commit 614f3df4b83bf197e60a510269e71f5a32b36661
parent 97568bedf59d6c738b19691c81b2ecd74035c08c
Author: ThomasV <thomasv@electrum.org>
Date: Tue, 27 Oct 2015 10:44:36 +0100
Revert "Use ssl.PROTOCOL_TLSv1 on client side to avoid SSLv23"
This reverts commit 4731418af9d47084a2b88dad38bf2d279c392d9b.
Diffstat:
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/interface.py b/lib/interface.py
@@ -117,7 +117,7 @@ class TcpConnection(threading.Thread, util.PrintError):
return
# try with CA first
try:
- s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_TLSv1, cert_reqs=ssl.CERT_REQUIRED, ca_certs=ca_path, do_handshake_on_connect=True)
+ s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv23, cert_reqs=ssl.CERT_REQUIRED, ca_certs=ca_path, do_handshake_on_connect=True)
except ssl.SSLError, e:
s = None
if s and self.check_host_name(s.getpeercert(), self.host):
@@ -130,7 +130,7 @@ class TcpConnection(threading.Thread, util.PrintError):
if s is None:
return
try:
- s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_TLSv1, cert_reqs=ssl.CERT_NONE, ca_certs=None)
+ s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv23, cert_reqs=ssl.CERT_NONE, ca_certs=None)
except ssl.SSLError, e:
self.print_error("SSL error retrieving SSL certificate:", e)
return
@@ -153,7 +153,7 @@ class TcpConnection(threading.Thread, util.PrintError):
if self.use_ssl:
try:
s = ssl.wrap_socket(s,
- ssl_version=ssl.PROTOCOL_TLSv1,
+ ssl_version=ssl.PROTOCOL_SSLv23,
cert_reqs=ssl.CERT_REQUIRED,
ca_certs= (temporary_path if is_new else cert_path),
do_handshake_on_connect=True)
