 else
   [ -z "$PYENV_NATIVE_EXT" ] || abort "failed to load \`realpath' builtin"
 
-READLINK=$(type -p greadlink readlink | head -1)
-[ -n "$READLINK" ] || abort "cannot find readlink - are you missing GNU coreutils?"
+  READLINK=$(type -p greadlink readlink | head -1)
+  [ -n "$READLINK" ] || abort "cannot find readlink - are you missing GNU coreutils?"
 
-resolve_link() {
-  $READLINK "$1"
-}
+  resolve_link() {
+    $READLINK "$1"
+  }
 
-abs_dirname() {
-  local cwd="$(pwd)"
-  local path="$1"
+  abs_dirname() {
+    local cwd="$PWD"
+    local path="$1"
 
-  while [ -n "$path" ]; do
-    cd "${path%/*}"
-    local name="${path##*/}"
-    path="$(resolve_link "$name" || true)"
-  done
+    while [ -n "$path" ]; do
+      cd "${path%/*}"
+      local name="${path##*/}"
+      path="$(resolve_link "$name" || true)"
+    done
 
-  pwd
-  cd "$cwd"
-}
+    pwd
+    cd "$cwd"
+  }
 fi
 
 if [ -z "${PYENV_ROOT}" ]; then
@@ -71,10 +71,10 @@ if [ -z "${PYENV_DIR}" ]; then
 fi
 
 if [ -z "${PYENV_DIR}" ]; then
-  PYENV_DIR="$(pwd)"
+  PYENV_DIR="$PWD"
 else
   cd "$PYENV_DIR" 2>/dev/null || abort "cannot change working directory to \`$PYENV_DIR'"
-  PYENV_DIR="$(pwd)"
+  PYENV_DIR="$PWD"
   cd "$OLDPWD"
 fi
 export PYENV_DIR

libexec/pyenv---version

@@ -12,7 +12,7 @@
 set -e
 [ -n "$PYENV_DEBUG" ] && set -x
 
-version="20151210"
+version="20151222"
 git_revision=""
 
 for source_dir in "${BASH_SOURCE%/*}" "$PYENV_ROOT"; do

libexec/pyenv-which

@@ -23,7 +23,8 @@ remove_from_path() {
     path_before="$result"
     result="${result//:$path_to_remove:/:}"
   done
-  echo "${result%:}"
+  result="${result%:}"
+  echo "${result#:}"
 }
 
 PYENV_COMMAND="$1"

plugins/python-build/bin/python-build

@@ -1231,8 +1231,31 @@ require_distro() {
   return 1
 }
 
+configured_with_package_dir() {
+  local package_var_name="$(capitalize "$1")"
+  shift 1
+  local PACKAGE_CONFIGURE_OPTS="${package_var_name}_CONFIGURE_OPTS"
+  local PACKAGE_CONFIGURE_OPTS_ARRAY="${package_var_name}_MAKE_OPTS_ARRAY[@]"
+  local arg flag
+  for arg in ${CONFIGURE_OPTS} ${!PACKAGE_CONFIGURE_OPTS} "${!PACKAGE_CONFIGURE_OPTS_ARRAY}"; do
+    if [[ "$arg" == "CPPFLAGS="* ]]; then
+      for flag in ${CPPFLAGS} ${arg##CPPFLAGS=}; do
+        if [[ "$flag" == "-I"* ]]; then
+          local header
+          for header in "$@"; do
+            if [ -e "${flag##-I}/${header#/}" ]; then
+              return 0
+            fi
+          done
+        fi
+      done
+    fi
+  done
+  return 1
+}
+
 needs_yaml() {
-  [[ "$RUBY_CONFIGURE_OPTS" != *--with-libyaml-dir=* ]] &&
+  ! configured_with_package_dir "python" "yaml.h" &&
   ! use_homebrew_yaml
 }
 
@@ -1246,30 +1269,16 @@ use_homebrew_yaml() {
   fi
 }
 
-configured_with_readline_dir() {
+has_broken_mac_readline() {
   # Mac OS X 10.4 has broken readline.
   # https://github.com/yyuu/pyenv/issues/23
-  local arg flag
-  for arg in ${CONFIGURE_OPTS} ${PYTHON_CONFIGURE_OPTS} "${PYTHON_CONFIGURE_OPTS_ARRAY[@]}"; do
-    if [[ "$arg" == "CPPFLAGS="* ]]; then
-      for flag in ${CPPFLAGS} ${arg##CPPFLAGS=}; do
-        if [[ "$flag" == "-I"* ]] && [ -e "${flag##-I}/readline/rlconf.h" ]; then
-          return 0
-        fi
-      done
-    fi
-  done
-  return 1
-}
-
-has_broken_mac_readline() {
   [ "$(uname -s)" = "Darwin" ] &&
-  ! configured_with_readline_dir &&
+  ! configured_with_package_dir "python" "readline/rlconf.h" &&
   ! use_homebrew_readline
 }
 
 use_homebrew_readline() {
-  if ! configured_with_readline_dir; then
+  if ! configured_with_package_dir "python" "readline/rlconf.h"; then
     local libdir="$(brew --prefix readline 2>/dev/null || true)"
     if [ -d "$libdir" ]; then
       export CPPFLAGS="-I$libdir/include ${CPPFLAGS}"

plugins/python-build/share/python-build/2.3.7

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.2" "http://ftpmirror.gnu.org/readline/readline-6.2.tar.gz#67948acb2ca081f23359d0256e9a271c" standard --if has_broken_mac_readline
-install_package "Python-2.3.7" "http://python.org/ftp/python/2.3.7/Python-2.3.7.tgz#969a9891dce9f50b13e54f9890acaf2be66715a5895bf9b11111f320c205b90e" ldflags_dirs standard verify_py23
+install_package "Python-2.3.7" "http://www.python.org/ftp/python/2.3.7/Python-2.3.7.tgz#969a9891dce9f50b13e54f9890acaf2be66715a5895bf9b11111f320c205b90e" ldflags_dirs standard verify_py23
 #install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#13951be6711438073fbe50843e7f141f" python
 #install_package "pip-1.1" "https://pypi.python.org/packages/source/p/pip/pip-1.1.tar.gz#62a9f08dd5dc69d76734568a6c040508" python

plugins/python-build/share/python-build/2.4

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.4" "http://python.org/ftp/python/2.4/Python-2.4.tgz#ff746de0fae8691c082414b42a2bb172da8797e6e8ff66c9a39d2e452f7034e9" ldflags_dirs standard verify_py24
+install_package "Python-2.4" "http://www.python.org/ftp/python/2.4/Python-2.4.tgz#ff746de0fae8691c082414b42a2bb172da8797e6e8ff66c9a39d2e452f7034e9" ldflags_dirs standard verify_py24
 install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#263986a60a83aba790a5bffc7d009ac88114ba4e908e5c90e453b3bf2155dbbd" python
 install_package "pip-1.1" "https://pypi.python.org/packages/source/p/pip/pip-1.1.tar.gz#993804bb947d18508acee02141281c77d27677f8c14eaa64d6287a1c53ef01c8" python

plugins/python-build/share/python-build/2.4.1

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.4.1" "http://python.org/ftp/python/2.4.1/Python-2.4.1.tgz#f449c3b167389324c525ad99d02376c518ac11e163dbbbc13bc88a5c7101fd00" ldflags_dirs standard verify_py24
+install_package "Python-2.4.1" "http://www.python.org/ftp/python/2.4.1/Python-2.4.1.tgz#f449c3b167389324c525ad99d02376c518ac11e163dbbbc13bc88a5c7101fd00" ldflags_dirs standard verify_py24
 install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#263986a60a83aba790a5bffc7d009ac88114ba4e908e5c90e453b3bf2155dbbd" python
 install_package "pip-1.1" "https://pypi.python.org/packages/source/p/pip/pip-1.1.tar.gz#993804bb947d18508acee02141281c77d27677f8c14eaa64d6287a1c53ef01c8" python

plugins/python-build/share/python-build/2.4.2

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.4.2" "http://python.org/ftp/python/2.4.2/Python-2.4.2.tgz#2653e1846e87fd9b3ee287fefc965c80c54646548b4913a22265b0dd54493adf" ldflags_dirs standard verify_py24
+install_package "Python-2.4.2" "http://www.python.org/ftp/python/2.4.2/Python-2.4.2.tgz#2653e1846e87fd9b3ee287fefc965c80c54646548b4913a22265b0dd54493adf" ldflags_dirs standard verify_py24
 install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#263986a60a83aba790a5bffc7d009ac88114ba4e908e5c90e453b3bf2155dbbd" python
 install_package "pip-1.1" "https://pypi.python.org/packages/source/p/pip/pip-1.1.tar.gz#993804bb947d18508acee02141281c77d27677f8c14eaa64d6287a1c53ef01c8" python

plugins/python-build/share/python-build/2.4.3

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.4.3" "http://python.org/ftp/python/2.4.3/Python-2.4.3.tgz#985a413932f5e31e6280b37da6b285a3a0b2748c6786643989ed9b23de97e2d5" ldflags_dirs standard verify_py24
+install_package "Python-2.4.3" "http://www.python.org/ftp/python/2.4.3/Python-2.4.3.tgz#985a413932f5e31e6280b37da6b285a3a0b2748c6786643989ed9b23de97e2d5" ldflags_dirs standard verify_py24
 install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#263986a60a83aba790a5bffc7d009ac88114ba4e908e5c90e453b3bf2155dbbd" python
 install_package "pip-1.1" "https://pypi.python.org/packages/source/p/pip/pip-1.1.tar.gz#993804bb947d18508acee02141281c77d27677f8c14eaa64d6287a1c53ef01c8" python

plugins/python-build/share/python-build/2.4.4

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.4.4" "http://python.org/ftp/python/2.4.4/Python-2.4.4.tgz#92be6e20cbc3111d9dd0c016d72ef7914c23b879dc52df7ba28df97afbf12e2e" ldflags_dirs standard verify_py24
+install_package "Python-2.4.4" "http://www.python.org/ftp/python/2.4.4/Python-2.4.4.tgz#92be6e20cbc3111d9dd0c016d72ef7914c23b879dc52df7ba28df97afbf12e2e" ldflags_dirs standard verify_py24
 install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#263986a60a83aba790a5bffc7d009ac88114ba4e908e5c90e453b3bf2155dbbd" python
 install_package "pip-1.1" "https://pypi.python.org/packages/source/p/pip/pip-1.1.tar.gz#993804bb947d18508acee02141281c77d27677f8c14eaa64d6287a1c53ef01c8" python

plugins/python-build/share/python-build/2.4.5

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.4.5" "http://python.org/ftp/python/2.4.5/Python-2.4.5.tgz#6ae6f67a388a7f70ed3a20eebab5aae995ee433089d1f1724095c62f4b7389a1" ldflags_dirs standard verify_py24
+install_package "Python-2.4.5" "http://www.python.org/ftp/python/2.4.5/Python-2.4.5.tgz#6ae6f67a388a7f70ed3a20eebab5aae995ee433089d1f1724095c62f4b7389a1" ldflags_dirs standard verify_py24
 install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#263986a60a83aba790a5bffc7d009ac88114ba4e908e5c90e453b3bf2155dbbd" python
 install_package "pip-1.1" "https://pypi.python.org/packages/source/p/pip/pip-1.1.tar.gz#993804bb947d18508acee02141281c77d27677f8c14eaa64d6287a1c53ef01c8" python

plugins/python-build/share/python-build/2.4.6

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.4.6" "http://python.org/ftp/python/2.4.6/Python-2.4.6.tgz#b03f269e826927f05c966cf4f4414f3c93ee2314960859e7f8375e24e82f8b02" ldflags_dirs standard verify_py24
+install_package "Python-2.4.6" "http://www.python.org/ftp/python/2.4.6/Python-2.4.6.tgz#b03f269e826927f05c966cf4f4414f3c93ee2314960859e7f8375e24e82f8b02" ldflags_dirs standard verify_py24
 install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#263986a60a83aba790a5bffc7d009ac88114ba4e908e5c90e453b3bf2155dbbd" python
 install_package "pip-1.1" "https://pypi.python.org/packages/source/p/pip/pip-1.1.tar.gz#993804bb947d18508acee02141281c77d27677f8c14eaa64d6287a1c53ef01c8" python

plugins/python-build/share/python-build/2.5

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.5" "http://python.org/ftp/python/2.5/Python-2.5.tgz#d7bbf42e36003c6065cd19f3e67d283521858515ee923220f654131cebe1d8f2" ldflags_dirs standard verify_py25
+install_package "Python-2.5" "http://www.python.org/ftp/python/2.5/Python-2.5.tgz#d7bbf42e36003c6065cd19f3e67d283521858515ee923220f654131cebe1d8f2" ldflags_dirs standard verify_py25
 install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#263986a60a83aba790a5bffc7d009ac88114ba4e908e5c90e453b3bf2155dbbd" python
 install_package "pip-1.3.1" "https://pypi.python.org/packages/source/p/pip/pip-1.3.1.tar.gz#145eaa5d1ea1b062663da1f3a97780d7edea4c63c68a37c463b1deedf7bb4957" python

plugins/python-build/share/python-build/2.5.1

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.5.1" "http://python.org/ftp/python/2.5.1/Python-2.5.1.tgz#1f5caee846049ca30d996f9403eefdb996295c4af664867e35dcc5eb36e4e7e8" ldflags_dirs standard verify_py25
+install_package "Python-2.5.1" "http://www.python.org/ftp/python/2.5.1/Python-2.5.1.tgz#1f5caee846049ca30d996f9403eefdb996295c4af664867e35dcc5eb36e4e7e8" ldflags_dirs standard verify_py25
 install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#263986a60a83aba790a5bffc7d009ac88114ba4e908e5c90e453b3bf2155dbbd" python
 install_package "pip-1.3.1" "https://pypi.python.org/packages/source/p/pip/pip-1.3.1.tar.gz#145eaa5d1ea1b062663da1f3a97780d7edea4c63c68a37c463b1deedf7bb4957" python

plugins/python-build/share/python-build/2.5.2

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.5.2" "http://python.org/ftp/python/2.5.2/Python-2.5.2.tgz#834afe8a88adaf623b05ac5dd6700dd5bb5d0d5553fc74ad529359a3496e4ae3" ldflags_dirs standard verify_py25
+install_package "Python-2.5.2" "http://www.python.org/ftp/python/2.5.2/Python-2.5.2.tgz#834afe8a88adaf623b05ac5dd6700dd5bb5d0d5553fc74ad529359a3496e4ae3" ldflags_dirs standard verify_py25
 install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#263986a60a83aba790a5bffc7d009ac88114ba4e908e5c90e453b3bf2155dbbd" python
 install_package "pip-1.3.1" "https://pypi.python.org/packages/source/p/pip/pip-1.3.1.tar.gz#145eaa5d1ea1b062663da1f3a97780d7edea4c63c68a37c463b1deedf7bb4957" python

plugins/python-build/share/python-build/2.5.3

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.5.3" "http://python.org/ftp/python/2.5.3/Python-2.5.3.tgz#c3fee607d20a77dfb72ea2e627eb4d95d25c735603435abde62c57015a0445bd" ldflags_dirs standard verify_py25
+install_package "Python-2.5.3" "http://www.python.org/ftp/python/2.5.3/Python-2.5.3.tgz#c3fee607d20a77dfb72ea2e627eb4d95d25c735603435abde62c57015a0445bd" ldflags_dirs standard verify_py25
 install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#263986a60a83aba790a5bffc7d009ac88114ba4e908e5c90e453b3bf2155dbbd" python
 install_package "pip-1.3.1" "https://pypi.python.org/packages/source/p/pip/pip-1.3.1.tar.gz#145eaa5d1ea1b062663da1f3a97780d7edea4c63c68a37c463b1deedf7bb4957" python

