Check if SSLContext supports loading default certs

This changes behavior. When creating a TLS connection, not specifying cacert/capath and while on a Python version without load_default_certs, creating the socket will not fail as before, but verifying the connection will fail instead.
author: minus <minus@mnus.de> 2018-03-21 21:40:23 +0100
committer: minus <minus@mnus.de> 2018-03-21 21:40:23 +0100
commit: ea54b4f2f1a42b2e56ddfcfd2806c0465c7329b9 (patch)
tree: 06ef3c68c663235985d40896f59bc861c883cc81 /websocket/_http.py
parent: 230e6e87d940b61e79627ef81678db2332319063 (diff)
download: websocket-client-ea54b4f2f1a42b2e56ddfcfd2806c0465c7329b9.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/websocket/_http.py b/websocket/_http.py
index 88c520b..0ed2c36 100644
--- a/websocket/_http.py
+++ b/websocket/_http.py
@@ -145,7 +145,7 @@ def _wrap_sni_socket(sock, sslopt, hostname, check_hostname):
         capath = sslopt.get('ca_cert_path', None)
         if cafile or capath:
             context.load_verify_locations(cafile=cafile, capath=capath)
-        else:
+        elif hasattr(context, 'load_default_certs'):
             context.load_default_certs(ssl.Purpose.SERVER_AUTH)
     if sslopt.get('certfile', None):
         context.load_cert_chain(
author	minus <minus@mnus.de>	2018-03-21 21:40:23 +0100
committer	minus <minus@mnus.de>	2018-03-21 21:40:23 +0100
commit	ea54b4f2f1a42b2e56ddfcfd2806c0465c7329b9 (patch)
tree	06ef3c68c663235985d40896f59bc861c883cc81 /websocket/_http.py
parent	230e6e87d940b61e79627ef81678db2332319063 (diff)
download	websocket-client-ea54b4f2f1a42b2e56ddfcfd2806c0465c7329b9.tar.gz