diff options
author | Jonah BrĂ¼chert <jbb@kaidan.im> | 2024-02-01 12:07:24 +0100 |
---|---|---|
committer | Jonah BrĂ¼chert <jbb@kaidan.im> | 2024-02-01 12:13:39 +0100 |
commit | c7b3b32e5768a165bbc156f8abb12af428152ee3 (patch) | |
tree | 2a5a420e949cee95f91150f5e596517d9b9cb5c3 /src/lib/Bcfg2/Client/Proxy.py | |
parent | e7eaa48daf65046dedc97574cf433296e27db5bd (diff) | |
download | bcfg2-c7b3b32e5768a165bbc156f8abb12af428152ee3.tar.gz bcfg2-c7b3b32e5768a165bbc156f8abb12af428152ee3.tar.bz2 bcfg2-c7b3b32e5768a165bbc156f8abb12af428152ee3.zip |
Apply changes from the magically working debian package
Diffstat (limited to 'src/lib/Bcfg2/Client/Proxy.py')
-rw-r--r-- | src/lib/Bcfg2/Client/Proxy.py | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/src/lib/Bcfg2/Client/Proxy.py b/src/lib/Bcfg2/Client/Proxy.py index 9ffae49d8..dd841dd08 100644 --- a/src/lib/Bcfg2/Client/Proxy.py +++ b/src/lib/Bcfg2/Client/Proxy.py @@ -21,7 +21,9 @@ except ImportError: version = sys.version_info[:2] has_py26 = version >= (2, 6) has_py32 = version >= (3, 2) +has_py34 = version >= (3, 4) has_py36 = version >= (3, 6) +has_py310 = version >= (3, 10) __all__ = ["ComponentProxy", "RetryMethod", @@ -200,8 +202,12 @@ class SSLHTTPConnection(httplib.HTTPConnection): elif self.protocol == 'xmlrpc/tlsv1': ssl_protocol_ver = ssl.PROTOCOL_TLSv1 elif self.protocol == 'xmlrpc/tls': - if has_py36: + if has_py310: + ssl_protocol_ver = ssl.PROTOCOL_TLS_SERVER + elif has_py36: ssl_protocol_ver = ssl.PROTOCOL_TLS + elif has_py34: + ssl_protocol_ver = ssl.PROTOCOL_TLSv1_2 else: self.logger.warning("Cannot use PROTOCOL_TLS, due to " "python version. Switching to " @@ -229,9 +235,9 @@ class SSLHTTPConnection(httplib.HTTPConnection): rawsock.settimeout(self.timeout) self.sock = ssl.wrap_socket(rawsock, cert_reqs=other_side_required, - ca_certs=self.ca, suppress_ragged_eofs=True, - keyfile=self.key, certfile=self.cert, - ssl_version=ssl_protocol_ver) + ca_certs=self.ca, suppress_ragged_eofs=True, + keyfile=self.key, certfile=self.cert, + ssl_version=ssl_protocol_ver) self.sock.connect((self.host, self.port)) peer_cert = self.sock.getpeercert() if peer_cert and self.scns: |