plugins/python-build/share/python-build/2.5.4

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.5.4" "http://python.org/ftp/python/2.5.4/Python-2.5.4.tgz#3d3b205611ee503a38a9433d5645a571668420bb219242c7f51af85f05664da6" ldflags_dirs standard verify_py25
+install_package "Python-2.5.4" "http://www.python.org/ftp/python/2.5.4/Python-2.5.4.tgz#3d3b205611ee503a38a9433d5645a571668420bb219242c7f51af85f05664da6" ldflags_dirs standard verify_py25
 install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#263986a60a83aba790a5bffc7d009ac88114ba4e908e5c90e453b3bf2155dbbd" python
 install_package "pip-1.3.1" "https://pypi.python.org/packages/source/p/pip/pip-1.3.1.tar.gz#145eaa5d1ea1b062663da1f3a97780d7edea4c63c68a37c463b1deedf7bb4957" python

plugins/python-build/share/python-build/2.5.5

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.5.5" "http://python.org/ftp/python/2.5.5/Python-2.5.5.tgz#03be1019c4fe93daeb53ba9e4294bf22a8ed4cb854cbd57e24e16f6bf63e2392" ldflags_dirs standard verify_py25
+install_package "Python-2.5.5" "http://www.python.org/ftp/python/2.5.5/Python-2.5.5.tgz#03be1019c4fe93daeb53ba9e4294bf22a8ed4cb854cbd57e24e16f6bf63e2392" ldflags_dirs standard verify_py25
 install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#263986a60a83aba790a5bffc7d009ac88114ba4e908e5c90e453b3bf2155dbbd" python
 install_package "pip-1.3.1" "https://pypi.python.org/packages/source/p/pip/pip-1.3.1.tar.gz#145eaa5d1ea1b062663da1f3a97780d7edea4c63c68a37c463b1deedf7bb4957" python

plugins/python-build/share/python-build/2.5.6

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.5.6" "http://python.org/ftp/python/2.5.6/Python-2.5.6.tgz#c2e4377597241b1065677d23327c04d0f41945d370c61a491cc88be367234c5d" ldflags_dirs standard verify_py25
+install_package "Python-2.5.6" "http://www.python.org/ftp/python/2.5.6/Python-2.5.6.tgz#c2e4377597241b1065677d23327c04d0f41945d370c61a491cc88be367234c5d" ldflags_dirs standard verify_py25
 install_package "setuptools-1.4.2" "https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz#263986a60a83aba790a5bffc7d009ac88114ba4e908e5c90e453b3bf2155dbbd" python
 install_package "pip-1.3.1" "https://pypi.python.org/packages/source/p/pip/pip-1.3.1.tar.gz#145eaa5d1ea1b062663da1f3a97780d7edea4c63c68a37c463b1deedf7bb4957" python

plugins/python-build/share/python-build/2.6.6

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.6.6" "http://python.org/ftp/python/2.6.6/Python-2.6.6.tgz#372f66db46d773214e4619df1794a26449158f626138d4d2141a64c2f017fae1" ldflags_dirs standard verify_py26 ensurepip
+install_package "Python-2.6.6" "http://www.python.org/ftp/python/2.6.6/Python-2.6.6.tgz#372f66db46d773214e4619df1794a26449158f626138d4d2141a64c2f017fae1" ldflags_dirs standard verify_py26 ensurepip

plugins/python-build/share/python-build/2.6.7

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.6.7" "http://python.org/ftp/python/2.6.7/Python-2.6.7.tgz#a8093eace4cfd3e06b05f0deb5d765e3c6cec65908048640a8cadd7a948b3826" ldflags_dirs standard verify_py26 ensurepip
+install_package "Python-2.6.7" "http://www.python.org/ftp/python/2.6.7/Python-2.6.7.tgz#a8093eace4cfd3e06b05f0deb5d765e3c6cec65908048640a8cadd7a948b3826" ldflags_dirs standard verify_py26 ensurepip

plugins/python-build/share/python-build/2.6.8

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.6.8" "http://python.org/ftp/python/2.6.8/Python-2.6.8.tgz#5bf02a75ffa2fcaa5a3cabb8201998519b045541975622316888ea468d9512f7" ldflags_dirs standard verify_py26 ensurepip
+install_package "Python-2.6.8" "http://www.python.org/ftp/python/2.6.8/Python-2.6.8.tgz#5bf02a75ffa2fcaa5a3cabb8201998519b045541975622316888ea468d9512f7" ldflags_dirs standard verify_py26 ensurepip

plugins/python-build/share/python-build/2.6.9

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.6.9" "http://python.org/ftp/python/2.6.9/Python-2.6.9.tgz#7277b1285d8a82f374ef6ebaac85b003266f7939b3f2a24a3af52f9523ac94db" ldflags_dirs standard verify_py26 ensurepip
+install_package "Python-2.6.9" "http://www.python.org/ftp/python/2.6.9/Python-2.6.9.tgz#7277b1285d8a82f374ef6ebaac85b003266f7939b3f2a24a3af52f9523ac94db" ldflags_dirs standard verify_py26 ensurepip

plugins/python-build/share/python-build/2.7

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.7" "http://python.org/ftp/python/2.7/Python-2.7.tgz#5670dd6c0c93b0b529781d070852f7b51ce6855615b16afcd318341af2910fb5" ldflags_dirs standard verify_py27 ensurepip
+install_package "Python-2.7" "http://www.python.org/ftp/python/2.7/Python-2.7.tgz#5670dd6c0c93b0b529781d070852f7b51ce6855615b16afcd318341af2910fb5" ldflags_dirs standard verify_py27 ensurepip

plugins/python-build/share/python-build/2.7.1

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.7.1" "http://python.org/ftp/python/2.7.1/Python-2.7.1.tgz#ca13e7b1860821494f70de017202283ad73b1fb7bd88586401c54ef958226ec8" ldflags_dirs standard verify_py27 ensurepip
+install_package "Python-2.7.1" "http://www.python.org/ftp/python/2.7.1/Python-2.7.1.tgz#ca13e7b1860821494f70de017202283ad73b1fb7bd88586401c54ef958226ec8" ldflags_dirs standard verify_py27 ensurepip

plugins/python-build/share/python-build/2.7.2

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.7.2" "http://python.org/ftp/python/2.7.2/Python-2.7.2.tgz#1d54b7096c17902c3f40ffce7e5b84e0072d0144024184fff184a84d563abbb3" ldflags_dirs standard verify_py27 ensurepip
+install_package "Python-2.7.2" "http://www.python.org/ftp/python/2.7.2/Python-2.7.2.tgz#1d54b7096c17902c3f40ffce7e5b84e0072d0144024184fff184a84d563abbb3" ldflags_dirs standard verify_py27 ensurepip

plugins/python-build/share/python-build/2.7.3

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.7.3" "http://python.org/ftp/python/2.7.3/Python-2.7.3.tgz#d4c20f2b5faf95999fd5fecb3f7d32071b0820516224a6d2b72932ab47a1cb8e" ldflags_dirs standard verify_py27 ensurepip
+install_package "Python-2.7.3" "http://www.python.org/ftp/python/2.7.3/Python-2.7.3.tgz#d4c20f2b5faf95999fd5fecb3f7d32071b0820516224a6d2b72932ab47a1cb8e" ldflags_dirs standard verify_py27 ensurepip

plugins/python-build/share/python-build/2.7.4

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.7.4" "http://python.org/ftp/python/2.7.4/Python-2.7.4.tgz#98c5eb9c8e65effcc0122112ba17a0bce880aa23ecb560af56b55eb55632b81a" ldflags_dirs standard verify_py27 ensurepip
+install_package "Python-2.7.4" "http://www.python.org/ftp/python/2.7.4/Python-2.7.4.tgz#98c5eb9c8e65effcc0122112ba17a0bce880aa23ecb560af56b55eb55632b81a" ldflags_dirs standard verify_py27 ensurepip

plugins/python-build/share/python-build/2.7.5

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.7.5" "http://python.org/ftp/python/2.7.5/Python-2.7.5.tgz#8e1b5fa87b91835afb376a9c0d319d41feca07ffebc0288d97ab08d64f48afbf" ldflags_dirs standard verify_py27 ensurepip
+install_package "Python-2.7.5" "http://www.python.org/ftp/python/2.7.5/Python-2.7.5.tgz#8e1b5fa87b91835afb376a9c0d319d41feca07ffebc0288d97ab08d64f48afbf" ldflags_dirs standard verify_py27 ensurepip

plugins/python-build/share/python-build/2.7.6

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-2.7.6" "http://python.org/ftp/python/2.7.6/Python-2.7.6.tgz#99c6860b70977befa1590029fae092ddb18db1d69ae67e8b9385b66ed104ba58" ldflags_dirs standard verify_py27 ensurepip
+install_package "Python-2.7.6" "http://www.python.org/ftp/python/2.7.6/Python-2.7.6.tgz#99c6860b70977befa1590029fae092ddb18db1d69ae67e8b9385b66ed104ba58" ldflags_dirs standard verify_py27 ensurepip

plugins/python-build/share/python-build/3.0.1

@@ -1,7 +1,7 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.0.1" "http://python.org/ftp/python/3.0.1/Python-3.0.1.tgz#7d5f2feae9035f1d3d9e6bb7f092dbf374d6bb4b25abd0d2d11f13bba1cb04de" ldflags_dirs standard verify_py30
+install_package "Python-3.0.1" "http://www.python.org/ftp/python/3.0.1/Python-3.0.1.tgz#7d5f2feae9035f1d3d9e6bb7f092dbf374d6bb4b25abd0d2d11f13bba1cb04de" ldflags_dirs standard verify_py30
 if [[ "Darwin" == "$(uname -s)" ]]; then
   # https://github.com/yyuu/pyenv/issues/456
   { echo

plugins/python-build/share/python-build/3.1

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.1" "http://python.org/ftp/python/3.1/Python-3.1.tgz#99a034cf574ea3c26412b0a0728126d7fd6ea9593d099d807a25d216ed031e6a" ldflags_dirs standard verify_py31 ez_setup
+install_package "Python-3.1" "http://www.python.org/ftp/python/3.1/Python-3.1.tgz#99a034cf574ea3c26412b0a0728126d7fd6ea9593d099d807a25d216ed031e6a" ldflags_dirs standard verify_py31 ez_setup
 install_package "pip-1.5.6" "https://pypi.python.org/packages/source/p/pip/pip-1.5.6.tar.gz#b1a4ae66baf21b7eb05a5e4f37c50c2706fa28ea1f8780ce8efe14dcd9f1726c" python

plugins/python-build/share/python-build/3.1.1

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.1.1" "http://python.org/ftp/python/3.1.1/Python-3.1.1.tgz#5d85d7bff11c4db44920af99f64f4227c816f897f6bfa9dd8a2611165ca5f0a1" ldflags_dirs standard verify_py31 ez_setup
+install_package "Python-3.1.1" "http://www.python.org/ftp/python/3.1.1/Python-3.1.1.tgz#5d85d7bff11c4db44920af99f64f4227c816f897f6bfa9dd8a2611165ca5f0a1" ldflags_dirs standard verify_py31 ez_setup
 install_package "pip-1.5.6" "https://pypi.python.org/packages/source/p/pip/pip-1.5.6.tar.gz#b1a4ae66baf21b7eb05a5e4f37c50c2706fa28ea1f8780ce8efe14dcd9f1726c" python

plugins/python-build/share/python-build/3.1.2

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.1.2" "http://python.org/ftp/python/3.1.2/Python-3.1.2.tgz#dffbc0561a161a4a576c6059e6990a9859a0be16ba9b5736eabe4abbb2700d1c" ldflags_dirs standard verify_py31 ez_setup
+install_package "Python-3.1.2" "http://www.python.org/ftp/python/3.1.2/Python-3.1.2.tgz#dffbc0561a161a4a576c6059e6990a9859a0be16ba9b5736eabe4abbb2700d1c" ldflags_dirs standard verify_py31 ez_setup
 install_package "pip-1.5.6" "https://pypi.python.org/packages/source/p/pip/pip-1.5.6.tar.gz#b1a4ae66baf21b7eb05a5e4f37c50c2706fa28ea1f8780ce8efe14dcd9f1726c" python

plugins/python-build/share/python-build/3.1.3

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.1.3" "http://python.org/ftp/python/3.1.3/Python-3.1.3.tgz#6311823aeda8be6a7a2b67caaeff48abce6626c9940ba7ed81f9c978666a36bd" ldflags_dirs standard verify_py31 ez_setup
+install_package "Python-3.1.3" "http://www.python.org/ftp/python/3.1.3/Python-3.1.3.tgz#6311823aeda8be6a7a2b67caaeff48abce6626c9940ba7ed81f9c978666a36bd" ldflags_dirs standard verify_py31 ez_setup
 install_package "pip-1.5.6" "https://pypi.python.org/packages/source/p/pip/pip-1.5.6.tar.gz#b1a4ae66baf21b7eb05a5e4f37c50c2706fa28ea1f8780ce8efe14dcd9f1726c" python

plugins/python-build/share/python-build/3.1.4

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.1.4" "http://python.org/ftp/python/3.1.4/Python-3.1.4.tgz#fadc05ea6d05360cff189944a85ecd2180bbc308784d168b350450e70bbdd846" ldflags_dirs standard verify_py31 ez_setup
+install_package "Python-3.1.4" "http://www.python.org/ftp/python/3.1.4/Python-3.1.4.tgz#fadc05ea6d05360cff189944a85ecd2180bbc308784d168b350450e70bbdd846" ldflags_dirs standard verify_py31 ez_setup
 install_package "pip-1.5.6" "https://pypi.python.org/packages/source/p/pip/pip-1.5.6.tar.gz#b1a4ae66baf21b7eb05a5e4f37c50c2706fa28ea1f8780ce8efe14dcd9f1726c" python

plugins/python-build/share/python-build/3.1.5

@@ -1,5 +1,5 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.1.5" "http://python.org/ftp/python/3.1.5/Python-3.1.5.tgz#d12dae6d06f52ef6bf1271db4d5b4d14b5dd39813e324314e72b648ef1bc0103" ldflags_dirs standard verify_py31 ez_setup
+install_package "Python-3.1.5" "http://www.python.org/ftp/python/3.1.5/Python-3.1.5.tgz#d12dae6d06f52ef6bf1271db4d5b4d14b5dd39813e324314e72b648ef1bc0103" ldflags_dirs standard verify_py31 ez_setup
 install_package "pip-1.5.6" "https://pypi.python.org/packages/source/p/pip/pip-1.5.6.tar.gz#b1a4ae66baf21b7eb05a5e4f37c50c2706fa28ea1f8780ce8efe14dcd9f1726c" python

plugins/python-build/share/python-build/3.2

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.2" "http://python.org/ftp/python/3.2/Python-3.2.tgz#27b35bfcbbf01de9564c0265d72b58ba3ff3d56df0615765372f2aa09dc20da9" ldflags_dirs standard verify_py32 ensurepip
+install_package "Python-3.2" "http://www.python.org/ftp/python/3.2/Python-3.2.tgz#27b35bfcbbf01de9564c0265d72b58ba3ff3d56df0615765372f2aa09dc20da9" ldflags_dirs standard verify_py32 ensurepip

plugins/python-build/share/python-build/3.2.1

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.2.1" "http://python.org/ftp/python/3.2.1/Python-3.2.1.tgz#7cff29d984696d9fe8c7bea54da5b9ad36acef33ff5cf0d3e37e4d12fb21c572" ldflags_dirs standard verify_py32 ensurepip
+install_package "Python-3.2.1" "http://www.python.org/ftp/python/3.2.1/Python-3.2.1.tgz#7cff29d984696d9fe8c7bea54da5b9ad36acef33ff5cf0d3e37e4d12fb21c572" ldflags_dirs standard verify_py32 ensurepip

