I want to select transport layer security protocol in urllib2

Question

I want to select transport layer security protocol in urllib2

I want to select the transport layer protocol used to open https links using urllib2.urlopen () in Python 2.7

Similar to what we can do with the openssl utility:

openssl s_client -connect www.google.com:443 -ssl2 openssl s_client -connect www.google.com:443 -ssl3 openssl s_client -connect www.google.com:443 -tls1

The motive is to not use the ssl2 protocol, which leads to handshake problems on most servers. urllib2 seems to be using SSLv23, which uses SSLv2 or SSLv3 with some kind of reduction mechanism. There are times when this leads to problems with a handshake.

+6

python-2.7 openssl urllib2 sslv2

Abhishesh sharma Mar 26 '14 at 10:05

source share

1 answer

jfs · Accepted Answer · 2014-03-28T18:21:45+0000

Update: With Python 2.7.9, you can go through the SSLContext, which points to the TLS protocol on the urlopen() function:

 import ssl import urllib2 context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) # other settings (see ssl.create_default_context() implementation) urllib2.urlopen('https://example.com', context=context).close()

^{old answer:}

httplib.HTTPSConnection and urllib2.HTTPSHandler do not allow changing the ssl version, but ssl.wrap_socket() does.

You can define your own HTTPSHandler , which will allow you to pass arbitrary arguments to ssl.wrap_socket() , for example urllib2_ssl.py :

 >>> import ssl >>> import urllib2 >>> import urllib2_ssl # https://gist.github.com/zed/1347055 >>> opener = urllib2.build_opener(urllib2_ssl.HTTPSHandler( ... ssl_version=ssl.PROTOCOL_TLSv1, #XXX you need to modify urllib2_ssl ... ca_certs='cacert.pem')) # http://curl.haxx.se/ca/cacert.pem.bz2 >>> opener.open('https://example.com/').read()

I want to select transport layer security protocol in urllib2

More articles: