From e128ecae5f3b91f6c052ea2bb2cf6045643893c6 Mon Sep 17 00:00:00 2001
From: Daniel <daniel@harvey>
Date: Wed, 11 Dec 2019 11:38:09 +0100
Subject: [PATCH] FIX: Enforce necessary higher TLS versions.

This is to be compatible with current server defaults.
---
 src/caosdb/connection/connection.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/caosdb/connection/connection.py b/src/caosdb/connection/connection.py
index 544dff28..bbb21eaa 100644
--- a/src/caosdb/connection/connection.py
+++ b/src/caosdb/connection/connection.py
@@ -164,7 +164,16 @@ class _DefaultCaosDBServerConnection(CaosDBServerConnection):
         if "ssl_version" in config and config["cacert"] is not None:
             ssl_version = getattr(ssl, config["ssl_version"])
         else:
-            ssl_version = ssl.PROTOCOL_TLSv1
+            try:
+                ssl_version = ssl.PROTOCOL_TLS
+            except AttributeError:
+                # deprecated since Python 3.6, but necessary until there.
+                try:
+                    ssl_version = ssl.PROTOCOL_TLSv1_2
+                except AttributeError:
+                    print("It seems as if your Python version does not support current encryption"
+                          "standards (such as TLS > 1.0), please upgrade to at least Python 3.4.")
+                    sys.exit(1)
         context = ssl.SSLContext(ssl_version)
         context.verify_mode = ssl.CERT_REQUIRED
 
-- 
GitLab