net: remove fallback implementation of ssl_wrap_socket.

We no longer support Python < 3.4.

src/utils/net.py

@@ -160,8 +160,7 @@ def check_certificate_fingerprint(conn, trusted_fingerprints):
             return
     raise ssl.CertificateError('No matching fingerprint.')
 
-if hasattr(ssl, 'create_default_context'):
-    def ssl_wrap_socket(conn, hostname, logger, certfile=None,
+def ssl_wrap_socket(conn, hostname, logger, certfile=None,
         trusted_fingerprints=None, verify=True, ca_file=None,
         **kwargs):
     context = ssl.create_default_context(**kwargs)
@@ -177,27 +176,5 @@ if hasattr(ssl, 'create_default_context'):
     if verify and trusted_fingerprints:
         check_certificate_fingerprint(conn, trusted_fingerprints)
     return conn
-else:
-    def ssl_wrap_socket(conn, hostname, logger, verify=True,
-            certfile=None,
-            ca_file=None, trusted_fingerprints=None):
-        # TLSv1.0 is the only TLS version Python < 2.7.9 supports
-        # (besides SSLv2 and v3, which are known to be insecure)
-        try:
-            conn = ssl.wrap_socket(conn,
-                    server_hostname=hostname,
-                    certfile=certfile, ca_certs=ca_file,
-                    ssl_version=ssl.PROTOCOL_TLSv1)
-        except TypeError: # server_hostname is not supported
-            conn = ssl.wrap_socket(conn,
-                    certfile=certfile, ca_certs=ca_file,
-                    ssl_version=ssl.PROTOCOL_TLSv1)
-        if trusted_fingerprints:
-            check_certificate_fingerprint(conn, trusted_fingerprints)
-        elif verify:
-            logger.critical('This Python version does not support SSL/TLS '
-                    'certification authority verification, which makes your '
-                    'connection vulnerable to man-in-the-middle attacks. See: '
-                    '<http://docs.limnoria.net/en/latest/use/security.html#ssl-python-versions>')
-        return conn
+
 # vim:set shiftwidth=4 softtabstop=4 expandtab textwidth=79: