mirror of https://github.com/blackjack4494/yt-dlc
[utils] Do not make an exception for SSLv3
SSLv3 is terminally vulnerable to POODLE; web browsers are currently deprecating/removing it. Closes #4459, fixes #4294
This commit is contained in:
parent
a23669220a
commit
2128b696b8
|
@ -390,7 +390,6 @@ def formatSeconds(secs):
|
||||||
def make_HTTPS_handler(opts_no_check_certificate, **kwargs):
|
def make_HTTPS_handler(opts_no_check_certificate, **kwargs):
|
||||||
if hasattr(ssl, 'create_default_context'): # Python >= 3.4 or 2.7.9
|
if hasattr(ssl, 'create_default_context'): # Python >= 3.4 or 2.7.9
|
||||||
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
|
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
|
||||||
context.options &= ~ssl.OP_NO_SSLv3 # Allow older, not-as-secure SSLv3
|
|
||||||
if opts_no_check_certificate:
|
if opts_no_check_certificate:
|
||||||
context.verify_mode = ssl.CERT_NONE
|
context.verify_mode = ssl.CERT_NONE
|
||||||
try:
|
try:
|
||||||
|
|
Loading…
Reference in New Issue