Issue #19735: Implement private function ssl._create_stdlib_context() to

create SSLContext objects in Python's stdlib module. It provides a single configuration point and makes use of SSLContext.load_default_certs().
2025-11-25 04:34:37 +00:00 · 2013-11-23 22:43:47 +01:00 · 2013-11-23 22:43:47 +01:00 · 67986f9431
commit 67986f9431
parent 32eddc1bbc
11 changed files with 100 additions and 55 deletions
--- a/Lib/poplib.py
+++ b/Lib/poplib.py
@ -385,8 +385,7 @@ class POP3:
        if not 'STLS' in caps:
            raise error_proto('-ERR STLS not supported by server')
        if context is None:
-            context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
-            context.options |= ssl.OP_NO_SSLv2
+            context = ssl._create_stdlib_context()
        resp = self._shortcmd('STLS')
        self.sock = context.wrap_socket(self.sock)
        self.file = self.sock.makefile('rb')
@ -421,15 +420,15 @@ if HAVE_SSL:
                                 "exclusive")
            self.keyfile = keyfile
            self.certfile = certfile
+            if context is None:
+                context = ssl._create_stdlib_context(certfile=certfile,
+                                                     keyfile=keyfile)
            self.context = context
            POP3.__init__(self, host, port, timeout)

        def _create_socket(self, timeout):
            sock = POP3._create_socket(self, timeout)
-            if self.context is not None:
-                sock = self.context.wrap_socket(sock)
-            else:
-                sock = ssl.wrap_socket(sock, self.keyfile, self.certfile)
+            sock = self.context.wrap_socket(sock)
            return sock

        def stls(self, keyfile=None, certfile=None, context=None):