plugins/python-build/share/python-build/3.2.2

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.2.2" "http://python.org/ftp/python/3.2.2/Python-3.2.2.tgz#acc6a13cb4fed0b7e86716324a8437e326645b8076177eede5a0cad99ec0313c" ldflags_dirs standard verify_py32 ensurepip
+install_package "Python-3.2.2" "http://www.python.org/ftp/python/3.2.2/Python-3.2.2.tgz#acc6a13cb4fed0b7e86716324a8437e326645b8076177eede5a0cad99ec0313c" ldflags_dirs standard verify_py32 ensurepip

plugins/python-build/share/python-build/3.2.3

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.2.3" "http://python.org/ftp/python/3.2.3/Python-3.2.3.tgz#74c33e165edef7532cef95fd9a325a06878b5bfc8a5d038161573f283eaf9809" ldflags_dirs standard verify_py32 ensurepip
+install_package "Python-3.2.3" "http://www.python.org/ftp/python/3.2.3/Python-3.2.3.tgz#74c33e165edef7532cef95fd9a325a06878b5bfc8a5d038161573f283eaf9809" ldflags_dirs standard verify_py32 ensurepip

plugins/python-build/share/python-build/3.2.4

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.2.4" "http://python.org/ftp/python/3.2.4/Python-3.2.4.tgz#71c3139908ccc1c544ba1e331a3c22b3f1c09f562438a054fd6f4e2628de8b9a" ldflags_dirs standard verify_py32 ensurepip
+install_package "Python-3.2.4" "http://www.python.org/ftp/python/3.2.4/Python-3.2.4.tgz#71c3139908ccc1c544ba1e331a3c22b3f1c09f562438a054fd6f4e2628de8b9a" ldflags_dirs standard verify_py32 ensurepip

plugins/python-build/share/python-build/3.2.5

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.2.5" "http://python.org/ftp/python/3.2.5/Python-3.2.5.tgz#5eae0ab92a0bb9e3a1bf9c7cd046bc3de58996b049bd894d095978b6b085099f" ldflags_dirs standard verify_py32 ensurepip
+install_package "Python-3.2.5" "http://www.python.org/ftp/python/3.2.5/Python-3.2.5.tgz#5eae0ab92a0bb9e3a1bf9c7cd046bc3de58996b049bd894d095978b6b085099f" ldflags_dirs standard verify_py32 ensurepip

plugins/python-build/share/python-build/3.3.0

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.3.0" "http://python.org/ftp/python/3.3.0/Python-3.3.0.tgz#cfe531eaace2503e13a74addc7f4a89482e99f8b8fca51b469ae5c83f450604e" ldflags_dirs standard verify_py33 ensurepip
+install_package "Python-3.3.0" "http://www.python.org/ftp/python/3.3.0/Python-3.3.0.tgz#cfe531eaace2503e13a74addc7f4a89482e99f8b8fca51b469ae5c83f450604e" ldflags_dirs standard verify_py33 ensurepip

plugins/python-build/share/python-build/3.3.1

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.3.1" "http://python.org/ftp/python/3.3.1/Python-3.3.1.tgz#671dc3632f311e63c6733703aa0a1ad90c99277ddc8299d39e487718a50319bd" ldflags_dirs standard verify_py33 ensurepip
+install_package "Python-3.3.1" "http://www.python.org/ftp/python/3.3.1/Python-3.3.1.tgz#671dc3632f311e63c6733703aa0a1ad90c99277ddc8299d39e487718a50319bd" ldflags_dirs standard verify_py33 ensurepip

plugins/python-build/share/python-build/3.3.2

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.3.2" "http://python.org/ftp/python/3.3.2/Python-3.3.2.tgz#de664fca3b8e0ab20fb42bfed1a36e26f116f1853e88ada12dbc938761036172" ldflags_dirs standard verify_py33 ensurepip
+install_package "Python-3.3.2" "http://www.python.org/ftp/python/3.3.2/Python-3.3.2.tgz#de664fca3b8e0ab20fb42bfed1a36e26f116f1853e88ada12dbc938761036172" ldflags_dirs standard verify_py33 ensurepip

plugins/python-build/share/python-build/3.3.3

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.3.3" "http://python.org/ftp/python/3.3.3/Python-3.3.3.tgz#30b60839bfe0ae8a2dba11e909328459bb8ee4a258afe7494b06b2ceda080efc" ldflags_dirs standard verify_py33 ensurepip
+install_package "Python-3.3.3" "http://www.python.org/ftp/python/3.3.3/Python-3.3.3.tgz#30b60839bfe0ae8a2dba11e909328459bb8ee4a258afe7494b06b2ceda080efc" ldflags_dirs standard verify_py33 ensurepip

plugins/python-build/share/python-build/3.3.4

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.3.4" "http://python.org/ftp/python/3.3.4/Python-3.3.4.tgz#ea055db9dd004a6ecd7690abc9734573763686dd768122316bae2dfd026412af" ldflags_dirs standard verify_py33 ensurepip
+install_package "Python-3.3.4" "http://www.python.org/ftp/python/3.3.4/Python-3.3.4.tgz#ea055db9dd004a6ecd7690abc9734573763686dd768122316bae2dfd026412af" ldflags_dirs standard verify_py33 ensurepip

plugins/python-build/share/python-build/3.3.5

@@ -1,4 +1,4 @@
 #require_gcc
 install_package "openssl-1.0.1q" "https://www.openssl.org/source/openssl-1.0.1q.tar.gz#b3658b84e9ea606a5ded3c972a5517cd785282e7ea86b20c78aa4b773a047fb7" mac_openssl --if has_broken_mac_openssl
 install_package "readline-6.3" "http://ftpmirror.gnu.org/readline/readline-6.3.tar.gz#56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43" standard --if has_broken_mac_readline
-install_package "Python-3.3.5" "http://python.org/ftp/python/3.3.5/Python-3.3.5.tgz#916bc57dd8524dc27429bebae7b39d6942742cf9699b875b2b496a3d960c7168" ldflags_dirs standard verify_py33 ensurepip
+install_package "Python-3.3.5" "http://www.python.org/ftp/python/3.3.5/Python-3.3.5.tgz#916bc57dd8524dc27429bebae7b39d6942742cf9699b875b2b496a3d960c7168" ldflags_dirs standard verify_py33 ensurepip

plugins/python-build/share/python-build/patches/2.6.6/Python-2.6.6/001_openssl_no_ssl2.patch

@@ -1,77 +0,0 @@
-diff -r -u ./Lib/ssl.py ../Python-2.6.8/Lib/ssl.py
---- ./Lib/ssl.py	2012-04-11 00:32:06.000000000 +0900
-+++ ../Python-2.6.8/Lib/ssl.py	2013-05-08 19:44:49.000000000 +0900
-@@ -61,7 +61,19 @@
- 
- from _ssl import SSLError
- from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
--from _ssl import PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
-+from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
-+_PROTOCOL_NAMES = {
-+    PROTOCOL_TLSv1: "TLSv1",
-+    PROTOCOL_SSLv23: "SSLv23",
-+    PROTOCOL_SSLv3: "SSLv3",
-+}
-+try:
-+    from _ssl import PROTOCOL_SSLv2
-+    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
-+except ImportError:
-+    _SSLv2_IF_EXISTS = None
-+else:
-+    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
- from _ssl import RAND_status, RAND_egd, RAND_add
- from _ssl import \
-      SSL_ERROR_ZERO_RETURN, \
-@@ -402,16 +414,7 @@
-     return DER_cert_to_PEM_cert(dercert)
- 
- def get_protocol_name(protocol_code):
--    if protocol_code == PROTOCOL_TLSv1:
--        return "TLSv1"
--    elif protocol_code == PROTOCOL_SSLv23:
--        return "SSLv23"
--    elif protocol_code == PROTOCOL_SSLv2:
--        return "SSLv2"
--    elif protocol_code == PROTOCOL_SSLv3:
--        return "SSLv3"
--    else:
--        return "<unknown>"
-+    return _PROTOCOL_NAMES.get(protocol_code, '<unknown>')
- 
- 
- # a replacement for the old socket.ssl function
-diff -r -u ./Modules/_ssl.c ../Python-2.6.8/Modules/_ssl.c
---- ./Modules/_ssl.c	2012-04-11 00:32:09.000000000 +0900
-+++ ../Python-2.6.8/Modules/_ssl.c	2013-05-08 17:34:38.000000000 +0900
-@@ -62,7 +62,9 @@
- };
- 
- enum py_ssl_version {
-+#ifndef OPENSSL_NO_SSL2
-     PY_SSL_VERSION_SSL2,
-+#endif
-     PY_SSL_VERSION_SSL3,
-     PY_SSL_VERSION_SSL23,
-     PY_SSL_VERSION_TLS1
-@@ -302,8 +304,10 @@
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
-+#endif
-     else if (proto_version == PY_SSL_VERSION_SSL23)
-         self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
-     PySSL_END_ALLOW_THREADS
-@@ -1688,8 +1692,10 @@
-                             PY_SSL_CERT_REQUIRED);
- 
-     /* protocol versions */
-+#ifndef OPENSSL_NO_SSL2
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
-                             PY_SSL_VERSION_SSL2);
-+#endif
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
-                             PY_SSL_VERSION_SSL3);
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",

plugins/python-build/share/python-build/patches/2.6.6/Python-2.6.6/010_ssl_no_ssl2_no_ssl3.patch

@@ -0,0 +1,95 @@
+diff -r -u ../Python-2.6.8.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-2.6.8.orig/Lib/ssl.py	2012-04-10 15:32:06.000000000 +0000
++++ ./Lib/ssl.py	2015-12-18 14:46:36.487188331 +0000
+@@ -61,18 +61,24 @@
+ 
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import \
+-     SSL_ERROR_ZERO_RETURN, \
+-     SSL_ERROR_WANT_READ, \
+-     SSL_ERROR_WANT_WRITE, \
+-     SSL_ERROR_WANT_X509_LOOKUP, \
+-     SSL_ERROR_SYSCALL, \
+-     SSL_ERROR_SSL, \
+-     SSL_ERROR_WANT_CONNECT, \
+-     SSL_ERROR_EOF, \
+-     SSL_ERROR_INVALID_ERROR_CODE
++from _ssl import RAND_status, RAND_add
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('ALERT_DESCRIPTION_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = dict([(value, name) for name, value in globals().items() if name.startswith('PROTOCOL_')])
+ 
+ from socket import socket, _fileobject, _delegate_methods
+ from socket import error as socket_error
+@@ -382,7 +388,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodestring(d)
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ 
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+diff -r -u ../Python-2.6.8.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-2.6.8.orig/Modules/_ssl.c	2012-04-10 15:32:09.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-18 14:45:30.419597074 +0000
+@@ -62,8 +62,12 @@
+ };
+ 
+ enum py_ssl_version {
++#ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -300,10 +304,14 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
++#ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
++#endif
+     else if (proto_version == PY_SSL_VERSION_SSL23)
+         self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
+     PySSL_END_ALLOW_THREADS
+@@ -1688,10 +1696,14 @@
+                             PY_SSL_CERT_REQUIRED);
+ 
+     /* protocol versions */
++#ifndef OPENSSL_NO_SSL2
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/2.6.7/Python-2.6.7/001_openssl_no_ssl2.patch

@@ -1,77 +0,0 @@
-diff -r -u ./Lib/ssl.py ../Python-2.6.8/Lib/ssl.py
---- ./Lib/ssl.py	2012-04-11 00:32:06.000000000 +0900
-+++ ../Python-2.6.8/Lib/ssl.py	2013-05-08 19:44:49.000000000 +0900
-@@ -61,7 +61,19 @@
- 
- from _ssl import SSLError
- from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
--from _ssl import PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
-+from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
-+_PROTOCOL_NAMES = {
-+    PROTOCOL_TLSv1: "TLSv1",
-+    PROTOCOL_SSLv23: "SSLv23",
-+    PROTOCOL_SSLv3: "SSLv3",
-+}
-+try:
-+    from _ssl import PROTOCOL_SSLv2
-+    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
-+except ImportError:
-+    _SSLv2_IF_EXISTS = None
-+else:
-+    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
- from _ssl import RAND_status, RAND_egd, RAND_add
- from _ssl import \
-      SSL_ERROR_ZERO_RETURN, \
-@@ -402,16 +414,7 @@
-     return DER_cert_to_PEM_cert(dercert)
- 
- def get_protocol_name(protocol_code):
--    if protocol_code == PROTOCOL_TLSv1:
--        return "TLSv1"
--    elif protocol_code == PROTOCOL_SSLv23:
--        return "SSLv23"
--    elif protocol_code == PROTOCOL_SSLv2:
--        return "SSLv2"
--    elif protocol_code == PROTOCOL_SSLv3:
--        return "SSLv3"
--    else:
--        return "<unknown>"
-+    return _PROTOCOL_NAMES.get(protocol_code, '<unknown>')
- 
- 
- # a replacement for the old socket.ssl function
-diff -r -u ./Modules/_ssl.c ../Python-2.6.8/Modules/_ssl.c
---- ./Modules/_ssl.c	2012-04-11 00:32:09.000000000 +0900
-+++ ../Python-2.6.8/Modules/_ssl.c	2013-05-08 17:34:38.000000000 +0900
-@@ -62,7 +62,9 @@
- };
- 
- enum py_ssl_version {
-+#ifndef OPENSSL_NO_SSL2
-     PY_SSL_VERSION_SSL2,
-+#endif
-     PY_SSL_VERSION_SSL3,
-     PY_SSL_VERSION_SSL23,
-     PY_SSL_VERSION_TLS1
-@@ -302,8 +304,10 @@
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
-+#endif
-     else if (proto_version == PY_SSL_VERSION_SSL23)
-         self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
-     PySSL_END_ALLOW_THREADS
-@@ -1688,8 +1692,10 @@
-                             PY_SSL_CERT_REQUIRED);
- 
-     /* protocol versions */
-+#ifndef OPENSSL_NO_SSL2
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
-                             PY_SSL_VERSION_SSL2);
-+#endif
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
-                             PY_SSL_VERSION_SSL3);
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",

plugins/python-build/share/python-build/patches/2.6.7/Python-2.6.7/010_ssl_no_ssl2_no_ssl3.patch

@@ -0,0 +1,95 @@
+diff -r -u ../Python-2.6.8.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-2.6.8.orig/Lib/ssl.py	2012-04-10 15:32:06.000000000 +0000
++++ ./Lib/ssl.py	2015-12-18 14:46:36.487188331 +0000
+@@ -61,18 +61,24 @@
+ 
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import \
+-     SSL_ERROR_ZERO_RETURN, \
+-     SSL_ERROR_WANT_READ, \
+-     SSL_ERROR_WANT_WRITE, \
+-     SSL_ERROR_WANT_X509_LOOKUP, \
+-     SSL_ERROR_SYSCALL, \
+-     SSL_ERROR_SSL, \
+-     SSL_ERROR_WANT_CONNECT, \
+-     SSL_ERROR_EOF, \
+-     SSL_ERROR_INVALID_ERROR_CODE
++from _ssl import RAND_status, RAND_add
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('ALERT_DESCRIPTION_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = dict([(value, name) for name, value in globals().items() if name.startswith('PROTOCOL_')])
+ 
+ from socket import socket, _fileobject, _delegate_methods
+ from socket import error as socket_error
+@@ -382,7 +388,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodestring(d)
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ 
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+diff -r -u ../Python-2.6.8.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-2.6.8.orig/Modules/_ssl.c	2012-04-10 15:32:09.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-18 14:45:30.419597074 +0000
+@@ -62,8 +62,12 @@
+ };
+ 
+ enum py_ssl_version {
++#ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -300,10 +304,14 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
++#ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
++#endif
+     else if (proto_version == PY_SSL_VERSION_SSL23)
+         self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
+     PySSL_END_ALLOW_THREADS
+@@ -1688,10 +1696,14 @@
+                             PY_SSL_CERT_REQUIRED);
+ 
+     /* protocol versions */
++#ifndef OPENSSL_NO_SSL2
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/2.6.8/Python-2.6.8/001_openssl_no_ssl2.patch

