summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKali Kaneko <kali@leap.se>2014-11-26 21:06:25 +0100
committerKali Kaneko <kali@leap.se>2014-11-27 21:54:52 +0100
commit4e90feb613da4f1f5221f3fed401d52dbf8f5e2b (patch)
tree70e01ce31138bcd3d764f989da39d32183053fb2
parent3526d37350c27487fb1e4c6664dc346006ef72f4 (diff)
force tls v1 in soledad client. Partially fixes #6437
-rw-r--r--client/changes/bug_6437_use_tls1
-rw-r--r--client/src/leap/soledad/client/__init__.py3
2 files changed, 3 insertions, 1 deletions
diff --git a/client/changes/bug_6437_use_tls b/client/changes/bug_6437_use_tls
new file mode 100644
index 00000000..7138d962
--- /dev/null
+++ b/client/changes/bug_6437_use_tls
@@ -0,0 +1 @@
+ o Use TLS v1 in soledad client. Fixes partially #6437
diff --git a/client/src/leap/soledad/client/__init__.py b/client/src/leap/soledad/client/__init__.py
index c76e4a4a..7267180b 100644
--- a/client/src/leap/soledad/client/__init__.py
+++ b/client/src/leap/soledad/client/__init__.py
@@ -811,7 +811,8 @@ class VerifiedHTTPSConnection(httplib.HTTPSConnection):
self.sock = ssl.wrap_socket(sock,
ca_certs=SOLEDAD_CERT,
- cert_reqs=ssl.CERT_REQUIRED)
+ cert_reqs=ssl.CERT_REQUIRED,
+ ssl_version=ssl.PROTOCOL_TLSv1)
match_hostname(self.sock.getpeercert(), self.host)