diff options
author | Guido van Rossum <guido@python.org> | 2013-10-16 08:35:41 -0700 |
---|---|---|
committer | Guido van Rossum <guido@python.org> | 2013-10-16 08:35:41 -0700 |
commit | 32d68ad7bcac289075b6fb9dce098236ed283eb0 (patch) | |
tree | b148511e5e0a22ec656bcbf54aaa729e73b084c3 | |
parent | 5da72a85634fa05fd285c8b9d172552c207f4bcf (diff) | |
download | trollius-32d68ad7bcac289075b6fb9dce098236ed283eb0.tar.gz |
Add OP_NO_SSLv2 to default SSLContext options.
-rw-r--r-- | tulip/selector_events.py | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/tulip/selector_events.py b/tulip/selector_events.py index 40d7068..548c504 100644 --- a/tulip/selector_events.py +++ b/tulip/selector_events.py @@ -517,7 +517,10 @@ class _SelectorSslTransport(_SelectorTransport): sslcontext, ssl.SSLContext), 'Must pass an SSLContext' else: # Client-side may pass ssl=True to use a default context. - sslcontext = sslcontext or ssl.SSLContext(ssl.PROTOCOL_SSLv23) + # The default is the same as used by urllib. + if sslcontext is None: + sslcontext = ssl.SSLContext(ssl.PROTOCOL_SSLv23) + sslcontext.options |= ssl.OP_NO_SSLv2 wrap_kwargs = { 'server_side': server_side, 'do_handshake_on_connect': False, |