Skip to content

Instantly share code, notes, and snippets.

@sharl
Created April 28, 2020 01:26
Show Gist options
  • Save sharl/17618945f83efba547738a2b3736a3e7 to your computer and use it in GitHub Desktop.
Save sharl/17618945f83efba547738a2b3736a3e7 to your computer and use it in GitHub Desktop.
TLSv1.3のテスト
# -*- coding: utf-8 -*-
from __future__ import print_function
import socket
import ssl
import pprint
try:
ssl.HAS_TLSv1_3
except AttributeError:
print('no TLS v1.3')
exit()
print('openssl', ssl.OPENSSL_VERSION)
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.settimeout(10)
ctx = ssl.SSLContext(ssl.PROTOCOL_TLS)
ctx.options |= ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3 | ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1 | ssl.OP_NO_TLSv1_2 | ssl.OP_NO_COMPRESSION
ctx.verify_mode = ssl.CERT_REQUIRED
try:
ctx.load_verify_locations('/etc/ssl/certs/ca-bundle.trust.crt')
except Exception as e:
try:
ctx.load_verify_locations('/etc/ssl/certs/ca-certificates.crt')
except Exception as e:
pass
ssl_sock = ctx.wrap_socket(s)
ssl_sock.connect(('tls13.cloudflare.com', 443))
res = ssl_sock.getpeercert()
pprint.pprint(res)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment