Do not use insecure encryption protocols このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください 。
このルールを試す ID: python-security/insecure-ssl-protocols
Language: Python
Severity: Notice
Category: Security
The following security protocols should never be used in Python: SSLv3
, SSLv2
, TLSv1
. For more details, read the SSL module page of the official documentation.
The issue addresses the CWE-757 - selection of less-secure algorithm during negotiation.
import ssl
def newconnect ( self ):
try :
s = socket . socket ( socket . AF_INET , socket . SOCK_STREAM )
remote = ssl . wrap_socket ( s ,
ca_certs = CA ,
cert_reqs = ssl . CERT_REQUIRED ,
ssl_version = ssl . PROTOCOL_SSLv3 )
remote . connect ( self . server . seradd )
if not self . server . seradd [ 0 ] == remote . getpeercert ()[ 'subjectAltName' ][ 0 ][ 1 ]:
logging . error ( 'Server crt error !! Server Name don \' t mach !!' )
logging . error ( remote . getpeercert ()[ 'subjectAltName' ][ 0 ][ 1 ])
return
if not self . send_PW ( remote ):
logging . warn ( 'PW error !' )
return
except socket . error , e :
logging . warn ( e )
return
import ssl
def newconnect ( self ):
try :
s = socket . socket ( socket . AF_INET , socket . SOCK_STREAM )
remote = ssl . wrap_socket ( s ,
ca_certs = CA ,
cert_reqs = ssl . CERT_REQUIRED ,
ssl_version = ssl . PROTOCOL_TLS )
remote . connect ( self . server . seradd )
if not self . server . seradd [ 0 ] == remote . getpeercert ()[ 'subjectAltName' ][ 0 ][ 1 ]:
logging . error ( 'Server crt error !! Server Name don \' t mach !!' )
logging . error ( remote . getpeercert ()[ 'subjectAltName' ][ 0 ][ 1 ])
return
if not self . send_PW ( remote ):
logging . warn ( 'PW error !' )
return
except socket . error , e :
logging . warn ( e )
return
Seamless integrations. Try Datadog Code Security