LBRYFoundation/LBRY-Vault
1
0
Fork 0
mirror of https://github.com/LBRYFoundation/LBRY-Vault.git synced 2025-08-28 07:51:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #1381 from EagleTM/master

Browse source 
Use ssl.PROTOCOL_TLSv1 on client side to avoid SSLv23
This commit is contained in:
ThomasV 2015-07-31 12:43:05 +02:00
commit 58d131d7dd
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/interface.py
View file

@ -148,7 +148,7 @@ class TcpInterface(threading.Thread):
return return
# try with CA first # try with CA first
try: try:
s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv23, cert_reqs=ssl.CERT_REQUIRED, ca_certs=ca_path, do_handshake_on_connect=True) s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_TLSv1, cert_reqs=ssl.CERT_REQUIRED, ca_certs=ca_path, do_handshake_on_connect=True)
except ssl.SSLError, e: except ssl.SSLError, e:
s = None s = None
if s and check_host_name(s.getpeercert(), self.host): if s and check_host_name(s.getpeercert(), self.host):
@ -161,7 +161,7 @@ class TcpInterface(threading.Thread):
if s is None: if s is None:
return return
try: try:
s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv23, cert_reqs=ssl.CERT_NONE, ca_certs=None) s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_TLSv1, cert_reqs=ssl.CERT_NONE, ca_certs=None)
except ssl.SSLError, e: except ssl.SSLError, e:
self.print_error("SSL error retrieving SSL certificate:", e) self.print_error("SSL error retrieving SSL certificate:", e)
return return
@ -184,7 +184,7 @@ class TcpInterface(threading.Thread):
if self.use_ssl: if self.use_ssl:
try: try:
s = ssl.wrap_socket(s, s = ssl.wrap_socket(s,
ssl_version=ssl.PROTOCOL_SSLv23, ssl_version=ssl.PROTOCOL_TLSv1,
cert_reqs=ssl.CERT_REQUIRED, cert_reqs=ssl.CERT_REQUIRED,
ca_certs= (temporary_path if is_new else cert_path), ca_certs= (temporary_path if is_new else cert_path),
do_handshake_on_connect=True) do_handshake_on_connect=True)