diff options
author | minus <minus@mnus.de> | 2018-03-21 21:40:23 +0100 |
---|---|---|
committer | minus <minus@mnus.de> | 2018-03-21 21:40:23 +0100 |
commit | ea54b4f2f1a42b2e56ddfcfd2806c0465c7329b9 (patch) | |
tree | 06ef3c68c663235985d40896f59bc861c883cc81 /websocket/_http.py | |
parent | 230e6e87d940b61e79627ef81678db2332319063 (diff) | |
download | websocket-client-ea54b4f2f1a42b2e56ddfcfd2806c0465c7329b9.tar.gz |
Check if SSLContext supports loading default certs
This changes behavior. When creating a TLS connection, not specifying
cacert/capath and while on a Python version without load_default_certs,
creating the socket will not fail as before, but verifying the
connection will fail instead.
Diffstat (limited to 'websocket/_http.py')
-rw-r--r-- | websocket/_http.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/websocket/_http.py b/websocket/_http.py index 88c520b..0ed2c36 100644 --- a/websocket/_http.py +++ b/websocket/_http.py @@ -145,7 +145,7 @@ def _wrap_sni_socket(sock, sslopt, hostname, check_hostname): capath = sslopt.get('ca_cert_path', None) if cafile or capath: context.load_verify_locations(cafile=cafile, capath=capath) - else: + elif hasattr(context, 'load_default_certs'): context.load_default_certs(ssl.Purpose.SERVER_AUTH) if sslopt.get('certfile', None): context.load_cert_chain( |