diff options
author | Mark Bishop <mbishop@duosecurity.com> | 2020-10-02 13:16:43 -0400 |
---|---|---|
committer | Mark Bishop <mbishop@duosecurity.com> | 2020-10-02 13:16:43 -0400 |
commit | e422658ad5e4a011f6a4cf16a6828b367e9ae69c (patch) | |
tree | a7e73c2e86b1a6d3c9b66bc5e064dec9fc3d7038 | |
parent | 1a21d2d023345f655c901b1c946aa1bc05dabd87 (diff) | |
download | openvpn-duo-plugin-e422658ad5e4a011f6a4cf16a6828b367e9ae69c.tar.gz openvpn-duo-plugin-e422658ad5e4a011f6a4cf16a6828b367e9ae69c.zip |
Disallow SSLv2 and SSLv3
-rw-r--r-- | https_wrapper.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/https_wrapper.py b/https_wrapper.py index 97c8f3c..2679aba 100644 --- a/https_wrapper.py +++ b/https_wrapper.py @@ -120,7 +120,7 @@ class CertValidatingHTTPSConnection(http_client.HTTPConnection): if self.cert_file: context.load_cert_chain(self.cert_file, keyfile=self.key_file) - context.options = self.cert_reqs + context.options = self.cert_reqs | ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3 self.sock = context.wrap_socket(self.sock, server_hostname=self.host) if self.cert_reqs & ssl.CERT_REQUIRED: |