From d9d9a20ef2607f56c3e22114cc08d404930b0fc1 Mon Sep 17 00:00:00 2001 From: Maximilian Hils Date: Sun, 22 Aug 2021 15:17:57 +0200 Subject: [PATCH] tls: fix TLS1 constant We accidentally reused the value for SSL3 here. This is not as a bad as a it looks: First, neither version is enabled by default. Second, because of how Python enums work, this simply made the `TLS1` version unavailable as an option (which is how I detected it). --- CHANGELOG.md | 1 + mitmproxy/net/tls.py | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index acf76819b..7bf53ec6c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ ## Unreleased: mitmproxy next * fix some responses not being decoded properly if the encoding was uppercase #4735 (@Mattwmaster58) +* Expose TLS 1.0 as possible minimum version on older pyOpenSSL releases * Windows: Switch to Python's default asyncio event loop, which increases the number of sockets that can be processed simultaneously. diff --git a/mitmproxy/net/tls.py b/mitmproxy/net/tls.py index f6a2eedaa..7e85fd55e 100644 --- a/mitmproxy/net/tls.py +++ b/mitmproxy/net/tls.py @@ -40,7 +40,7 @@ class Version(Enum): UNBOUNDED = 0 # TODO: just SSL attributes once https://github.com/pyca/pyopenssl/pull/985 has landed. SSL3 = getattr(SSL, "SSL3_VERSION", 768) - TLS1 = getattr(SSL, "TLS1_VERSION", 768) + TLS1 = getattr(SSL, "TLS1_VERSION", 769) TLS1_1 = getattr(SSL, "TLS1_1_VERSION", 770) TLS1_2 = getattr(SSL, "TLS1_2_VERSION", 771) TLS1_3 = getattr(SSL, "TLS1_3_VERSION", 772)