summary refs log tree commit diff
diff options
context:
space:
mode:
authorPhilipp Hagemeister <phihag@phihag.de>2015-01-23 11:15:18 +0100
committerPhilipp Hagemeister <phihag@phihag.de>2015-01-23 11:15:18 +0100
commitd79323136fabc2cd72afc7c124e17797e32df514 (patch)
tree353a3e6b96ad7f154485c11b3611725fc6da5598
parent08ff6ab07e9d08853ca19cf3b8745fac11abf0f6 (diff)
downloadyoutube-dl-d79323136fabc2cd72afc7c124e17797e32df514.tar.gz
youtube-dl-d79323136fabc2cd72afc7c124e17797e32df514.tar.xz
youtube-dl-d79323136fabc2cd72afc7c124e17797e32df514.zip
[utils] Simplify HTTPS socket creation
We were duplicating (bad) code and doing crazy things with SSL.
Just use TLSv1 across the board, and do with one implementation of HTTPSConnection.connect.
Fixes #4696.
Diffstat
-rw-r--r--youtube_dl/utils.py24
1 files changed, 5 insertions, 19 deletions
diff --git a/youtube_dl/utils.py b/youtube_dl/utils.py
index 3536a5bd6..4be323926 100644
--- a/youtube_dl/utils.py
+++ b/youtube_dl/utils.py
@@ -411,25 +411,9 @@ def make_HTTPS_handler(params, **kwargs):
             pass
 
     if sys.version_info < (3, 2):
-        import httplib
-
-        class HTTPSConnectionV3(httplib.HTTPSConnection):
-            def __init__(self, *args, **kwargs):
-                httplib.HTTPSConnection.__init__(self, *args, **kwargs)
-
-            def connect(self):
-                sock = socket.create_connection((self.host, self.port), self.timeout)
-                if getattr(self, '_tunnel_host', False):
-                    self.sock = sock
-                    self._tunnel()
-                try:
-                    self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file, ssl_version=ssl.PROTOCOL_TLSv1)
-                except ssl.SSLError:
-                    self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file, ssl_version=ssl.PROTOCOL_SSLv23)
-
-        return YoutubeDLHTTPSHandler(params, https_conn_class=HTTPSConnectionV3, **kwargs)
+        return YoutubeDLHTTPSHandler(params, **kwargs)
     else:  # Python < 3.4
-        context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
+        context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
         context.verify_mode = (ssl.CERT_NONE
                                if opts_no_check_certificate
                                else ssl.CERT_REQUIRED)
@@ -560,7 +544,9 @@ def _create_http_connection(ydl_handler, http_class, is_https, *args, **kwargs):
                 sock = compat_socket_create_connection(
                     (self.host, self.port), self.timeout, sa)
                 if is_https:
-                    self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file)
+                    self.sock = ssl.wrap_socket(
+                        sock, self.key_file, self.cert_file,
+                        ssl_version=ssl.PROTOCOL_TLSv1)
                 else:
                     self.sock = sock
             hc.connect = functools.partial(_hc_connect, hc)
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-06 17:47:18 +0000