mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-22 09:45:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 13

Issue #20896, #22935: The ssl.get_server_certificate() function now uses the

Browse source 
ssl.PROTOCOL_SSLv23 protocol by default, not ssl.PROTOCOL_SSLv3, for maximum
compatibility and support platforms where ssl.PROTOCOL_SSLv3 support is
disabled.
This commit is contained in:
Victor Stinner 2015-01-06 12:21:26 +01:00
parent 5819cfa5aa
commit 9d01717f37
2 changed files with 6 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Lib/ssl.py
View file

@ -922,7 +922,7 @@ def PEM_cert_to_DER_cert(pem_cert_string):
d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
return base64.decodebytes(d.encode('ASCII', 'strict'))
def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
"""Retrieve the certificate from the server at the specified address,
and return it as a PEM-encoded string.
If 'ca_certs' is specified, validate the server cert against it.