particle-os/debian-koji
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

use TLSv1. https://bugzilla.redhat.com/show_bug.cgi?id=1152823

Browse source
This commit is contained in:
Mike McLean 2014-10-15 10:54:31 -04:00
parent f6f7299dc2
commit 07d1eb8109
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
koji/ssl/SSLCommon.py
View file

@ -37,7 +37,7 @@ def CreateSSLContext(certs):
if f and not os.access(f, os.R_OK):
raise StandardError, "%s does not exist or is not readable" % f
ctx = SSL.Context(SSL.SSLv3_METHOD) # SSLv3 only
ctx = SSL.Context(SSL.TLSv1_METHOD) # TLS v1 only
ctx.use_certificate_file(key_and_cert)
ctx.use_privatekey_file(key_and_cert)
ctx.load_client_ca(ca_cert)
@ -45,7 +45,7 @@ def CreateSSLContext(certs):
verify = SSL.VERIFY_PEER | SSL.VERIFY_FAIL_IF_NO_PEER_CERT
ctx.set_verify(verify, our_verify)
ctx.set_verify_depth(10)
ctx.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_TLSv1)
ctx.set_options(SSL.OP_NO_SSLv3 | SSL.OP_NO_SSLv2 | SSL.OP_NO_TLSv1)
return ctx