@@ -1,77 +0,0 @@
-diff -r -u ./Lib/ssl.py ../Python-2.6.8/Lib/ssl.py
---- ./Lib/ssl.py	2012-04-11 00:32:06.000000000 +0900
-+++ ../Python-2.6.8/Lib/ssl.py	2013-05-08 19:44:49.000000000 +0900
-@@ -61,7 +61,19 @@
- 
- from _ssl import SSLError
- from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
--from _ssl import PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
-+from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
-+_PROTOCOL_NAMES = {
-+    PROTOCOL_TLSv1: "TLSv1",
-+    PROTOCOL_SSLv23: "SSLv23",
-+    PROTOCOL_SSLv3: "SSLv3",
-+}
-+try:
-+    from _ssl import PROTOCOL_SSLv2
-+    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
-+except ImportError:
-+    _SSLv2_IF_EXISTS = None
-+else:
-+    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
- from _ssl import RAND_status, RAND_egd, RAND_add
- from _ssl import \
-      SSL_ERROR_ZERO_RETURN, \
-@@ -402,16 +414,7 @@
-     return DER_cert_to_PEM_cert(dercert)
- 
- def get_protocol_name(protocol_code):
--    if protocol_code == PROTOCOL_TLSv1:
--        return "TLSv1"
--    elif protocol_code == PROTOCOL_SSLv23:
--        return "SSLv23"
--    elif protocol_code == PROTOCOL_SSLv2:
--        return "SSLv2"
--    elif protocol_code == PROTOCOL_SSLv3:
--        return "SSLv3"
--    else:
--        return "<unknown>"
-+    return _PROTOCOL_NAMES.get(protocol_code, '<unknown>')
- 
- 
- # a replacement for the old socket.ssl function
-diff -r -u ./Modules/_ssl.c ../Python-2.6.8/Modules/_ssl.c
---- ./Modules/_ssl.c	2012-04-11 00:32:09.000000000 +0900
-+++ ../Python-2.6.8/Modules/_ssl.c	2013-05-08 17:34:38.000000000 +0900
-@@ -62,7 +62,9 @@
- };
- 
- enum py_ssl_version {
-+#ifndef OPENSSL_NO_SSL2
-     PY_SSL_VERSION_SSL2,
-+#endif
-     PY_SSL_VERSION_SSL3,
-     PY_SSL_VERSION_SSL23,
-     PY_SSL_VERSION_TLS1
-@@ -302,8 +304,10 @@
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
-+#endif
-     else if (proto_version == PY_SSL_VERSION_SSL23)
-         self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
-     PySSL_END_ALLOW_THREADS
-@@ -1688,8 +1692,10 @@
-                             PY_SSL_CERT_REQUIRED);
- 
-     /* protocol versions */
-+#ifndef OPENSSL_NO_SSL2
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
-                             PY_SSL_VERSION_SSL2);
-+#endif
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
-                             PY_SSL_VERSION_SSL3);
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",

plugins/python-build/share/python-build/patches/2.6.8/Python-2.6.8/010_ssl_no_ssl2_no_ssl3.patch

@@ -0,0 +1,95 @@
+diff -r -u ../Python-2.6.8.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-2.6.8.orig/Lib/ssl.py	2012-04-10 15:32:06.000000000 +0000
++++ ./Lib/ssl.py	2015-12-18 14:46:36.487188331 +0000
+@@ -61,18 +61,24 @@
+ 
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import \
+-     SSL_ERROR_ZERO_RETURN, \
+-     SSL_ERROR_WANT_READ, \
+-     SSL_ERROR_WANT_WRITE, \
+-     SSL_ERROR_WANT_X509_LOOKUP, \
+-     SSL_ERROR_SYSCALL, \
+-     SSL_ERROR_SSL, \
+-     SSL_ERROR_WANT_CONNECT, \
+-     SSL_ERROR_EOF, \
+-     SSL_ERROR_INVALID_ERROR_CODE
++from _ssl import RAND_status, RAND_add
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('ALERT_DESCRIPTION_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = dict([(value, name) for name, value in globals().items() if name.startswith('PROTOCOL_')])
+ 
+ from socket import socket, _fileobject, _delegate_methods
+ from socket import error as socket_error
+@@ -382,7 +388,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodestring(d)
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ 
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+diff -r -u ../Python-2.6.8.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-2.6.8.orig/Modules/_ssl.c	2012-04-10 15:32:09.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-18 14:45:30.419597074 +0000
+@@ -62,8 +62,12 @@
+ };
+ 
+ enum py_ssl_version {
++#ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -300,10 +304,14 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
++#ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
++#endif
+     else if (proto_version == PY_SSL_VERSION_SSL23)
+         self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
+     PySSL_END_ALLOW_THREADS
+@@ -1688,10 +1696,14 @@
+                             PY_SSL_CERT_REQUIRED);
+ 
+     /* protocol versions */
++#ifndef OPENSSL_NO_SSL2
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/2.6.9/Python-2.6.9/010_ssl_no_ssl2_no_ssl3.patch

@@ -0,0 +1,91 @@
+diff -r -u ../Python-2.6.9.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-2.6.9.orig/Lib/ssl.py	2013-10-29 15:04:37.000000000 +0000
++++ ./Lib/ssl.py	2015-12-18 14:39:22.213215077 +0000
+@@ -61,18 +61,24 @@
+ 
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import \
+-     SSL_ERROR_ZERO_RETURN, \
+-     SSL_ERROR_WANT_READ, \
+-     SSL_ERROR_WANT_WRITE, \
+-     SSL_ERROR_WANT_X509_LOOKUP, \
+-     SSL_ERROR_SYSCALL, \
+-     SSL_ERROR_SSL, \
+-     SSL_ERROR_WANT_CONNECT, \
+-     SSL_ERROR_EOF, \
+-     SSL_ERROR_INVALID_ERROR_CODE
++from _ssl import RAND_status, RAND_add
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('ALERT_DESCRIPTION_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = dict([(value, name) for name, value in globals().items() if name.startswith('PROTOCOL_')])
+ 
+ from socket import socket, _fileobject, _delegate_methods
+ from socket import error as socket_error
+@@ -382,7 +388,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodestring(d)
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ 
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+diff -r -u ../Python-2.6.9.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-2.6.9.orig/Modules/_ssl.c	2013-10-29 15:04:38.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-18 14:32:08.051962468 +0000
+@@ -62,8 +62,12 @@
+ };
+ 
+ enum py_ssl_version {
++#ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -300,8 +304,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
+@@ -1746,10 +1752,14 @@
+                             PY_SSL_CERT_REQUIRED);
+ 
+     /* protocol versions */
++#ifndef OPENSSL_NO_SSL2
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/2.7.1/Python-2.7.1/001_openssl_no_ssl2.patch

@@ -1,77 +0,0 @@
-diff -r -u ./Lib/ssl.py ../Python-2.6.8/Lib/ssl.py
---- ./Lib/ssl.py	2012-04-11 00:32:06.000000000 +0900
-+++ ../Python-2.6.8/Lib/ssl.py	2013-05-08 19:44:49.000000000 +0900
-@@ -61,7 +61,19 @@
- 
- from _ssl import SSLError
- from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
--from _ssl import PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
-+from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
-+_PROTOCOL_NAMES = {
-+    PROTOCOL_TLSv1: "TLSv1",
-+    PROTOCOL_SSLv23: "SSLv23",
-+    PROTOCOL_SSLv3: "SSLv3",
-+}
-+try:
-+    from _ssl import PROTOCOL_SSLv2
-+    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
-+except ImportError:
-+    _SSLv2_IF_EXISTS = None
-+else:
-+    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
- from _ssl import RAND_status, RAND_egd, RAND_add
- from _ssl import \
-      SSL_ERROR_ZERO_RETURN, \
-@@ -402,16 +414,7 @@
-     return DER_cert_to_PEM_cert(dercert)
- 
- def get_protocol_name(protocol_code):
--    if protocol_code == PROTOCOL_TLSv1:
--        return "TLSv1"
--    elif protocol_code == PROTOCOL_SSLv23:
--        return "SSLv23"
--    elif protocol_code == PROTOCOL_SSLv2:
--        return "SSLv2"
--    elif protocol_code == PROTOCOL_SSLv3:
--        return "SSLv3"
--    else:
--        return "<unknown>"
-+    return _PROTOCOL_NAMES.get(protocol_code, '<unknown>')
- 
- 
- # a replacement for the old socket.ssl function
-diff -r -u ./Modules/_ssl.c ../Python-2.6.8/Modules/_ssl.c
---- ./Modules/_ssl.c	2012-04-11 00:32:09.000000000 +0900
-+++ ../Python-2.6.8/Modules/_ssl.c	2013-05-08 17:34:38.000000000 +0900
-@@ -62,7 +62,9 @@
- };
- 
- enum py_ssl_version {
-+#ifndef OPENSSL_NO_SSL2
-     PY_SSL_VERSION_SSL2,
-+#endif
-     PY_SSL_VERSION_SSL3,
-     PY_SSL_VERSION_SSL23,
-     PY_SSL_VERSION_TLS1
-@@ -302,8 +304,10 @@
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
-+#endif
-     else if (proto_version == PY_SSL_VERSION_SSL23)
-         self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
-     PySSL_END_ALLOW_THREADS
-@@ -1688,8 +1692,10 @@
-                             PY_SSL_CERT_REQUIRED);
- 
-     /* protocol versions */
-+#ifndef OPENSSL_NO_SSL2
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
-                             PY_SSL_VERSION_SSL2);
-+#endif
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
-                             PY_SSL_VERSION_SSL3);
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",

plugins/python-build/share/python-build/patches/2.7.1/Python-2.7.1/004_openssl_no_ssl3.patch

@@ -1,13 +0,0 @@
---- Modules/_ssl.c.orig	2015-12-06 09:38:40.581734108 -0500
-+++ Modules/_ssl.c	2015-12-06 09:40:29.953991951 -0500
-@@ -302,8 +302,10 @@
-     PySSL_BEGIN_ALLOW_THREADS
-     if (proto_version == PY_SSL_VERSION_TLS1)
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL3
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#endif
- #ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */

plugins/python-build/share/python-build/patches/2.7.1/Python-2.7.1/010_ssl_no_ssl2_no_ssl3.patch

@@ -0,0 +1,100 @@
+diff -r -u ../Python-2.7.1.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-2.7.1.orig/Lib/ssl.py	2010-09-14 14:37:18.000000000 +0000
++++ ./Lib/ssl.py	2015-12-18 14:14:39.089679248 +0000
+@@ -62,18 +62,29 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import \
+-     SSL_ERROR_ZERO_RETURN, \
+-     SSL_ERROR_WANT_READ, \
+-     SSL_ERROR_WANT_WRITE, \
+-     SSL_ERROR_WANT_X509_LOOKUP, \
+-     SSL_ERROR_SYSCALL, \
+-     SSL_ERROR_SSL, \
+-     SSL_ERROR_WANT_CONNECT, \
+-     SSL_ERROR_EOF, \
+-     SSL_ERROR_INVALID_ERROR_CODE
++from _ssl import RAND_status, RAND_add
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('ALERT_DESCRIPTION_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
++
++try:
++    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++except NameError:
++    _SSLv2_IF_EXISTS = None
+ 
+ from socket import socket, _fileobject, _delegate_methods, error as socket_error
+ from socket import getnameinfo as _getnameinfo
+@@ -388,7 +399,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodestring(d)
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ 
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+diff -r -u ../Python-2.7.1.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-2.7.1.orig/Modules/_ssl.c	2010-10-13 22:10:31.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-18 14:18:21.612222848 +0000
+@@ -62,8 +62,12 @@
+ };
+ 
+ enum py_ssl_version {
++#ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -300,10 +304,14 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
++#ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
++#endif
+     else if (proto_version == PY_SSL_VERSION_SSL23)
+         self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
+     PySSL_END_ALLOW_THREADS
+@@ -1706,10 +1714,14 @@
+                             PY_SSL_CERT_REQUIRED);
+ 
+     /* protocol versions */
++#ifndef OPENSSL_NO_SSL2
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/2.7.2/Python-2.7.2/004_openssl_no_ssl3.patch

@@ -1,13 +0,0 @@
---- Modules/_ssl.c.orig	2015-12-06 09:38:40.581734108 -0500
-+++ Modules/_ssl.c	2015-12-06 09:40:29.953991951 -0500
-@@ -302,8 +302,10 @@
-     PySSL_BEGIN_ALLOW_THREADS
-     if (proto_version == PY_SSL_VERSION_TLS1)
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL3
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#endif
- #ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */

plugins/python-build/share/python-build/patches/2.7.2/Python-2.7.2/010_ssl_no_ssl3.patch

@@ -0,0 +1,98 @@
+diff -r -u ../Python-2.7.2.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-2.7.2.orig/Lib/ssl.py	2011-06-11 15:46:25.000000000 +0000
++++ ./Lib/ssl.py	2015-12-18 13:55:37.444270735 +0000
+@@ -62,29 +62,29 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import \
+-     SSL_ERROR_ZERO_RETURN, \
+-     SSL_ERROR_WANT_READ, \
+-     SSL_ERROR_WANT_WRITE, \
+-     SSL_ERROR_WANT_X509_LOOKUP, \
+-     SSL_ERROR_SYSCALL, \
+-     SSL_ERROR_SSL, \
+-     SSL_ERROR_WANT_CONNECT, \
+-     SSL_ERROR_EOF, \
+-     SSL_ERROR_INVALID_ERROR_CODE
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++from _ssl import RAND_status, RAND_add
+ try:
+-    from _ssl import PROTOCOL_SSLv2
++    from _ssl import RAND_egd
+ except ImportError:
++    # LibreSSL does not provide RAND_egd
+     pass
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('ALERT_DESCRIPTION_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
++
++try:
++    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++except NameError:
++    _SSLv2_IF_EXISTS = None
+ 
+ from socket import socket, _fileobject, _delegate_methods, error as socket_error
+ from socket import getnameinfo as _getnameinfo
+@@ -416,7 +416,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodestring(d)
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ 
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+diff -r -u ../Python-2.7.2.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-2.7.2.orig/Modules/_ssl.c	2011-06-11 15:46:27.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-18 13:49:22.254728756 +0000
+@@ -65,7 +65,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -302,8 +304,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
+@@ -1716,8 +1720,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",
+Only in ./Modules: _ssl.c.orig

plugins/python-build/share/python-build/patches/2.7.3/Python-2.7.3/004_openssl_no_ssl3.patch

@@ -1,13 +0,0 @@
---- Modules/_ssl.c.orig	2015-12-06 09:38:40.581734108 -0500
-+++ Modules/_ssl.c	2015-12-06 09:40:29.953991951 -0500
-@@ -302,8 +302,10 @@
-     PySSL_BEGIN_ALLOW_THREADS
-     if (proto_version == PY_SSL_VERSION_TLS1)
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL3
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#endif
- #ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */

plugins/python-build/share/python-build/patches/2.7.3/Python-2.7.3/010_ssl_no_ssl3.patch

