mirrors/youtube-dl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[utils] Do not make an exception for SSLv3

Browse Source 
SSLv3 is terminally vulnerable to POODLE; web browsers are currently deprecating/removing it.
Closes #4459, fixes #4294
This commit is contained in:
Philipp Hagemeister
2014-12-13 23:44:50 +01:00
parent a23669220a
commit 2128b696b8
1 changed files with 0 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
youtube_dl/utils.py
View File

@@ -390,7 +390,6 @@ def formatSeconds(secs):
def make_HTTPS_handler(opts_no_check_certificate, **kwargs): def make_HTTPS_handler(opts_no_check_certificate, **kwargs):
if hasattr(ssl, 'create_default_context'): # Python >= 3.4 or 2.7.9 if hasattr(ssl, 'create_default_context'): # Python >= 3.4 or 2.7.9
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
context.options &= ~ssl.OP_NO_SSLv3 # Allow older, not-as-secure SSLv3
if opts_no_check_certificate: if opts_no_check_certificate:
context.verify_mode = ssl.CERT_NONE context.verify_mode = ssl.CERT_NONE
try: try: