Change sslcontext.method setting in order to enforce TLS usage

evilaliv3 · evilaliv3 · commit aa33a154f7c8 · 2015-05-07T21:55:18.000+02:00
this change reflects the same configuratin present in tor2web.utils.ssl and applied on globaleaks in globaleaks in relation to ticket: globaleaks/globaleaks-whistleblowing-software#1182
diff --git a/tor2web/utils/mail.py b/tor2web/utils/mail.py
@@ -56,7 +56,11 @@ def sendmail(authenticationUsername, authenticationSecret, fromAddress, toAddres
     @param smtpPort: the smtp port
     """
     contextFactory = ClientContextFactory()
-    contextFactory.method = SSL.SSLv3_METHOD
+
+    # evilaliv3:
+    #   in order to understand and before change this settings please
+    #   read the comment inside tor2web.utils.ssl
+    contextFactory.method = SSL.SSLv23_METHOD
 
     resultDeferred = defer.Deferred()
 
diff --git a/tor2web/utils/ssl.py b/tor2web/utils/ssl.py
@@ -126,7 +126,6 @@ def __init__(self, privateKeyFileName, certificateChainFileName, dhFileName, cip
         # This trick make openssl consider valid all TLS methods.
         self.sslmethod = SSL.SSLv23_METHOD
 
-
         self.dhFileName = dhFileName
         self.cipherList = cipherList
 
