Hi, I'm trying to add TLS/SSL support to pyftpdlib. Since various defects have been found in the SSLv2 protocol many FTPS servers (i.e. proftpd and vsftpd) decided to support SSLv3 and TLSv1 only and sistematically reject any client attempting to use SSLv2. Is there a way to tell ssl.wrap_socket() to accept SSLv3 and TLSv1 connections only? If that's not possible can I determine the encryption protocol being used *after* that the SSL/TLS handshake took place?
I tried to use wrap_socket as follows: self.socket = ssl.wrap_socket(self.socket, , certfile=CERTFILE, server_side=True, ssl_version=ssl.PROTOCOL_SSLv3 | ssl.PROTOCOL_TLSv1) ...it works if on the client side I use TLSv1 but not if I use SSLv3 ("SSLError: [Errno 1] _ssl.c:480: error:14094410:SSL routines:SSL3_READ_BYTES:sslv 3 alert handshake failure" exception is raised) Thanks in advance for any help. --- Giampaolo http://code.google.com/p/pyftpdlib/ -- http://mail.python.org/mailman/listinfo/python-list