passed from the Hub end of the connection.
ssl_version : int, optional
- Which version of the SSL protocol to use. Typically, the server
- chooses a particular protocol version, and the client must adapt to
- the server's choice. Most of the versions are not interoperable with
- the other versions. If not specified the default SSL version is
- `ssl.PROTOCOL_SSLv23`. This version provides the most compatibility
- with other versions Hub side. Other SSL protocol versions are:
- `ssl.PROTOCOL_SSLv2`, `ssl.PROTOCOL_SSLv3` and `ssl.PROTOCOL_TLSv1`.
+ Which version of the SSL protocol to use. Typically, the
+ server chooses a particular protocol version, and the client
+ must adapt to the server's choice. Most of the versions are
+ not interoperable with the other versions. If not specified,
+ the default SSL version is taken from the default in the
+ installed version of the Python standard `ssl` library. See
+ the `ssl` documentation for more information.
callable : bool, optional
Whether the client can receive calls and notifications. If set to
if description is not None:
metadata["samp.description.text"] = description
- if SSL_SUPPORT and ssl_version is None:
- ssl_version = ssl.PROTOCOL_SSLv23
-
self._metadata = metadata
self._addr = addr
passed from the Hub end of the connection.
ssl_version : int, optional
- The ``ssl_version`` option specifies which version of the SSL protocol
- to use. Typically, the server chooses a particular protocol version,
- and the client must adapt to the server's choice. Most of the versions
- are not interoperable with the other versions. If not specified the
- default SSL version is `ssl.PROTOCOL_SSLv23`. This version provides
- the most compatibility with other versions client side. Other SSL
- protocol versions are: `ssl.PROTOCOL_SSLv2`, `ssl.PROTOCOL_SSLv3` and
- `ssl.PROTOCOL_TLSv1`.
+ The ``ssl_version`` option specifies which version of the SSL
+ protocol to use. Typically, the server chooses a particular
+ protocol version, and the client must adapt to the server's
+ choice. Most of the versions are not interoperable with the
+ other versions. If not specified, the default SSL version is
+ taken from the default in the installed version of the Python
+ standard `ssl` library. See the `ssl` documentation for more
+ information.
web_profile : bool, optional
Enables or disables the Web Profile support.
self._client_timeout = client_timeout
self._pool_size = pool_size
- if SSL_SUPPORT and ssl_version is None:
- ssl_version = ssl.PROTOCOL_SSLv23
-
self._web_profile = web_profile
self._web_profile_server = None
self._web_profile_callbacks = {}
certificate passed from the Hub end of the connection.
ssl_version : int, optional
- Which version of the SSL protocol to use. Typically, the server
- chooses a particular protocol version, and the client must adapt
- to the server's choice. Most of the versions are not interoperable
- with the other versions. If not specified the default SSL version
- is `ssl.PROTOCOL_SSLv3`. This version provides the most
- compatibility with other versions server side. Other SSL protocol
- versions are: `ssl.PROTOCOL_SSLv2`, `ssl.PROTOCOL_SSLv3` and
- `ssl.PROTOCOL_TLSv1`.
+ Which version of the SSL protocol to use. Typically, the
+ server chooses a particular protocol version, and the
+ client must adapt to the server's choice. Most of the
+ versions are not interoperable with the other versions. If
+ not specified, the default SSL version is taken from the
+ default in the installed version of the Python standard
+ `ssl` library. See the `ssl` documentation for more
+ information.
pool_size : int, optional
The number of socket connections opened to communicate with the
self._connected = False
self.lockfile = {}
- if SSL_SUPPORT and ssl_version is None:
- ssl_version = ssl.PROTOCOL_SSLv3
-
if hub is not None and hub_params is not None:
raise ValueError("Cannot specify both hub and hub_params")
"SSL protocol to use. Typically, the server chooses a particular "
"protocol version, and the client must adapt to the server's choice. "
"Most of the versions are not interoperable with the other versions. "
- "If not specified the default SSL version is SSLv23. This version "
- "provides the most compatibility with other versions client side. "
- "Other SSL protocol versions are: SSLv2, SSLv3 and TLSv1.",
- type=str, choices=["SSLv23", "SSLv2", "SSLv3", "TLSv1"], default="SSLv23")
+ "If not specified the default SSL version is taken from the default in "
+ "the Python standard `ssl` library for the version of Python that is "
+ "installed. Other SSL protocol versions are: SSLv2, SSLv3, SSLv23, "
+ "TLSv1, TLSv1_1, TLSv1_2 but not all of them may be available on all "
+ "versions of Python.",
+ type=str,
+ choices=["SSLv23", "SSLv2", "SSLv3", "TLSv1", "TLSv1_1", "TLSv1_2"],
+ default=None)
parser.add_argument_group(ssl_group)
else:
options.cert_reqs = ssl.CERT_NONE
- if options.ssl_version == "SSLv2":
- options.ssl_version = ssl.PROTOCOL_SSLv2
- elif options.ssl_version == "SSLv3":
- options.ssl_version = ssl.PROTOCOL_SSLv3
- elif options.ssl_version == "TLSv1":
- options.ssl_version = ssl.PROTOCOL_TLSv1
- else:
- options.ssl_version = ssl.PROTOCOL_SSLv23
+ if options.ssl_version is not None:
+ if hasattr(ssl, 'PROTOCOL_' + options.ssl_version):
+ options.ssl_version = getattr(
+ ssl, 'PROTOCOL_' + options.ssl_version)
+ else:
+ raise ValueError(
+ "SSL protocol '{0}' not supported on this version of "
+ "Python".format(options.ssl_version))
if options.loglevel in ("OFF", "ERROR", "WARNING", "DEBUG", "INFO"):
log.setLevel(options.loglevel)
passed from the Hub end of the connection.
