In-house patch to disable SSLv3 support.
(See also upstream bug #1395095)
--- neutron-2014.2.2/neutron/openstack/common/sslutils.py.orig 2015-08-13 21:05:44.916269265 -0400
+++ neutron-2014.2.2/neutron/openstack/common/sslutils.py 2015-08-13 20:37:57.022549534 -0400
@@ -80,8 +80,7 @@
_SSL_PROTOCOLS = {
"tlsv1": ssl.PROTOCOL_TLSv1,
- "sslv23": ssl.PROTOCOL_SSLv23,
- "sslv3": ssl.PROTOCOL_SSLv3
+ "sslv23": ssl.PROTOCOL_SSLv23
}
try:
@@ -89,6 +88,11 @@
except AttributeError:
pass
+try:
+ _SSL_PROTOCOLS["sslv3"] = ssl.PROTOCOL_SSLv3
+except AttributeError:
+ pass
+
def validate_ssl_version(version):
key = version.lower()