This is an automated email from the ASF dual-hosted git repository.
tomaz pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/libcloud.git
The following commit(s) were added to refs/heads/trunk by this push:
new 56674f462 Remove unused libcloud.security.SSL_VERSION module level
constant / variable which has been unused and had no affect since we have
switched to the requests library for making HTTP(s) requests in 2016.
new 572c3ff83 Merge branch 'trunk' of
http://gitbox.apache.org/repos/asf/libcloud into trunk
56674f462 is described below
commit 56674f462e7ddf6668b4de3575736b706181f1e4
Author: Tomaz Muraus <to...@tomaz.me>
AuthorDate: Tue Aug 1 23:13:46 2023 +0200
Remove unused libcloud.security.SSL_VERSION module level constant /
variable which has been unused and had no affect since we have switched
to the requests library for making HTTP(s) requests in 2016.
---
CHANGES.rst | 6 +++++
docs/other/ssl-certificate-validation.rst | 43 -------------------------------
libcloud/security.py | 4 +--
3 files changed, 7 insertions(+), 46 deletions(-)
diff --git a/CHANGES.rst b/CHANGES.rst
index 6886e6c55..0a8dc75cf 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -97,6 +97,12 @@ Other
(GITHUB-1920)
[Tomaz Muraus - @Kami]
+- Remove unused ``libcloud.security.SSL_VERSION`` constant / module level
+ variable. This variable has been unused and had no affect on the behavior
+ since we switched to the ``requests`` library for making HTTP(s) requests in
+ 2016.
+ [Tomaz Muraus - @Kami]
+
Changes in Apache Libcloud 3.7.0
--------------------------------
diff --git a/docs/other/ssl-certificate-validation.rst
b/docs/other/ssl-certificate-validation.rst
index 704945f8c..dcb90ab01 100644
--- a/docs/other/ssl-certificate-validation.rst
+++ b/docs/other/ssl-certificate-validation.rst
@@ -110,46 +110,3 @@ For example:
libcloud.security.VERIFY_SSL_CERT = False
# Instantiate and work with the driver here...
-
-Changing used SSL / TLS version
--------------------------------
-
-.. note::
-
- Linode recently dropped support for TLS v1.0 and it only supports TLS v1.1
- and higher.
- If you are using Linode driver you need to update your code to use TLS v1.1
- or TLS v1.2 as shown below.
-
-For compatibility and safety reasons (we also support older Python versions),
-Libcloud uses TLS v1.0 by default.
-
-If the provier doesn't support this version or if you want to use a different
-version because of security reasons (you should always use the highest version
-which is supported by your system and your provider) you can tell Libcloud to
-use a different version as shown below.
-
-.. sourcecode:: python
-
- import ssl
-
- import libcloud.security
- libcloud.security.SSL_VERSION = ssl.PROTOCOL_TLSv1_1
- # or
- libcloud.security.SSL_VERSION = ssl.PROTOCOL_TLSv1_2
-
- # Instantiate and work with the driver here...
-
-Keep in mind that TLS v1.1 and v1.2 is right now only supported in Python >=
-3.4 and Python 2.7.9. In addition to that, your system also needs to have a
-recent version of OpenSSL available.
-
-Another (**unsafe** and **unrecommended**) option is to use
-``ssl.PROTOCOL_SSLv23`` constant which will let client know to pick the highest
-protocol version which both the client and server support. If this constant is
-selected, the client will be selecting between SSL v3.0, TLS v1.0, TLS v1.1 and
-TLS v1.2.
-
-Keep in mind that SSL v3.0 is considered broken and unsafe and using this
-option can result in a downgrade attack so we strongly recommend **NOT** to use
-it.
diff --git a/libcloud/security.py b/libcloud/security.py
index bf329b7d2..fc5509d4f 100644
--- a/libcloud/security.py
+++ b/libcloud/security.py
@@ -26,12 +26,10 @@ Usage:
import os
import ssl
-__all__ = ["VERIFY_SSL_CERT", "SSL_VERSION", "CA_CERTS_PATH"]
+__all__ = ["VERIFY_SSL_CERT", "CA_CERTS_PATH"]
VERIFY_SSL_CERT = True
-SSL_VERSION = ssl.PROTOCOL_TLSv1
-
# True to use certifi CA bundle path when certifi library is available
USE_CERTIFI = os.environ.get("LIBCLOUD_SSL_USE_CERTIFI", True)
USE_CERTIFI = str(USE_CERTIFI).lower() in ["true", "1"]
