Jellyfin/jellyfin-kodi
1
0
Fork 0
mirror of https://github.com/jellyfin/jellyfin-kodi.git synced 2024-11-10 04:06:11 +00:00
Code Issues Projects Releases Packages Wiki Activity

Disable SSLv2 and SSLv3 support in websocket lib

Browse source 
Requires Python2 >= 2.7.9, Python3 >= 3.6
This commit is contained in:
Odd Stråbø 2020-04-16 01:53:56 +02:00
parent cf29767406
commit 0dfea09769
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
jellyfin_kodi/jellyfin/websocket.py
View file

@ -136,7 +136,9 @@ def getdefaulttimeout():
def _wrap_sni_socket(sock, sslopt, hostname): def _wrap_sni_socket(sock, sslopt, hostname):
context = ssl.SSLContext(sslopt.get('ssl_version', ssl.PROTOCOL_SSLv23)) context = ssl.SSLContext(sslopt.get('ssl_version', ssl.PROTOCOL_TLS))
context.options |= ssl.OP_NO_SSLv2 # Explicitly disable SSLv2
context.options |= ssl.OP_NO_SSLv3 # Explicitly disable SSLv3
if sslopt.get('cert_reqs', ssl.CERT_NONE) != ssl.CERT_NONE: if sslopt.get('cert_reqs', ssl.CERT_NONE) != ssl.CERT_NONE:
capath = ssl.get_default_verify_paths().capath capath = ssl.get_default_verify_paths().capath
@ -547,7 +549,7 @@ class WebSocket(object):
# https://tools.ietf.org/html/rfc6455#page-6 # https://tools.ietf.org/html/rfc6455#page-6
magic_string = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11".encode() magic_string = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11".encode()
value = key + magic_string value = key + magic_string
hashed = base64.encodestring(hashlib.sha1(value).digest()).strip().lower().decode() hashed = base64.encodestring(hashlib.sha1(value).digest()).strip().lower().decode()
return hashed == result return hashed == result