mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-09-28 11:15:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

bpo-32008: don't use PROTOCOL_TLSv1 in example (GH-5789)

Browse source 
It's bad form to pin to an old version of TLS. ssl.SSLContext has the right
protocol default, so let's not pass anyway.
(cherry picked from commit e9edee0b65)

Co-authored-by: Benjamin Peterson <benjamin@python.org>
This commit is contained in:
Miss Islington (bot) 2018-02-20 22:07:17 -08:00 committed by GitHub
parent 0150dc5894
commit f8a794c04c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Doc/library/ssl.rst
View file

@ -1634,7 +1634,7 @@ to speed up repeated connections from the same clients.
import socket, ssl
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
context = ssl.SSLContext()
context.verify_mode = ssl.CERT_REQUIRED
context.check_hostname = True
context.load_default_certs()
@ -1861,7 +1861,7 @@ If you prefer to tune security settings yourself, you might create
a context from scratch (but beware that you might not get the settings
right)::
>>> context = ssl.SSLContext(ssl.PROTOCOL_TLS)
>>> context = ssl.SSLContext()
>>> context.verify_mode = ssl.CERT_REQUIRED
>>> context.check_hostname = True
>>> context.load_verify_locations("/etc/ssl/certs/ca-bundle.crt")