1
0
mirror of https://github.com/openSUSE/osc.git synced 2024-12-25 17:36:13 +01:00

Merge pull request #1172 from dmach/mute-deprecation-warnings-tls-ssl

Mute ssl/tls deprecation warnings
This commit is contained in:
Daniel Mach 2022-10-20 20:30:50 +02:00 committed by GitHub
commit dbe75fe324
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -28,10 +28,15 @@ def create_ssl_context():
but we restrict crypto even more.
"""
ssl_context = create_urllib3_context()
ssl_context.options |= ssl.OP_NO_SSLv2
ssl_context.options |= ssl.OP_NO_SSLv3
ssl_context.options |= ssl.OP_NO_TLSv1
ssl_context.options |= ssl.OP_NO_TLSv1_1
# we consider anything older than TLSv1_2 insecure
if sys.version_info <= (3, 6):
# deprecated since py3.7
ssl_context.options |= ssl.OP_NO_TLSv1
ssl_context.options |= ssl.OP_NO_TLSv1_1
else:
# raise minimum version if too low
if ssl_context.minimum_version < ssl.TLSVersion.TLSv1_2:
ssl_context.minimum_version = ssl.TLSVersion.TLSv1_2
return ssl_context