mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-22 17:55:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

bpo-31346: Use PROTOCOL_TLS_CLIENT/SERVER (#3058)

Browse source 
Replaces PROTOCOL_TLSv* and PROTOCOL_SSLv23 with PROTOCOL_TLS_CLIENT and
PROTOCOL_TLS_SERVER.

Signed-off-by: Christian Heimes <christian@python.org>
This commit is contained in:
Christian Heimes 2017-09-15 20:27:30 +02:00 committed by GitHub
parent 4df60f18c6
commit a170fa162d
13 changed files with 321 additions and 310 deletions
Download patch file Download diff file Expand all files Collapse all files

7
Lib/ssl.py
View file

@ -522,7 +522,7 @@ def create_default_context(purpose=Purpose.SERVER_AUTH, *, cafile=None,
context.load_default_certs(purpose)
return context
def _create_unverified_context(protocol=PROTOCOL_TLS, *, cert_reqs=None,
def _create_unverified_context(protocol=PROTOCOL_TLS, *, cert_reqs=CERT_NONE,
check_hostname=False, purpose=Purpose.SERVER_AUTH,
certfile=None, keyfile=None,
cafile=None, capath=None, cadata=None):
@ -541,9 +541,12 @@ def _create_unverified_context(protocol=PROTOCOL_TLS, *, cert_reqs=None,
# by default.
context = SSLContext(protocol)
if not check_hostname:
context.check_hostname = False
if cert_reqs is not None:
context.verify_mode = cert_reqs
context.check_hostname = check_hostname
if check_hostname:
context.check_hostname = True
if keyfile and not certfile:
raise ValueError("certfile must be specified")