ssl_version : int, optional
- Which version of the SSL protocol to use. Typically, the server chooses
- a particular protocol version, and the client must adapt to the
- server's choice. Most of the versions are not interoperable with the
- other versions. If not specified the default SSL version is
- `ssl.PROTOCOL_SSLv23`. This version provides the most compatibility
- with other versions Hub side. Other SSL protocol versions are:
- `ssl.PROTOCOL_SSLv2`, `ssl.PROTOCOL_SSLv3` and `ssl.PROTOCOL_TLSv1`.
+ Which version of the SSL protocol to use. Typically, the
+ server chooses a particular protocol version, and the client
+ must adapt to the server's choice. Most of the versions are
+ not interoperable with the other versions. If not specified,
+ the default SSL version is taken from the default in the
+ installed version of the Python standard `ssl` library. See
+ the `ssl` documentation for more information.
callable : bool, optional
Whether the client can receive calls and notifications. If set to
certificate passed from the Hub end of the connection.
ssl_version : int, optional
- Which version of the SSL protocol to use. Typically, the server
- chooses a particular protocol version, and the client must adapt
- to the server's choice. Most of the versions are not interoperable
- with the other versions. If not specified the default SSL version
- is `ssl.PROTOCOL_SSLv3`. This version provides the most
- compatibility with other versions server side. Other SSL protocol
- versions are: `ssl.PROTOCOL_SSLv2`, `ssl.PROTOCOL_SSLv3` and
- `ssl.PROTOCOL_TLSv1`.
+ Which version of the SSL protocol to use. Typically, the
+ server chooses a particular protocol version, and the
+ client must adapt to the server's choice. Most of the
+ versions are not interoperable with the other versions. If
+ not specified, the default SSL version is taken from the
+ default in the installed version of the Python standard
+ `ssl` library. See the `ssl` documentation for more
+ information.
pool_size : int, optional
The number of socket connections opened to communicate with the
def __init__(self, host, port=None, key_file=None, cert_file=None,
cert_reqs=ssl.CERT_NONE, ca_certs=None,
- ssl_version=ssl.PROTOCOL_SSLv3, strict=None):
+ ssl_version=None, strict=None):
HTTPConnection.__init__(self, host, port, strict)
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((self.host, self.port))
- sslconn = ssl.wrap_socket(sock, server_side=False,
- certfile=self.cert_file,
- keyfile=self.key_file,
- cert_reqs=self.cert_reqs,
- ca_certs=self.ca_certs,
- ssl_version=self.ssl_version)
+ # We have to explicitly not pass the ssl_version to
+ # `ssl.wrap_socket` if it's None.
+ kwargs = {
+ 'server_size': False,
+ 'certfile': self.cert_file,
+ 'keyfile': self.key_file,
+ 'cert_reqs': self.cert_reqs,
+ 'ca_certs': self.ca_certs,
+ }
+ if self.ssl_version is not None:
+ kwargs['ssl_version'] = self.ssl_version
+ sslconn = ssl.wrap_socket(sock, **args)
self.sock = sslconn
class HTTPS(HTTP):
def __init__(self, host='', port=None, key_file=None, cert_file=None,
cert_reqs=ssl.CERT_NONE, ca_certs=None,
- ssl_version=ssl.PROTOCOL_SSLv3):
+ ssl_version=None):
# provide a default host, pass the X509 cert info
def __init__(self, key_file=None, cert_file=None,
cert_reqs=ssl.CERT_NONE, ca_certs=None,
- ssl_version=ssl.PROTOCOL_SSLv3, strict=None,
+ ssl_version=None, strict=None,
use_datetime=0):
xmlrpc.Transport.__init__(self, use_datetime)
def get_request(self):
# override this to wrap socket with SSL
sock, addr = self.socket.accept()
- sslconn = ssl.wrap_socket(sock, server_side=True,
- certfile=self.cert_file,
- keyfile=self.key_file,
- cert_reqs=self.cert_reqs,
- ca_certs=self.ca_certs,
- ssl_version=self.ssl_version)
+ # We have to explicitly not pass the ssl_version to
+ # `ssl.wrap_socket` if it's None.
+ kwargs = {
+ 'server_side': True,
+ 'certfile': self.cert_file,
+ 'keyfile': self.key_file,
+ 'cert_reqs': self.cert_reqs,
+ 'ca_certs': self.ca_certs
+ }
+ if self.ssl_version is not None:
+ kwargs['ssl_version'] = self.ssl_version
+ sslconn = ssl.wrap_socket(sock, **kwargs)
return sslconn, addr
projects / python-astropy.git / commitdiff