Use TLS 1.2 when available for https

2025-07-09 03:04:10 -04:00 · 2014-12-16 09:00:50 +05:30 · 2014-12-16 09:00:50 +05:30 · 6a349b9c30
commit 6a349b9c30
parent d9a6538dea
2 changed files with 8 additions and 2 deletions
--- a/setup/linux-installer.py
+++ b/setup/linux-installer.py
@ -546,7 +546,10 @@ def get_https_resource_securely(url, timeout=60, max_redirects=5, ssl_version=No
    server's certificates.
    '''
    if ssl_version is None:
-        ssl_version = ssl.PROTOCOL_TLSv1
+        try:
+            ssl_version = ssl.PROTOCOL_TLSv1_2
+        except AttributeError:
+            ssl_version = ssl.PROTOCOL_TLSv1  # old python
    with tempfile.NamedTemporaryFile(prefix='calibre-ca-cert-') as f:
        f.write(CACERT)
        f.flush()
--- a/src/calibre/utils/https.py
+++ b/src/calibre/utils/https.py
@ -162,7 +162,10 @@ def get_https_resource_securely(
    server's certificates.
    '''
    if ssl_version is None:
-        ssl_version = ssl.PROTOCOL_TLSv1
+        try:
+            ssl_version = ssl.PROTOCOL_TLSv1_2
+        except AttributeError:
+            ssl_version = ssl.PROTOCOL_TLSv1  # old python
    cacerts = P(cacerts, allow_user_override=False)
    p = urlparse(url)
    if p.scheme != 'https':