@@ -0,0 +1,98 @@
+diff -r -u ../Python-2.7.8.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-2.7.8.orig/Lib/ssl.py	2014-06-30 02:05:31.000000000 +0000
++++ ./Lib/ssl.py	2015-12-18 14:04:15.266072550 +0000
+@@ -62,30 +62,29 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import \
+-     SSL_ERROR_ZERO_RETURN, \
+-     SSL_ERROR_WANT_READ, \
+-     SSL_ERROR_WANT_WRITE, \
+-     SSL_ERROR_WANT_X509_LOOKUP, \
+-     SSL_ERROR_SYSCALL, \
+-     SSL_ERROR_SSL, \
+-     SSL_ERROR_WANT_CONNECT, \
+-     SSL_ERROR_EOF, \
+-     SSL_ERROR_INVALID_ERROR_CODE
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++from _ssl import RAND_status, RAND_add
+ try:
+-    from _ssl import PROTOCOL_SSLv2
+-    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++    from _ssl import RAND_egd
+ except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('ALERT_DESCRIPTION_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
++
++try:
++    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++except NameError:
+     _SSLv2_IF_EXISTS = None
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
+ 
+ from socket import socket, _fileobject, _delegate_methods, error as socket_error
+ from socket import getnameinfo as _getnameinfo
+@@ -436,7 +435,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodestring(d)
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ 
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+diff -r -u ../Python-2.7.8.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-2.7.8.orig/Modules/_ssl.c	2014-06-30 02:05:42.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-18 14:02:42.618029896 +0000
+@@ -67,7 +67,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -306,8 +308,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
+@@ -1808,8 +1812,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/2.7.4/Python-2.7.4/004_openssl_no_ssl3.patch

@@ -1,13 +0,0 @@
---- Modules/_ssl.c.orig	2015-12-06 09:38:40.581734108 -0500
-+++ Modules/_ssl.c	2015-12-06 09:40:29.953991951 -0500
-@@ -302,8 +302,10 @@
-     PySSL_BEGIN_ALLOW_THREADS
-     if (proto_version == PY_SSL_VERSION_TLS1)
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL3
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#endif
- #ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */

plugins/python-build/share/python-build/patches/2.7.4/Python-2.7.4/010_ssl_no_ssl3.patch

@@ -0,0 +1,98 @@
+diff -r -u ../Python-2.7.8.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-2.7.8.orig/Lib/ssl.py	2014-06-30 02:05:31.000000000 +0000
++++ ./Lib/ssl.py	2015-12-18 14:04:15.266072550 +0000
+@@ -62,30 +62,29 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import \
+-     SSL_ERROR_ZERO_RETURN, \
+-     SSL_ERROR_WANT_READ, \
+-     SSL_ERROR_WANT_WRITE, \
+-     SSL_ERROR_WANT_X509_LOOKUP, \
+-     SSL_ERROR_SYSCALL, \
+-     SSL_ERROR_SSL, \
+-     SSL_ERROR_WANT_CONNECT, \
+-     SSL_ERROR_EOF, \
+-     SSL_ERROR_INVALID_ERROR_CODE
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++from _ssl import RAND_status, RAND_add
+ try:
+-    from _ssl import PROTOCOL_SSLv2
+-    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++    from _ssl import RAND_egd
+ except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('ALERT_DESCRIPTION_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
++
++try:
++    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++except NameError:
+     _SSLv2_IF_EXISTS = None
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
+ 
+ from socket import socket, _fileobject, _delegate_methods, error as socket_error
+ from socket import getnameinfo as _getnameinfo
+@@ -436,7 +435,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodestring(d)
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ 
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+diff -r -u ../Python-2.7.8.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-2.7.8.orig/Modules/_ssl.c	2014-06-30 02:05:42.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-18 14:02:42.618029896 +0000
+@@ -67,7 +67,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -306,8 +308,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
+@@ -1808,8 +1812,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/2.7.5/Python-2.7.5/004_openssl_no_ssl3.patch

@@ -1,13 +0,0 @@
---- Modules/_ssl.c.orig	2015-12-06 09:38:40.581734108 -0500
-+++ Modules/_ssl.c	2015-12-06 09:40:29.953991951 -0500
-@@ -302,8 +302,10 @@
-     PySSL_BEGIN_ALLOW_THREADS
-     if (proto_version == PY_SSL_VERSION_TLS1)
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL3
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#endif
- #ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */

plugins/python-build/share/python-build/patches/2.7.5/Python-2.7.5/010_ssl_no_ssl3.patch

@@ -0,0 +1,98 @@
+diff -r -u ../Python-2.7.8.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-2.7.8.orig/Lib/ssl.py	2014-06-30 02:05:31.000000000 +0000
++++ ./Lib/ssl.py	2015-12-18 14:04:15.266072550 +0000
+@@ -62,30 +62,29 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import \
+-     SSL_ERROR_ZERO_RETURN, \
+-     SSL_ERROR_WANT_READ, \
+-     SSL_ERROR_WANT_WRITE, \
+-     SSL_ERROR_WANT_X509_LOOKUP, \
+-     SSL_ERROR_SYSCALL, \
+-     SSL_ERROR_SSL, \
+-     SSL_ERROR_WANT_CONNECT, \
+-     SSL_ERROR_EOF, \
+-     SSL_ERROR_INVALID_ERROR_CODE
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++from _ssl import RAND_status, RAND_add
+ try:
+-    from _ssl import PROTOCOL_SSLv2
+-    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++    from _ssl import RAND_egd
+ except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('ALERT_DESCRIPTION_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
++
++try:
++    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++except NameError:
+     _SSLv2_IF_EXISTS = None
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
+ 
+ from socket import socket, _fileobject, _delegate_methods, error as socket_error
+ from socket import getnameinfo as _getnameinfo
+@@ -436,7 +435,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodestring(d)
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ 
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+diff -r -u ../Python-2.7.8.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-2.7.8.orig/Modules/_ssl.c	2014-06-30 02:05:42.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-18 14:02:42.618029896 +0000
+@@ -67,7 +67,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -306,8 +308,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
+@@ -1808,8 +1812,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/2.7.6/Python-2.7.6/004_openssl_no_ssl3.patch

@@ -1,13 +0,0 @@
---- Modules/_ssl.c.orig	2015-12-06 09:38:40.581734108 -0500
-+++ Modules/_ssl.c	2015-12-06 09:40:29.953991951 -0500
-@@ -302,8 +302,10 @@
-     PySSL_BEGIN_ALLOW_THREADS
-     if (proto_version == PY_SSL_VERSION_TLS1)
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL3
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#endif
- #ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */

plugins/python-build/share/python-build/patches/2.7.6/Python-2.7.6/010_ssl_no_ssl3.patch

@@ -0,0 +1,98 @@
+diff -r -u ../Python-2.7.8.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-2.7.8.orig/Lib/ssl.py	2014-06-30 02:05:31.000000000 +0000
++++ ./Lib/ssl.py	2015-12-18 14:04:15.266072550 +0000
+@@ -62,30 +62,29 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import \
+-     SSL_ERROR_ZERO_RETURN, \
+-     SSL_ERROR_WANT_READ, \
+-     SSL_ERROR_WANT_WRITE, \
+-     SSL_ERROR_WANT_X509_LOOKUP, \
+-     SSL_ERROR_SYSCALL, \
+-     SSL_ERROR_SSL, \
+-     SSL_ERROR_WANT_CONNECT, \
+-     SSL_ERROR_EOF, \
+-     SSL_ERROR_INVALID_ERROR_CODE
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++from _ssl import RAND_status, RAND_add
+ try:
+-    from _ssl import PROTOCOL_SSLv2
+-    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++    from _ssl import RAND_egd
+ except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('ALERT_DESCRIPTION_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
++
++try:
++    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++except NameError:
+     _SSLv2_IF_EXISTS = None
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
+ 
+ from socket import socket, _fileobject, _delegate_methods, error as socket_error
+ from socket import getnameinfo as _getnameinfo
+@@ -436,7 +435,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodestring(d)
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ 
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+diff -r -u ../Python-2.7.8.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-2.7.8.orig/Modules/_ssl.c	2014-06-30 02:05:42.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-18 14:02:42.618029896 +0000
+@@ -67,7 +67,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -306,8 +308,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
+@@ -1808,8 +1812,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/2.7.7/Python-2.7.7/004_openssl_no_ssl3.patch

@@ -1,13 +0,0 @@
---- Modules/_ssl.c.orig	2015-12-06 09:38:40.581734108 -0500
-+++ Modules/_ssl.c	2015-12-06 09:40:29.953991951 -0500
-@@ -302,8 +302,10 @@
-     PySSL_BEGIN_ALLOW_THREADS
-     if (proto_version == PY_SSL_VERSION_TLS1)
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL3
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#endif
- #ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */

plugins/python-build/share/python-build/patches/2.7.7/Python-2.7.7/010_ssl_no_ssl3.patch

@@ -0,0 +1,98 @@
+diff -r -u ../Python-2.7.8.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-2.7.8.orig/Lib/ssl.py	2014-06-30 02:05:31.000000000 +0000
++++ ./Lib/ssl.py	2015-12-18 14:04:15.266072550 +0000
+@@ -62,30 +62,29 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import \
+-     SSL_ERROR_ZERO_RETURN, \
+-     SSL_ERROR_WANT_READ, \
+-     SSL_ERROR_WANT_WRITE, \
+-     SSL_ERROR_WANT_X509_LOOKUP, \
+-     SSL_ERROR_SYSCALL, \
+-     SSL_ERROR_SSL, \
+-     SSL_ERROR_WANT_CONNECT, \
+-     SSL_ERROR_EOF, \
+-     SSL_ERROR_INVALID_ERROR_CODE
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++from _ssl import RAND_status, RAND_add
+ try:
+-    from _ssl import PROTOCOL_SSLv2
+-    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++    from _ssl import RAND_egd
+ except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('ALERT_DESCRIPTION_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
++
++try:
++    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++except NameError:
+     _SSLv2_IF_EXISTS = None
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
+ 
+ from socket import socket, _fileobject, _delegate_methods, error as socket_error
+ from socket import getnameinfo as _getnameinfo
+@@ -436,7 +435,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodestring(d)
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ 
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+diff -r -u ../Python-2.7.8.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-2.7.8.orig/Modules/_ssl.c	2014-06-30 02:05:42.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-18 14:02:42.618029896 +0000
+@@ -67,7 +67,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -306,8 +308,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
+@@ -1808,8 +1812,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/2.7.8/Python-2.7.8/004_openssl_no_ssl3.patch

@@ -1,13 +0,0 @@
---- Modules/_ssl.c.orig	2015-12-06 09:38:40.581734108 -0500
-+++ Modules/_ssl.c	2015-12-06 09:40:29.953991951 -0500
-@@ -302,8 +302,10 @@
-     PySSL_BEGIN_ALLOW_THREADS
-     if (proto_version == PY_SSL_VERSION_TLS1)
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL3
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#endif
- #ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */

plugins/python-build/share/python-build/patches/2.7.8/Python-2.7.8/010_ssl_no_ssl3.patch

@@ -0,0 +1,98 @@
+diff -r -u ../Python-2.7.8.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-2.7.8.orig/Lib/ssl.py	2014-06-30 02:05:31.000000000 +0000
++++ ./Lib/ssl.py	2015-12-18 14:04:15.266072550 +0000
+@@ -62,30 +62,29 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import \
+-     SSL_ERROR_ZERO_RETURN, \
+-     SSL_ERROR_WANT_READ, \
+-     SSL_ERROR_WANT_WRITE, \
+-     SSL_ERROR_WANT_X509_LOOKUP, \
+-     SSL_ERROR_SYSCALL, \
+-     SSL_ERROR_SSL, \
+-     SSL_ERROR_WANT_CONNECT, \
+-     SSL_ERROR_EOF, \
+-     SSL_ERROR_INVALID_ERROR_CODE
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++from _ssl import RAND_status, RAND_add
+ try:
+-    from _ssl import PROTOCOL_SSLv2
+-    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++    from _ssl import RAND_egd
+ except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('ALERT_DESCRIPTION_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
++
++try:
++    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++except NameError:
+     _SSLv2_IF_EXISTS = None
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
+ 
+ from socket import socket, _fileobject, _delegate_methods, error as socket_error
+ from socket import getnameinfo as _getnameinfo
+@@ -436,7 +435,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodestring(d)
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ 
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+diff -r -u ../Python-2.7.8.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-2.7.8.orig/Modules/_ssl.c	2014-06-30 02:05:42.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-18 14:02:42.618029896 +0000
+@@ -67,7 +67,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -306,8 +308,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
+@@ -1808,8 +1812,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/2.7.9/Python-2.7.9/010_ssl_no_ssl3.patch

@@ -0,0 +1,17 @@
+diff -r -u ../Python-2.7.9.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-2.7.9.orig/Lib/ssl.py	2014-12-10 15:59:40.000000000 +0000
++++ ./Lib/ssl.py	2015-12-18 14:09:51.218138658 +0000
+@@ -106,7 +106,12 @@
+ from _ssl import (VERIFY_DEFAULT, VERIFY_CRL_CHECK_LEAF, VERIFY_CRL_CHECK_CHAIN,
+     VERIFY_X509_STRICT)
+ from _ssl import txt2obj as _txt2obj, nid2obj as _nid2obj
+-from _ssl import RAND_status, RAND_egd, RAND_add
++from _ssl import RAND_status, RAND_add
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
+ 
+ def _import_symbols(prefix):
+     for n in dir(_ssl):

plugins/python-build/share/python-build/patches/2.7/Python-2.7/001_openssl_no_ssl2.patch

@@ -1,77 +0,0 @@
-diff -r -u ./Lib/ssl.py ../Python-2.6.8/Lib/ssl.py
---- ./Lib/ssl.py	2012-04-11 00:32:06.000000000 +0900
-+++ ../Python-2.6.8/Lib/ssl.py	2013-05-08 19:44:49.000000000 +0900
-@@ -61,7 +61,19 @@
- 
- from _ssl import SSLError
- from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
--from _ssl import PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
-+from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
-+_PROTOCOL_NAMES = {
-+    PROTOCOL_TLSv1: "TLSv1",
-+    PROTOCOL_SSLv23: "SSLv23",
-+    PROTOCOL_SSLv3: "SSLv3",
-+}
-+try:
-+    from _ssl import PROTOCOL_SSLv2
-+    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
-+except ImportError:
-+    _SSLv2_IF_EXISTS = None
-+else:
-+    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
- from _ssl import RAND_status, RAND_egd, RAND_add
- from _ssl import \
-      SSL_ERROR_ZERO_RETURN, \
-@@ -402,16 +414,7 @@
-     return DER_cert_to_PEM_cert(dercert)
- 
- def get_protocol_name(protocol_code):
--    if protocol_code == PROTOCOL_TLSv1:
--        return "TLSv1"
--    elif protocol_code == PROTOCOL_SSLv23:
--        return "SSLv23"
--    elif protocol_code == PROTOCOL_SSLv2:
--        return "SSLv2"
--    elif protocol_code == PROTOCOL_SSLv3:
--        return "SSLv3"
--    else:
--        return "<unknown>"
-+    return _PROTOCOL_NAMES.get(protocol_code, '<unknown>')
- 
- 
- # a replacement for the old socket.ssl function
-diff -r -u ./Modules/_ssl.c ../Python-2.6.8/Modules/_ssl.c
---- ./Modules/_ssl.c	2012-04-11 00:32:09.000000000 +0900
-+++ ../Python-2.6.8/Modules/_ssl.c	2013-05-08 17:34:38.000000000 +0900
-@@ -62,7 +62,9 @@
- };
- 
- enum py_ssl_version {
-+#ifndef OPENSSL_NO_SSL2
-     PY_SSL_VERSION_SSL2,
-+#endif
-     PY_SSL_VERSION_SSL3,
-     PY_SSL_VERSION_SSL23,
-     PY_SSL_VERSION_TLS1
-@@ -302,8 +304,10 @@
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
-+#endif
-     else if (proto_version == PY_SSL_VERSION_SSL23)
-         self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
-     PySSL_END_ALLOW_THREADS
-@@ -1688,8 +1692,10 @@
-                             PY_SSL_CERT_REQUIRED);
- 
-     /* protocol versions */
-+#ifndef OPENSSL_NO_SSL2
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
-                             PY_SSL_VERSION_SSL2);
-+#endif
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
-                             PY_SSL_VERSION_SSL3);
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",

plugins/python-build/share/python-build/patches/2.7/Python-2.7/004_openssl_no_ssl3.patch

