diff options
| author | Victor Stinner <victor.stinner@gmail.com> | 2015-01-06 12:21:26 +0100 |
|---|---|---|
| committer | Victor Stinner <victor.stinner@gmail.com> | 2015-01-06 12:21:26 +0100 |
| commit | 9d01717f373d0180e2804c827efbc40d8cf72063 (patch) | |
| tree | 44e46d4f050a3a0b35418df9a94917b08a0bd80d /Lib/ssl.py | |
| parent | 5819cfa5aa93e7fbb50fa70b1529d3d78e852fcb (diff) | |
| download | cpython-git-9d01717f373d0180e2804c827efbc40d8cf72063.tar.gz | |
Issue #20896, #22935: The ssl.get_server_certificate() function now uses the
ssl.PROTOCOL_SSLv23 protocol by default, not ssl.PROTOCOL_SSLv3, for maximum
compatibility and support platforms where ssl.PROTOCOL_SSLv3 support is
disabled.
Diffstat (limited to 'Lib/ssl.py')
| -rw-r--r-- | Lib/ssl.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Lib/ssl.py b/Lib/ssl.py index 392603c56d..3b667ff01a 100644 --- a/Lib/ssl.py +++ b/Lib/ssl.py @@ -922,7 +922,7 @@ def PEM_cert_to_DER_cert(pem_cert_string): d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)] return base64.decodebytes(d.encode('ASCII', 'strict')) -def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None): +def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None): """Retrieve the certificate from the server at the specified address, and return it as a PEM-encoded string. If 'ca_certs' is specified, validate the server cert against it. |