mirror of
https://github.com/jlu5/PyLink.git
synced 2024-11-27 21:19:31 +01:00
Irc: forcibly disable SSLv2 and SSLv3
This commit is contained in:
parent
e966fe7e56
commit
0fbf9e165c
10
classes.py
10
classes.py
@ -199,9 +199,13 @@ class Irc():
|
|||||||
keyfile = self.serverdata.get('ssl_keyfile')
|
keyfile = self.serverdata.get('ssl_keyfile')
|
||||||
if certfile and keyfile:
|
if certfile and keyfile:
|
||||||
try:
|
try:
|
||||||
self.socket = ssl.wrap_socket(self.socket,
|
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
|
||||||
certfile=certfile,
|
# Disable SSLv2 and SSLv3 - these are insecure
|
||||||
keyfile=keyfile)
|
context.options |= ssl.OP_NO_SSLv2
|
||||||
|
context.options |= ssl.OP_NO_SSLv3
|
||||||
|
context.load_cert_chain(certfile, keyfile)
|
||||||
|
self.socket = context.wrap_socket(self.socket)
|
||||||
|
|
||||||
except OSError:
|
except OSError:
|
||||||
log.exception('(%s) Caught OSError trying to '
|
log.exception('(%s) Caught OSError trying to '
|
||||||
'initialize the SSL connection; '
|
'initialize the SSL connection; '
|
||||||
|
Loading…
Reference in New Issue
Block a user