@@ -1,13 +0,0 @@
---- Modules/_ssl.c.orig	2015-12-06 09:38:40.581734108 -0500
-+++ Modules/_ssl.c	2015-12-06 09:40:29.953991951 -0500
-@@ -302,8 +302,10 @@
-     PySSL_BEGIN_ALLOW_THREADS
-     if (proto_version == PY_SSL_VERSION_TLS1)
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL3
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#endif
- #ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */

plugins/python-build/share/python-build/patches/2.7/Python-2.7/010_ssl_no_ssl2_no_ssl3.patch

@@ -0,0 +1,100 @@
+diff -r -u ../Python-2.7.1.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-2.7.1.orig/Lib/ssl.py	2010-09-14 14:37:18.000000000 +0000
++++ ./Lib/ssl.py	2015-12-18 14:14:39.089679248 +0000
+@@ -62,18 +62,29 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import \
+-     SSL_ERROR_ZERO_RETURN, \
+-     SSL_ERROR_WANT_READ, \
+-     SSL_ERROR_WANT_WRITE, \
+-     SSL_ERROR_WANT_X509_LOOKUP, \
+-     SSL_ERROR_SYSCALL, \
+-     SSL_ERROR_SSL, \
+-     SSL_ERROR_WANT_CONNECT, \
+-     SSL_ERROR_EOF, \
+-     SSL_ERROR_INVALID_ERROR_CODE
++from _ssl import RAND_status, RAND_add
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('ALERT_DESCRIPTION_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
++
++try:
++    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++except NameError:
++    _SSLv2_IF_EXISTS = None
+ 
+ from socket import socket, _fileobject, _delegate_methods, error as socket_error
+ from socket import getnameinfo as _getnameinfo
+@@ -388,7 +399,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodestring(d)
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ 
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+diff -r -u ../Python-2.7.1.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-2.7.1.orig/Modules/_ssl.c	2010-10-13 22:10:31.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-18 14:18:21.612222848 +0000
+@@ -62,8 +62,12 @@
+ };
+ 
+ enum py_ssl_version {
++#ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -300,10 +304,14 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
++#ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
++#endif
+     else if (proto_version == PY_SSL_VERSION_SSL23)
+         self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
+     PySSL_END_ALLOW_THREADS
+@@ -1706,10 +1714,14 @@
+                             PY_SSL_CERT_REQUIRED);
+ 
+     /* protocol versions */
++#ifndef OPENSSL_NO_SSL2
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.0.1/Python-3.0.1/002_openssl_no_ssl2.patch

@@ -1,75 +0,0 @@
-diff -r -u ./Lib/ssl.py ../Python-3.0.1/Lib/ssl.py
---- ./Lib/ssl.py	2009-01-04 08:47:58.000000000 +0900
-+++ ../Python-3.0.1/Lib/ssl.py	2013-05-08 19:58:59.000000000 +0900
-@@ -60,8 +60,20 @@
- 
- from _ssl import SSLError
- from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
--from _ssl import (PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23,
-+from _ssl import (PROTOCOL_SSLv3, PROTOCOL_SSLv23,
-                   PROTOCOL_TLSv1)
-+_PROTOCOL_NAMES = {
-+    PROTOCOL_TLSv1: "TLSv1",
-+    PROTOCOL_SSLv23: "SSLv23",
-+    PROTOCOL_SSLv3: "SSLv3",
-+}
-+try:
-+    from _ssl import PROTOCOL_SSLv2
-+    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
-+except ImportError:
-+    _SSLv2_IF_EXISTS = None
-+else:
-+    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
- from _ssl import RAND_status, RAND_egd, RAND_add
- from _ssl import (
-     SSL_ERROR_ZERO_RETURN,
-@@ -434,13 +446,4 @@
-     return DER_cert_to_PEM_cert(dercert)
- 
- def get_protocol_name(protocol_code):
--    if protocol_code == PROTOCOL_TLSv1:
--        return "TLSv1"
--    elif protocol_code == PROTOCOL_SSLv23:
--        return "SSLv23"
--    elif protocol_code == PROTOCOL_SSLv2:
--        return "SSLv2"
--    elif protocol_code == PROTOCOL_SSLv3:
--        return "SSLv3"
--    else:
--        return "<unknown>"
-+    return _PROTOCOL_NAMES.get(protocol_code, '<unknown>')
-diff -r -u ./Modules/_ssl.c ../Python-3.0.1/Modules/_ssl.c
---- ./Modules/_ssl.c	2009-02-03 05:41:29.000000000 +0900
-+++ ../Python-3.0.1/Modules/_ssl.c	2013-05-08 19:57:38.000000000 +0900
-@@ -62,7 +62,9 @@
- };
- 
- enum py_ssl_version {
-+#ifndef OPENSSL_NO_SSL2
- 	PY_SSL_VERSION_SSL2,
-+#endif
- 	PY_SSL_VERSION_SSL3,
- 	PY_SSL_VERSION_SSL23,
- 	PY_SSL_VERSION_TLS1,
-@@ -299,8 +301,10 @@
- 		self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
- 	else if (proto_version == PY_SSL_VERSION_SSL3)
- 		self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL2
- 	else if (proto_version == PY_SSL_VERSION_SSL2)
- 		self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
-+#endif
- 	else if (proto_version == PY_SSL_VERSION_SSL23)
- 		self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
- 	PySSL_END_ALLOW_THREADS
-@@ -1691,8 +1695,10 @@
- 				PY_SSL_CERT_REQUIRED);
- 
- 	/* protocol versions */
-+#ifndef OPENSSL_NO_SSL2
- 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
- 				PY_SSL_VERSION_SSL2);
-+#endif
- 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
- 				PY_SSL_VERSION_SSL3);
- 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",

plugins/python-build/share/python-build/patches/3.0.1/Python-3.0.1/010_ssl_no_ssl2_no_ssl3.patch

@@ -0,0 +1,96 @@
+diff -r -u ../Python-3.1.2.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.1.2.orig/Lib/ssl.py	2010-01-18 09:16:17.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 07:36:08.545346519 +0000
+@@ -60,20 +60,23 @@
+ 
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import (PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23,
+-                  PROTOCOL_TLSv1)
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
++from _ssl import RAND_status, RAND_add
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
+ 
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+@@ -415,7 +418,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.1.2.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.1.2.orig/Modules/_ssl.c	2010-03-02 22:49:30.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 07:35:02.675100987 +0000
+@@ -62,8 +62,12 @@
+ };
+ 
+ enum py_ssl_version {
++#ifndef OPENSSL_NO_SSL2
+ 	PY_SSL_VERSION_SSL2,
++#endif
++#ifndef OPENSSL_NO_SSL3
+ 	PY_SSL_VERSION_SSL3,
++#endif
+ 	PY_SSL_VERSION_SSL23,
+ 	PY_SSL_VERSION_TLS1,
+ };
+@@ -299,10 +303,14 @@
+ 	PySSL_BEGIN_ALLOW_THREADS
+ 	if (proto_version == PY_SSL_VERSION_TLS1)
+ 		self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+ 	else if (proto_version == PY_SSL_VERSION_SSL3)
+ 		self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
++#ifndef OPENSSL_NO_SSL2
+ 	else if (proto_version == PY_SSL_VERSION_SSL2)
+ 		self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
++#endif
+ 	else if (proto_version == PY_SSL_VERSION_SSL23)
+ 		self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
+ 	PySSL_END_ALLOW_THREADS
+@@ -1698,10 +1706,14 @@
+ 				PY_SSL_CERT_REQUIRED);
+ 
+ 	/* protocol versions */
++#ifndef OPENSSL_NO_SSL2
+ 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+ 				PY_SSL_VERSION_SSL2);
++#endif
++#ifndef OPENSSL_NO_SSL3
+ 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+ 				PY_SSL_VERSION_SSL3);
++#endif
+ 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+ 				PY_SSL_VERSION_SSL23);
+ 	PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.1.1/Python-3.1.1/001_openssl_no_ssl2.patch

@@ -1,75 +0,0 @@
-diff -r -u ../Python-3.1/Lib/ssl.py ./Lib/ssl.py
---- ../Python-3.1/Lib/ssl.py	2009-06-04 18:42:55.000000000 +0900
-+++ ./Lib/ssl.py	2015-08-15 13:12:22.270915671 +0900
-@@ -60,8 +60,20 @@
- 
- from _ssl import SSLError
- from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
--from _ssl import (PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23,
-+from _ssl import (PROTOCOL_SSLv3, PROTOCOL_SSLv23,
-                   PROTOCOL_TLSv1)
-+_PROTOCOL_NAMES = {
-+    PROTOCOL_TLSv1: "TLSv1",
-+    PROTOCOL_SSLv23: "SSLv23",
-+    PROTOCOL_SSLv3: "SSLv3",
-+}
-+try:
-+    from _ssl import PROTOCOL_SSLv2
-+    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
-+except ImportError:
-+    _SSLv2_IF_EXISTS = None
-+else:
-+    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
- from _ssl import RAND_status, RAND_egd, RAND_add
- from _ssl import (
-     SSL_ERROR_ZERO_RETURN,
-@@ -434,13 +446,4 @@
-     return DER_cert_to_PEM_cert(dercert)
- 
- def get_protocol_name(protocol_code):
--    if protocol_code == PROTOCOL_TLSv1:
--        return "TLSv1"
--    elif protocol_code == PROTOCOL_SSLv23:
--        return "SSLv23"
--    elif protocol_code == PROTOCOL_SSLv2:
--        return "SSLv2"
--    elif protocol_code == PROTOCOL_SSLv3:
--        return "SSLv3"
--    else:
--        return "<unknown>"
-+    return _PROTOCOL_NAMES.get(protocol_code, '<unknown>')
-diff -r -u ../Python-3.1/Modules/_ssl.c ./Modules/_ssl.c
---- ../Python-3.1/Modules/_ssl.c	2009-05-06 07:31:58.000000000 +0900
-+++ ./Modules/_ssl.c	2015-08-15 13:13:23.812369742 +0900
-@@ -62,7 +62,9 @@
- };
- 
- enum py_ssl_version {
-+#ifndef OPENSSL_NO_SSL2
- 	PY_SSL_VERSION_SSL2,
-+#endif
- 	PY_SSL_VERSION_SSL3,
- 	PY_SSL_VERSION_SSL23,
- 	PY_SSL_VERSION_TLS1,
-@@ -301,8 +303,10 @@
- 		self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
- 	else if (proto_version == PY_SSL_VERSION_SSL3)
- 		self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL2
- 	else if (proto_version == PY_SSL_VERSION_SSL2)
- 		self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
-+#endif
- 	else if (proto_version == PY_SSL_VERSION_SSL23)
- 		self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
- 	PySSL_END_ALLOW_THREADS
-@@ -1693,8 +1697,10 @@
- 				PY_SSL_CERT_REQUIRED);
- 
- 	/* protocol versions */
-+#ifndef OPENSSL_NO_SSL2
- 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
- 				PY_SSL_VERSION_SSL2);
-+#endif
- 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
- 				PY_SSL_VERSION_SSL3);
- 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",

plugins/python-build/share/python-build/patches/3.1.1/Python-3.1.1/010_ssl_no_ssl2_no_ssl3.patch

@@ -0,0 +1,96 @@
+diff -r -u ../Python-3.1.2.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.1.2.orig/Lib/ssl.py	2010-01-18 09:16:17.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 07:36:08.545346519 +0000
+@@ -60,20 +60,23 @@
+ 
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import (PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23,
+-                  PROTOCOL_TLSv1)
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
++from _ssl import RAND_status, RAND_add
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
+ 
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+@@ -415,7 +418,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.1.2.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.1.2.orig/Modules/_ssl.c	2010-03-02 22:49:30.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 07:35:02.675100987 +0000
+@@ -62,8 +62,12 @@
+ };
+ 
+ enum py_ssl_version {
++#ifndef OPENSSL_NO_SSL2
+ 	PY_SSL_VERSION_SSL2,
++#endif
++#ifndef OPENSSL_NO_SSL3
+ 	PY_SSL_VERSION_SSL3,
++#endif
+ 	PY_SSL_VERSION_SSL23,
+ 	PY_SSL_VERSION_TLS1,
+ };
+@@ -299,10 +303,14 @@
+ 	PySSL_BEGIN_ALLOW_THREADS
+ 	if (proto_version == PY_SSL_VERSION_TLS1)
+ 		self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+ 	else if (proto_version == PY_SSL_VERSION_SSL3)
+ 		self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
++#ifndef OPENSSL_NO_SSL2
+ 	else if (proto_version == PY_SSL_VERSION_SSL2)
+ 		self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
++#endif
+ 	else if (proto_version == PY_SSL_VERSION_SSL23)
+ 		self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
+ 	PySSL_END_ALLOW_THREADS
+@@ -1698,10 +1706,14 @@
+ 				PY_SSL_CERT_REQUIRED);
+ 
+ 	/* protocol versions */
++#ifndef OPENSSL_NO_SSL2
+ 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+ 				PY_SSL_VERSION_SSL2);
++#endif
++#ifndef OPENSSL_NO_SSL3
+ 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+ 				PY_SSL_VERSION_SSL3);
++#endif
+ 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+ 				PY_SSL_VERSION_SSL23);
+ 	PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.1.2/Python-3.1.2/001_openssl_no_ssl2.patch

