From f8bcc5b3a969f305eceefc052da0401e16af3993 Mon Sep 17 00:00:00 2001
From: Timm Fitschen <timm.fitschen@ds.mpg.de>
Date: Fri, 11 Jan 2019 15:36:56 +0100
Subject: [PATCH] ENH: new Connection.ssl_protocol in pycaosdb.ini

---
 src/caosdb/connection/connection.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/caosdb/connection/connection.py b/src/caosdb/connection/connection.py
index 38476893..e2116bb0 100644
--- a/src/caosdb/connection/connection.py
+++ b/src/caosdb/connection/connection.py
@@ -142,7 +142,11 @@ class _DefaultCaosDBServerConnection(CaosDBServerConnection):
             If no url has been specified, or if the CA certificate cannot be
             loaded.
         """
-        context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
+        if "ssl_version" in config and config["cacert"] is not None:
+            ssl_version = getattr(ssl, config["ssl_version"])
+        else:
+            ssl_version = ssl.PROTOCOL_TLSv1
+        context = ssl.SSLContext(ssl_version)
         context.verify_mode = ssl.CERT_REQUIRED
         if hasattr(context, "check_hostname"):
             context.check_hostname = True
-- 
GitLab