diff options
author | Benjamin Peterson <benjamin@python.org> | 2018-02-21 05:55:01 (GMT) |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-02-21 05:55:01 (GMT) |
commit | e9edee0b65650c4f9db90cefc2e9a8125bad762c (patch) | |
tree | 8392bcbd58b6d8981fc33baf82f1d2f47104c92c | |
parent | 52c6b89796a7ec391db20281e05b256f57e97b35 (diff) | |
download | cpython-e9edee0b65650c4f9db90cefc2e9a8125bad762c.zip cpython-e9edee0b65650c4f9db90cefc2e9a8125bad762c.tar.gz cpython-e9edee0b65650c4f9db90cefc2e9a8125bad762c.tar.bz2 |
bpo-32008: don't use PROTOCOL_TLSv1 in example (GH-5789)
It's bad form to pin to an old version of TLS. ssl.SSLContext has the right
protocol default, so let's not pass anyway.
-rw-r--r-- | Doc/library/ssl.rst | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst index aa1075d..21da4f6 100644 --- a/Doc/library/ssl.rst +++ b/Doc/library/ssl.rst @@ -1707,7 +1707,7 @@ to speed up repeated connections from the same clients. import socket, ssl - context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) + context = ssl.SSLContext() context.verify_mode = ssl.CERT_REQUIRED context.check_hostname = True context.load_default_certs() @@ -1952,7 +1952,7 @@ If you prefer to tune security settings yourself, you might create a context from scratch (but beware that you might not get the settings right):: - >>> context = ssl.SSLContext(ssl.PROTOCOL_TLS) + >>> context = ssl.SSLContext() >>> context.verify_mode = ssl.CERT_REQUIRED >>> context.check_hostname = True >>> context.load_verify_locations("/etc/ssl/certs/ca-bundle.crt") |