Mercurial Repository: p/roundup/code: roundup/scripts/roundup

roundup-server native SSL support only TLS 1.2. 1.1 was suported but is deprecated.

author	John Rouillard <rouilj@ieee.org>
date	Thu, 30 Sep 2021 19:17:56 -0400
parents	1f2f7c0b8968
children	a036712c96f4

comparison

equal deleted inserted replaced

-:89c4fb277a49
+:7fb13dc67a41
 cert.get_subject().O = 'Roundup Dummy Certificate'
 cert.get_issuer().CN = 'Roundup Dummy Certificate Authority'
 cert.get_issuer().O = 'Self-Signed'
 cert.set_pubkey(pkey)
 cert.sign(pkey, 'sha512')
-ctx = SSL.Context(OpenSSL.SSL.TLSv1_1_METHOD)
+ctx = SSL.Context(OpenSSL.SSL.TLSv1_2_METHOD)
 ctx.use_privatekey(pkey)
 ctx.use_certificate(cert)
 return ctx
 def __init__(self, server_address, HandlerClass, ssl_pem=None):
 assert SSL, "pyopenssl not installed"
 http_.server.HTTPServer.__init__(self, server_address, HandlerClass)
 self.socket = socket.socket(self.address_family, self.socket_type)
 if ssl_pem:
-ctx = SSL.Context(SSL.TLSv1_1_METHOD)
+ctx = SSL.Context(SSL.TLSv1_2_METHOD)
 ctx.use_privatekey_file(ssl_pem)
 ctx.use_certificate_file(ssl_pem)
 else:
 ctx = auto_ssl()
 self.ssl_context = ctx

Mercurial > p > roundup > code