@@ -1,75 +0,0 @@
-diff -r -u ../Python-3.1/Lib/ssl.py ./Lib/ssl.py
---- ../Python-3.1/Lib/ssl.py	2009-06-04 18:42:55.000000000 +0900
-+++ ./Lib/ssl.py	2015-08-15 13:12:22.270915671 +0900
-@@ -60,8 +60,20 @@
- 
- from _ssl import SSLError
- from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
--from _ssl import (PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23,
-+from _ssl import (PROTOCOL_SSLv3, PROTOCOL_SSLv23,
-                   PROTOCOL_TLSv1)
-+_PROTOCOL_NAMES = {
-+    PROTOCOL_TLSv1: "TLSv1",
-+    PROTOCOL_SSLv23: "SSLv23",
-+    PROTOCOL_SSLv3: "SSLv3",
-+}
-+try:
-+    from _ssl import PROTOCOL_SSLv2
-+    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
-+except ImportError:
-+    _SSLv2_IF_EXISTS = None
-+else:
-+    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
- from _ssl import RAND_status, RAND_egd, RAND_add
- from _ssl import (
-     SSL_ERROR_ZERO_RETURN,
-@@ -434,13 +446,4 @@
-     return DER_cert_to_PEM_cert(dercert)
- 
- def get_protocol_name(protocol_code):
--    if protocol_code == PROTOCOL_TLSv1:
--        return "TLSv1"
--    elif protocol_code == PROTOCOL_SSLv23:
--        return "SSLv23"
--    elif protocol_code == PROTOCOL_SSLv2:
--        return "SSLv2"
--    elif protocol_code == PROTOCOL_SSLv3:
--        return "SSLv3"
--    else:
--        return "<unknown>"
-+    return _PROTOCOL_NAMES.get(protocol_code, '<unknown>')
-diff -r -u ../Python-3.1/Modules/_ssl.c ./Modules/_ssl.c
---- ../Python-3.1/Modules/_ssl.c	2009-05-06 07:31:58.000000000 +0900
-+++ ./Modules/_ssl.c	2015-08-15 13:13:23.812369742 +0900
-@@ -62,7 +62,9 @@
- };
- 
- enum py_ssl_version {
-+#ifndef OPENSSL_NO_SSL2
- 	PY_SSL_VERSION_SSL2,
-+#endif
- 	PY_SSL_VERSION_SSL3,
- 	PY_SSL_VERSION_SSL23,
- 	PY_SSL_VERSION_TLS1,
-@@ -301,8 +303,10 @@
- 		self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
- 	else if (proto_version == PY_SSL_VERSION_SSL3)
- 		self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL2
- 	else if (proto_version == PY_SSL_VERSION_SSL2)
- 		self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
-+#endif
- 	else if (proto_version == PY_SSL_VERSION_SSL23)
- 		self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
- 	PySSL_END_ALLOW_THREADS
-@@ -1693,8 +1697,10 @@
- 				PY_SSL_CERT_REQUIRED);
- 
- 	/* protocol versions */
-+#ifndef OPENSSL_NO_SSL2
- 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
- 				PY_SSL_VERSION_SSL2);
-+#endif
- 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
- 				PY_SSL_VERSION_SSL3);
- 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",

plugins/python-build/share/python-build/patches/3.1.2/Python-3.1.2/010_ssl_no_ssl2_no_ssl3.patch

@@ -0,0 +1,96 @@
+diff -r -u ../Python-3.1.2.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.1.2.orig/Lib/ssl.py	2010-01-18 09:16:17.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 07:36:08.545346519 +0000
+@@ -60,20 +60,23 @@
+ 
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import (PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23,
+-                  PROTOCOL_TLSv1)
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
++from _ssl import RAND_status, RAND_add
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
+ 
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+@@ -415,7 +418,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.1.2.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.1.2.orig/Modules/_ssl.c	2010-03-02 22:49:30.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 07:35:02.675100987 +0000
+@@ -62,8 +62,12 @@
+ };
+ 
+ enum py_ssl_version {
++#ifndef OPENSSL_NO_SSL2
+ 	PY_SSL_VERSION_SSL2,
++#endif
++#ifndef OPENSSL_NO_SSL3
+ 	PY_SSL_VERSION_SSL3,
++#endif
+ 	PY_SSL_VERSION_SSL23,
+ 	PY_SSL_VERSION_TLS1,
+ };
+@@ -299,10 +303,14 @@
+ 	PySSL_BEGIN_ALLOW_THREADS
+ 	if (proto_version == PY_SSL_VERSION_TLS1)
+ 		self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+ 	else if (proto_version == PY_SSL_VERSION_SSL3)
+ 		self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
++#ifndef OPENSSL_NO_SSL2
+ 	else if (proto_version == PY_SSL_VERSION_SSL2)
+ 		self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
++#endif
+ 	else if (proto_version == PY_SSL_VERSION_SSL23)
+ 		self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
+ 	PySSL_END_ALLOW_THREADS
+@@ -1698,10 +1706,14 @@
+ 				PY_SSL_CERT_REQUIRED);
+ 
+ 	/* protocol versions */
++#ifndef OPENSSL_NO_SSL2
+ 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+ 				PY_SSL_VERSION_SSL2);
++#endif
++#ifndef OPENSSL_NO_SSL3
+ 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+ 				PY_SSL_VERSION_SSL3);
++#endif
+ 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+ 				PY_SSL_VERSION_SSL23);
+ 	PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.1.3/Python-3.1.3/001_openssl_no_ssl2.patch

@@ -1,75 +0,0 @@
-diff -r -u ./Lib/ssl.py ../Python-3.1.3/Lib/ssl.py
---- ./Lib/ssl.py	2010-09-14 23:47:08.000000000 +0900
-+++ ../Python-3.1.3/Lib/ssl.py	2013-05-23 12:03:38.000000000 +0900
-@@ -60,8 +60,20 @@
- 
- from _ssl import SSLError
- from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
--from _ssl import (PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23,
-+from _ssl import (PROTOCOL_SSLv3, PROTOCOL_SSLv23,
-                   PROTOCOL_TLSv1)
-+_PROTOCOL_NAMES = {
-+    PROTOCOL_TLSv1: "TLSv1",
-+    PROTOCOL_SSLv23: "SSLv23",
-+    PROTOCOL_SSLv3: "SSLv3",
-+}
-+try:
-+    from _ssl import PROTOCOL_SSLv2
-+    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
-+except ImportError:
-+    _SSLv2_IF_EXISTS = None
-+else:
-+    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
- from _ssl import RAND_status, RAND_egd, RAND_add
- from _ssl import (
-     SSL_ERROR_ZERO_RETURN,
-@@ -427,13 +439,4 @@
-     return DER_cert_to_PEM_cert(dercert)
- 
- def get_protocol_name(protocol_code):
--    if protocol_code == PROTOCOL_TLSv1:
--        return "TLSv1"
--    elif protocol_code == PROTOCOL_SSLv23:
--        return "SSLv23"
--    elif protocol_code == PROTOCOL_SSLv2:
--        return "SSLv2"
--    elif protocol_code == PROTOCOL_SSLv3:
--        return "SSLv3"
--    else:
--        return "<unknown>"
-+    return _PROTOCOL_NAMES.get(protocol_code, '<unknown>')
-diff -r -u ./Modules/_ssl.c ../Python-3.1.3/Modules/_ssl.c
---- ./Modules/_ssl.c	2010-10-14 07:20:48.000000000 +0900
-+++ ../Python-3.1.3/Modules/_ssl.c	2013-05-23 12:04:31.000000000 +0900
-@@ -63,7 +63,9 @@
- };
- 
- enum py_ssl_version {
-+#ifndef OPENSSL_NO_SSL2
-     PY_SSL_VERSION_SSL2,
-+#endif
-     PY_SSL_VERSION_SSL3,
-     PY_SSL_VERSION_SSL23,
-     PY_SSL_VERSION_TLS1
-@@ -306,8 +308,10 @@
-         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
-+#endif
-     else if (proto_version == PY_SSL_VERSION_SSL23)
-         self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
-     PySSL_END_ALLOW_THREADS
-@@ -1785,8 +1789,10 @@
-                             PY_SSL_CERT_REQUIRED);
- 
-     /* protocol versions */
-+#ifndef OPENSSL_NO_SSL2
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
-                             PY_SSL_VERSION_SSL2);
-+#endif
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
-                             PY_SSL_VERSION_SSL3);
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",

plugins/python-build/share/python-build/patches/3.1.3/Python-3.1.3/010_ssl_no_ssl2_no_ssl3.patch

@@ -0,0 +1,96 @@
+diff -r -u ../Python-3.1.3.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.1.3.orig/Lib/ssl.py	2010-09-14 14:47:08.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 07:32:44.351880682 +0000
+@@ -60,20 +60,23 @@
+ 
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import (PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23,
+-                  PROTOCOL_TLSv1)
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
++from _ssl import RAND_status, RAND_add
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
+ 
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+@@ -408,7 +411,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.1.3.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.1.3.orig/Modules/_ssl.c	2010-10-13 22:20:48.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 07:31:44.644359788 +0000
+@@ -63,8 +63,12 @@
+ };
+ 
+ enum py_ssl_version {
++#ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -304,10 +308,14 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
++#ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
++#endif
+     else if (proto_version == PY_SSL_VERSION_SSL23)
+         self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
+     PySSL_END_ALLOW_THREADS
+@@ -1785,10 +1793,14 @@
+                             PY_SSL_CERT_REQUIRED);
+ 
+     /* protocol versions */
++#ifndef OPENSSL_NO_SSL2
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.1.4/Python-3.1.4/010_ssl_no_ssl3.patch

@@ -0,0 +1,97 @@
+diff -r -u ../Python-3.1.5.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.1.5.orig/Lib/ssl.py	2012-04-09 23:25:35.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 07:28:44.015492213 +0000
+@@ -60,30 +60,28 @@
+ 
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++from _ssl import RAND_status, RAND_add
+ try:
+-    from _ssl import PROTOCOL_SSLv2
++    from _ssl import RAND_egd
+ except ImportError:
++    # LibreSSL does not provide RAND_egd
+     pass
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
++
++try:
++	_SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++except NameError:
++	_SSLv2_IF_EXISTS = None
+ 
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+@@ -418,7 +416,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.1.5.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.1.5.orig/Modules/_ssl.c	2012-04-09 23:25:36.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 07:27:06.620775506 +0000
+@@ -66,7 +66,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -306,8 +308,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
+@@ -1796,8 +1800,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.1.5/Python-3.1.5/010_ssl_no_ssl3.patch

@@ -0,0 +1,97 @@
+diff -r -u ../Python-3.1.5.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.1.5.orig/Lib/ssl.py	2012-04-09 23:25:35.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 07:28:44.015492213 +0000
+@@ -60,30 +60,28 @@
+ 
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++from _ssl import RAND_status, RAND_add
+ try:
+-    from _ssl import PROTOCOL_SSLv2
++    from _ssl import RAND_egd
+ except ImportError:
++    # LibreSSL does not provide RAND_egd
+     pass
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
++
++try:
++	_SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++except NameError:
++	_SSLv2_IF_EXISTS = None
+ 
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+@@ -418,7 +416,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.1.5.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.1.5.orig/Modules/_ssl.c	2012-04-09 23:25:36.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 07:27:06.620775506 +0000
+@@ -66,7 +66,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -306,8 +308,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
+@@ -1796,8 +1800,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.1/Python-3.1/001_openssl_no_ssl2.patch

@@ -1,75 +0,0 @@
-diff -r -u ../Python-3.1/Lib/ssl.py ./Lib/ssl.py
---- ../Python-3.1/Lib/ssl.py	2009-06-04 18:42:55.000000000 +0900
-+++ ./Lib/ssl.py	2015-08-15 13:12:22.270915671 +0900
-@@ -60,8 +60,20 @@
- 
- from _ssl import SSLError
- from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
--from _ssl import (PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23,
-+from _ssl import (PROTOCOL_SSLv3, PROTOCOL_SSLv23,
-                   PROTOCOL_TLSv1)
-+_PROTOCOL_NAMES = {
-+    PROTOCOL_TLSv1: "TLSv1",
-+    PROTOCOL_SSLv23: "SSLv23",
-+    PROTOCOL_SSLv3: "SSLv3",
-+}
-+try:
-+    from _ssl import PROTOCOL_SSLv2
-+    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
-+except ImportError:
-+    _SSLv2_IF_EXISTS = None
-+else:
-+    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
- from _ssl import RAND_status, RAND_egd, RAND_add
- from _ssl import (
-     SSL_ERROR_ZERO_RETURN,
-@@ -434,13 +446,4 @@
-     return DER_cert_to_PEM_cert(dercert)
- 
- def get_protocol_name(protocol_code):
--    if protocol_code == PROTOCOL_TLSv1:
--        return "TLSv1"
--    elif protocol_code == PROTOCOL_SSLv23:
--        return "SSLv23"
--    elif protocol_code == PROTOCOL_SSLv2:
--        return "SSLv2"
--    elif protocol_code == PROTOCOL_SSLv3:
--        return "SSLv3"
--    else:
--        return "<unknown>"
-+    return _PROTOCOL_NAMES.get(protocol_code, '<unknown>')
-diff -r -u ../Python-3.1/Modules/_ssl.c ./Modules/_ssl.c
---- ../Python-3.1/Modules/_ssl.c	2009-05-06 07:31:58.000000000 +0900
-+++ ./Modules/_ssl.c	2015-08-15 13:13:23.812369742 +0900
-@@ -62,7 +62,9 @@
- };
- 
- enum py_ssl_version {
-+#ifndef OPENSSL_NO_SSL2
- 	PY_SSL_VERSION_SSL2,
-+#endif
- 	PY_SSL_VERSION_SSL3,
- 	PY_SSL_VERSION_SSL23,
- 	PY_SSL_VERSION_TLS1,
-@@ -301,8 +303,10 @@
- 		self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
- 	else if (proto_version == PY_SSL_VERSION_SSL3)
- 		self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
-+#ifndef OPENSSL_NO_SSL2
- 	else if (proto_version == PY_SSL_VERSION_SSL2)
- 		self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
-+#endif
- 	else if (proto_version == PY_SSL_VERSION_SSL23)
- 		self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
- 	PySSL_END_ALLOW_THREADS
-@@ -1693,8 +1697,10 @@
- 				PY_SSL_CERT_REQUIRED);
- 
- 	/* protocol versions */
-+#ifndef OPENSSL_NO_SSL2
- 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
- 				PY_SSL_VERSION_SSL2);
-+#endif
- 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
- 				PY_SSL_VERSION_SSL3);
- 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",

plugins/python-build/share/python-build/patches/3.1/Python-3.1/010_ssl_no_ssl2_no_ssl3.patch

@@ -0,0 +1,96 @@
+diff -r -u ../Python-3.1.2.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.1.2.orig/Lib/ssl.py	2010-01-18 09:16:17.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 07:36:08.545346519 +0000
+@@ -60,20 +60,23 @@
+ 
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import (PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23,
+-                  PROTOCOL_TLSv1)
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
++from _ssl import RAND_status, RAND_add
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
+ 
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+@@ -415,7 +418,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.1.2.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.1.2.orig/Modules/_ssl.c	2010-03-02 22:49:30.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 07:35:02.675100987 +0000
+@@ -62,8 +62,12 @@
+ };
+ 
+ enum py_ssl_version {
++#ifndef OPENSSL_NO_SSL2
+ 	PY_SSL_VERSION_SSL2,
++#endif
++#ifndef OPENSSL_NO_SSL3
+ 	PY_SSL_VERSION_SSL3,
++#endif
+ 	PY_SSL_VERSION_SSL23,
+ 	PY_SSL_VERSION_TLS1,
+ };
+@@ -299,10 +303,14 @@
+ 	PySSL_BEGIN_ALLOW_THREADS
+ 	if (proto_version == PY_SSL_VERSION_TLS1)
+ 		self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
++#ifndef OPENSSL_NO_SSL3
+ 	else if (proto_version == PY_SSL_VERSION_SSL3)
+ 		self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
++#endif
++#ifndef OPENSSL_NO_SSL2
+ 	else if (proto_version == PY_SSL_VERSION_SSL2)
+ 		self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
++#endif
+ 	else if (proto_version == PY_SSL_VERSION_SSL23)
+ 		self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
+ 	PySSL_END_ALLOW_THREADS
+@@ -1698,10 +1706,14 @@
+ 				PY_SSL_CERT_REQUIRED);
+ 
+ 	/* protocol versions */
++#ifndef OPENSSL_NO_SSL2
+ 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+ 				PY_SSL_VERSION_SSL2);
++#endif
++#ifndef OPENSSL_NO_SSL3
+ 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+ 				PY_SSL_VERSION_SSL3);
++#endif
+ 	PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+ 				PY_SSL_VERSION_SSL23);
+ 	PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.2.1/Python-3.2.1/010_ssl_no_ssl3.patch

