Incorrect SSL guarded code (`OPENSSL_VERSION` used instead of `OPENSSL_VERSION_NUMBER`)

[botovq]

Bug report

Bug description:

The OPENSSL_VERSION < 0x101010cf check introduced in the ssl module in #24899 is always true since OPENSSL_VERSION is a parameter for the OpenSSL_version() API and happens to be defined to 0. For this check to work as intended, it should be using OPENSSL_VERSION_NUMBER instead.

cpython/Modules/_ssl.c

Lines 939 to 946 in ff7bb56

	/* bpo43522 and OpenSSL < 1.1.1l: copy hostflags manually */
	#if OPENSSL_VERSION < 0x101010cf
	X509_VERIFY_PARAM *ssl_verification_params = SSL_get0_param(self->ssl);
	X509_VERIFY_PARAM *ssl_ctx_verification_params = SSL_CTX_get0_param(ctx);
	unsigned int ssl_ctx_host_flags = X509_VERIFY_PARAM_get_hostflags(ssl_ctx_verification_params);
	X509_VERIFY_PARAM_set_hostflags(ssl_verification_params, ssl_ctx_host_flags);
	#endif

This is harmless since this stanza is a noop for modern OpenSSL, but should probably still be fixed.

CPython versions tested on:

CPython main branch

Operating systems tested on:

No response

Linked PRs

• gh-139929: fix incorrect OpenSSL version-based guard in _ssl.c #139945
• [3.14] gh-139929: fix incorrect OpenSSL version-based guard in _ssl.c (GH-139945) #139964

[gpshead]

thanks!