parallelvirtualcluster/pvc
1
0
Fork 0
Code Issues 11 Pull Requests Projects Releases 115 Wiki Activity

Use proper SSLContext and enable TLSv1

Browse Source 
It's bad, but sometimes you need to access the API from a very old
software version. So just enable it for now and clean it up later.
This commit is contained in:
Joshua Boniface
2022-08-23 10:58:47 -04:00
parent 459b16386b
commit dc36c40690
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
api-daemon/pvcapid/Daemon.py
View File

@@ -22,6 +22,8 @@
import os
import yaml
from ssl import SSLContext, TLSVersion
from distutils.util import strtobool as dustrtobool
# Daemon version
@@ -123,7 +125,10 @@ def entrypoint():
import pvcapid.flaskapi as pvc_api # noqa: E402
if config["ssl_enabled"]:
context = (config["ssl_cert_file"], config["ssl_key_file"])
context = SSLContext()
context.minimum_version = TLSVersion.TLSv1
context.get_ca_certs()
context.load_cert_chain(config["ssl_cert_file"], keyfile=config["ssl_key_file"])
else:
context = None