@@ -0,0 +1,101 @@
+diff -r -u ../Python-3.2.1.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.2.1.orig/Lib/ssl.py	2011-07-09 06:58:49.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 07:06:01.609146268 +0000
+@@ -62,32 +62,30 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import _SSLContext, SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
+-from _ssl import HAS_SNI
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++from _ssl import RAND_status, RAND_add
+ try:
+-    from _ssl import PROTOCOL_SSLv2
++    from _ssl import RAND_egd
+ except ImportError:
++    # LibreSSL does not provide RAND_egd
+     pass
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
++from _ssl import HAS_SNI
++
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
++
++try:
++	_SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++except NameError:
++	_SSLv2_IF_EXISTS = None
+ 
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+@@ -545,7 +543,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.2.1.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.2.1.orig/Modules/_ssl.c	2011-07-09 06:58:54.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 07:04:34.878266042 +0000
+@@ -66,7 +66,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -1450,8 +1452,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         ctx = SSL_CTX_new(TLSv1_method());
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         ctx = SSL_CTX_new(SSLv3_method());
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         ctx = SSL_CTX_new(SSLv2_method());
+@@ -2118,8 +2122,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.2.2/Python-3.2.2/010_ssl_no_ssl3.patch

@@ -0,0 +1,102 @@
+diff -r -u ../Python-3.2.2.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.2.2.orig/Lib/ssl.py	2011-09-03 16:16:42.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 07:01:09.947260656 +0000
+@@ -62,34 +62,30 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import _SSLContext, SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
++from _ssl import RAND_status, RAND_add
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
+ from _ssl import HAS_SNI
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+ from _ssl import _OPENSSL_API_VERSION
+ 
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
+ try:
+-    from _ssl import PROTOCOL_SSLv2
+-except ImportError:
+-    pass
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
++	_SSLv2_IF_EXISTS = PROTOCOL_SSLv2
++except NameError:
++	_SSLv2_IF_EXISTS = None
+ 
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+@@ -547,7 +543,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.2.2.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.2.2.orig/Modules/_ssl.c	2011-09-03 16:16:46.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 06:59:12.632993190 +0000
+@@ -66,7 +66,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -1450,8 +1452,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         ctx = SSL_CTX_new(TLSv1_method());
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         ctx = SSL_CTX_new(SSLv3_method());
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         ctx = SSL_CTX_new(SSLv2_method());
+@@ -2136,8 +2140,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.2.3/Python-3.2.3/010_ssl_no_ssl3.patch

@@ -0,0 +1,100 @@
+diff -r -u ../Python-3.2.6.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.2.6.orig/Lib/ssl.py	2014-10-12 06:52:02.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 06:40:11.895384463 +0000
+@@ -62,35 +62,30 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import _SSLContext, SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1
+ from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
+ from _ssl import HAS_SNI
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+ from _ssl import _OPENSSL_API_VERSION
+ 
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
+ try:
+-    from _ssl import PROTOCOL_SSLv2
+     _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
+-except ImportError:
++except NameError:
+     _SSLv2_IF_EXISTS = None
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
+ 
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+@@ -557,7 +552,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.2.6.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.2.6.orig/Modules/_ssl.c	2014-10-12 06:52:03.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 06:37:10.124337227 +0000
+@@ -66,7 +66,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -1512,8 +1514,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         ctx = SSL_CTX_new(TLSv1_method());
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         ctx = SSL_CTX_new(SSLv3_method());
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         ctx = SSL_CTX_new(SSLv2_method());
+@@ -2199,8 +2203,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.2.4/Python-3.2.4/010_ssl_no_ssl3.patch

@@ -0,0 +1,100 @@
+diff -r -u ../Python-3.2.6.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.2.6.orig/Lib/ssl.py	2014-10-12 06:52:02.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 06:40:11.895384463 +0000
+@@ -62,35 +62,30 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import _SSLContext, SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1
+ from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
+ from _ssl import HAS_SNI
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+ from _ssl import _OPENSSL_API_VERSION
+ 
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
+ try:
+-    from _ssl import PROTOCOL_SSLv2
+     _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
+-except ImportError:
++except NameError:
+     _SSLv2_IF_EXISTS = None
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
+ 
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+@@ -557,7 +552,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.2.6.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.2.6.orig/Modules/_ssl.c	2014-10-12 06:52:03.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 06:37:10.124337227 +0000
+@@ -66,7 +66,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -1512,8 +1514,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         ctx = SSL_CTX_new(TLSv1_method());
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         ctx = SSL_CTX_new(SSLv3_method());
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         ctx = SSL_CTX_new(SSLv2_method());
+@@ -2199,8 +2203,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.2.5/Python-3.2.5/010_ssl_no_ssl3.patch

@@ -0,0 +1,100 @@
+diff -r -u ../Python-3.2.6.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.2.6.orig/Lib/ssl.py	2014-10-12 06:52:02.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 06:40:11.895384463 +0000
+@@ -62,35 +62,30 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import _SSLContext, SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1
+ from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
+ from _ssl import HAS_SNI
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+ from _ssl import _OPENSSL_API_VERSION
+ 
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
+ try:
+-    from _ssl import PROTOCOL_SSLv2
+     _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
+-except ImportError:
++except NameError:
+     _SSLv2_IF_EXISTS = None
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
+ 
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+@@ -557,7 +552,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.2.6.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.2.6.orig/Modules/_ssl.c	2014-10-12 06:52:03.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 06:37:10.124337227 +0000
+@@ -66,7 +66,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -1512,8 +1514,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         ctx = SSL_CTX_new(TLSv1_method());
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         ctx = SSL_CTX_new(SSLv3_method());
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         ctx = SSL_CTX_new(SSLv2_method());
+@@ -2199,8 +2203,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.2.6/Python-3.2.6/010_ssl_no_ssl3.patch

@@ -0,0 +1,100 @@
+diff -r -u ../Python-3.2.6.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.2.6.orig/Lib/ssl.py	2014-10-12 06:52:02.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 06:40:11.895384463 +0000
+@@ -62,35 +62,30 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import _SSLContext, SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1
+ from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
+ from _ssl import HAS_SNI
+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
+ from _ssl import _OPENSSL_API_VERSION
+ 
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
+ try:
+-    from _ssl import PROTOCOL_SSLv2
+     _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
+-except ImportError:
++except NameError:
+     _SSLv2_IF_EXISTS = None
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
+ 
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+@@ -557,7 +552,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.2.6.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.2.6.orig/Modules/_ssl.c	2014-10-12 06:52:03.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 06:37:10.124337227 +0000
+@@ -66,7 +66,9 @@
+ #ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3=1,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -1512,8 +1514,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         ctx = SSL_CTX_new(TLSv1_method());
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         ctx = SSL_CTX_new(SSLv3_method());
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         ctx = SSL_CTX_new(SSLv2_method());
+@@ -2199,8 +2203,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.2/Python-3.2/001_openssl_no_ssl2.patch

@@ -1,75 +0,0 @@
-diff -r -u ./Lib/ssl.py ../Python-3.2/Lib/ssl.py
---- ./Lib/ssl.py	2010-10-23 03:19:07.000000000 +0900
-+++ ../Python-3.2/Lib/ssl.py	2013-05-23 11:56:30.000000000 +0900
-@@ -62,8 +62,20 @@
- from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
- from _ssl import _SSLContext, SSLError
- from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
--from _ssl import (PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23,
-+from _ssl import (PROTOCOL_SSLv3, PROTOCOL_SSLv23,
-                   PROTOCOL_TLSv1)
-+_PROTOCOL_NAMES = {
-+    PROTOCOL_TLSv1: "TLSv1",
-+    PROTOCOL_SSLv23: "SSLv23",
-+    PROTOCOL_SSLv3: "SSLv3",
-+}
-+try:
-+    from _ssl import PROTOCOL_SSLv2
-+    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
-+except ImportError:
-+    _SSLv2_IF_EXISTS = None
-+else:
-+    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
- from _ssl import OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1
- from _ssl import RAND_status, RAND_egd, RAND_add
- from _ssl import (
-@@ -537,13 +549,4 @@
-     return DER_cert_to_PEM_cert(dercert)
- 
- def get_protocol_name(protocol_code):
--    if protocol_code == PROTOCOL_TLSv1:
--        return "TLSv1"
--    elif protocol_code == PROTOCOL_SSLv23:
--        return "SSLv23"
--    elif protocol_code == PROTOCOL_SSLv2:
--        return "SSLv2"
--    elif protocol_code == PROTOCOL_SSLv3:
--        return "SSLv3"
--    else:
--        return "<unknown>"
-+    return _PROTOCOL_NAMES.get(protocol_code, '<unknown>')
-diff -r -u ./Modules/_ssl.c ../Python-3.2/Modules/_ssl.c
---- ./Modules/_ssl.c	2011-01-29 20:31:20.000000000 +0900
-+++ ../Python-3.2/Modules/_ssl.c	2013-05-23 11:57:44.000000000 +0900
-@@ -63,7 +63,9 @@
- };
- 
- enum py_ssl_version {
-+#ifndef OPENSSL_NO_SSL2
-     PY_SSL_VERSION_SSL2,
-+#endif
-     PY_SSL_VERSION_SSL3,
-     PY_SSL_VERSION_SSL23,
-     PY_SSL_VERSION_TLS1
-@@ -1450,8 +1452,10 @@
-         ctx = SSL_CTX_new(TLSv1_method());
-     else if (proto_version == PY_SSL_VERSION_SSL3)
-         ctx = SSL_CTX_new(SSLv3_method());
-+#ifndef OPENSSL_NO_SSL2
-     else if (proto_version == PY_SSL_VERSION_SSL2)
-         ctx = SSL_CTX_new(SSLv2_method());
-+#endif
-     else if (proto_version == PY_SSL_VERSION_SSL23)
-         ctx = SSL_CTX_new(SSLv23_method());
-     else
-@@ -2110,8 +2114,10 @@
-                             PY_SSL_CERT_REQUIRED);
- 
-     /* protocol versions */
-+#ifndef OPENSSL_NO_SSL2
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
-                             PY_SSL_VERSION_SSL2);
-+#endif
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
-                             PY_SSL_VERSION_SSL3);
-     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",

plugins/python-build/share/python-build/patches/3.2/Python-3.2/010_ssl_no_ssl2_no_ssl3.patch

@@ -0,0 +1,100 @@
+diff -r -u ../Python-3.2.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.2.orig/Lib/ssl.py	2010-10-22 18:19:07.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 07:12:00.759323661 +0000
+@@ -62,23 +62,26 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import _SSLContext, SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import (PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23,
+-                  PROTOCOL_TLSv1)
+-from _ssl import OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1
+-from _ssl import RAND_status, RAND_egd, RAND_add
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
++from _ssl import RAND_status, RAND_add
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
+ from _ssl import HAS_SNI
+ 
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
++
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+ from socket import socket, AF_INET, SOCK_STREAM
+@@ -518,7 +521,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.2.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.2.orig/Modules/_ssl.c	2011-01-29 11:31:20.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 07:10:38.285929662 +0000
+@@ -63,8 +63,12 @@
+ };
+ 
+ enum py_ssl_version {
++#ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PY_SSL_VERSION_SSL3,
++#endif
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+ };
+@@ -1448,10 +1452,14 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         ctx = SSL_CTX_new(TLSv1_method());
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         ctx = SSL_CTX_new(SSLv3_method());
++#endif
++#ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         ctx = SSL_CTX_new(SSLv2_method());
++#endif
+     else if (proto_version == PY_SSL_VERSION_SSL23)
+         ctx = SSL_CTX_new(SSLv23_method());
+     else
+@@ -2110,10 +2118,14 @@
+                             PY_SSL_CERT_REQUIRED);
+ 
+     /* protocol versions */
++#ifndef OPENSSL_NO_SSL2
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
++#endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

plugins/python-build/share/python-build/patches/3.3.0/Python-3.3.0/010_ssl_no_ssl3.patch

@@ -0,0 +1,102 @@
+diff -r -u ../Python-3.3.6.orig/Lib/ssl.py ./Lib/ssl.py
+--- ../Python-3.3.6.orig/Lib/ssl.py	2014-10-12 07:03:53.000000000 +0000
++++ ./Lib/ssl.py	2015-12-20 06:43:59.175134734 +0000
+@@ -66,47 +66,32 @@
+     SSLSyscallError, SSLEOFError,
+     )
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import (
+-    OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1,
+-    OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE
+-    )
+-try:
+-    from _ssl import OP_NO_COMPRESSION
+-except ImportError:
+-    pass
++from _ssl import RAND_status, RAND_add, RAND_bytes, RAND_pseudo_bytes
+ try:
+-    from _ssl import OP_SINGLE_ECDH_USE
++    from _ssl import RAND_egd
+ except ImportError:
++    # LibreSSL does not provide RAND_egd
+     pass
+-from _ssl import RAND_status, RAND_egd, RAND_add, RAND_bytes, RAND_pseudo_bytes
+-from _ssl import (
+-    SSL_ERROR_ZERO_RETURN,
+-    SSL_ERROR_WANT_READ,
+-    SSL_ERROR_WANT_WRITE,
+-    SSL_ERROR_WANT_X509_LOOKUP,
+-    SSL_ERROR_SYSCALL,
+-    SSL_ERROR_SSL,
+-    SSL_ERROR_WANT_CONNECT,
+-    SSL_ERROR_EOF,
+-    SSL_ERROR_INVALID_ERROR_CODE,
+-    )
++
++def _import_symbols(prefix):
++    for n in dir(_ssl):
++        if n.startswith(prefix):
++            globals()[n] = getattr(_ssl, n)
++
++_import_symbols('OP_')
++_import_symbols('SSL_ERROR_')
++_import_symbols('PROTOCOL_')
++
+ from _ssl import HAS_SNI, HAS_ECDH, HAS_NPN
+-from _ssl import (PROTOCOL_SSLv3, PROTOCOL_SSLv23,
+-                  PROTOCOL_TLSv1)
++
+ from _ssl import _OPENSSL_API_VERSION
+ 
+-_PROTOCOL_NAMES = {
+-    PROTOCOL_TLSv1: "TLSv1",
+-    PROTOCOL_SSLv23: "SSLv23",
+-    PROTOCOL_SSLv3: "SSLv3",
+-}
++_PROTOCOL_NAMES = {value: name for name, value in globals().items() if name.startswith('PROTOCOL_')}
++
+ try:
+-    from _ssl import PROTOCOL_SSLv2
+     _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
+-except ImportError:
++except NameError:
+     _SSLv2_IF_EXISTS = None
+-else:
+-    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
+ 
+ from socket import getnameinfo as _getnameinfo
+ from socket import error as socket_error
+@@ -664,7 +649,7 @@
+     d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
+     return base64.decodebytes(d.encode('ASCII', 'strict'))
+ 
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+     """Retrieve the certificate from the server at the specified address,
+     and return it as a PEM-encoded string.
+     If 'ca_certs' is specified, validate the server cert against it.
+diff -r -u ../Python-3.3.6.orig/Modules/_ssl.c ./Modules/_ssl.c
+--- ../Python-3.3.6.orig/Modules/_ssl.c	2014-10-12 07:03:53.000000000 +0000
++++ ./Modules/_ssl.c	2015-12-20 06:42:45.773667904 +0000
+@@ -1746,8 +1746,10 @@
+     PySSL_BEGIN_ALLOW_THREADS
+     if (proto_version == PY_SSL_VERSION_TLS1)
+         ctx = SSL_CTX_new(TLSv1_method());
++#ifndef OPENSSL_NO_SSL3
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         ctx = SSL_CTX_new(SSLv3_method());
++#endif
+ #ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         ctx = SSL_CTX_new(SSLv2_method());
+@@ -2842,8 +2844,10 @@
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+ #endif
++#ifndef OPENSSL_NO_SSL3
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
++#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
+                             PY_SSL_VERSION_SSL23);
+     PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",