[issue22935] Disabling SSLv3 support
STINNER Victor
report at bugs.python.org
Fri Dec 12 14:23:26 CET 2014
STINNER Victor added the comment:
> Any of the other options such as PROTOCOL_TLSv1 will fix the protocol version to that one protocol version, whereas PROTOCOL_SSLv23 means to use any protocol starting with SSLv2. In the context options you can then disable SSLv2 and SSLv3 to e.g. have the connection use TLS 1.0 or later.
get_server_certificate() uses _create_unverified_context() (In Python
2.7, 3.4 & 3.5) which explicitly disable SSLv2 and SSLv3. I still have
trouble to understand which protocol will be negociated. We use SSLv3
and disable SSLv3, so the server can only use SSLv23. Am I right?
https://docs.python.org/dev/library/ssl.html#ssl.wrap_socket
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue22935>
_______________________________________
More information about the Python-bugs-list
mailing list