ssl.PROTOCOL_SSLv23 protocol by default, not ssl.PROTOCOL_SSLv3, for maximum compatibility and support platforms where ssl.PROTOCOL_SSLv3 support is disabled.
This commit is contained in:
Victor Stinner
parent
5819cfa5aa
commit
9d01717f37
|
|
@ -922,7 +922,7 @@ def PEM_cert_to_DER_cert(pem_cert_string):
|
|||
d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
|
||||
return base64.decodebytes(d.encode('ASCII', 'strict'))
|
||||
|
||||
def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
|
||||
def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
|
||||
"""Retrieve the certificate from the server at the specified address,
|
||||
and return it as a PEM-encoded string.
|
||||
If 'ca_certs' is specified, validate the server cert against it.
|
||||
|
|
|
|||
|
|
@ -44,6 +44,11 @@ Core and Builtins
|
|||
Library
|
||||
-------
|
||||
|
||||
- Issue #20896, #22935: The :func:`ssl.get_server_certificate` function now
|
||||
uses the :data:`~ssl.PROTOCOL_SSLv23` protocol by default, not
|
||||
:data:`~ssl.PROTOCOL_SSLv3`, for maximum compatibility and support platforms
|
||||
where :data:`~ssl.PROTOCOL_SSLv3` support is disabled.
|
||||
|
||||
- Issue #23111: In the ftplib, make ssl.PROTOCOL_SSLv23 the default protocol
|
||||
version.
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue