Merge pull request #125 from Geotab/ssl-deprecation-warning

Uses TLS_CLIENT for SSL context

mygeotab/api.py

@@ -347,16 +347,13 @@ def get_param(self):
 
 
 class GeotabHTTPAdapter(HTTPAdapter):
-    """HTTP adapter to force use of TLS 1.2 for HTTPS connections."""
+    """HTTP adapter to enforce use of TLS for HTTPS."""
 
     def init_poolmanager(self, connections, maxsize, block=False, **pool_kwargs):
-        ssl_context = create_urllib3_context(ssl_version=ssl.PROTOCOL_TLS)
+        ssl_context = create_urllib3_context(ssl_version=ssl.PROTOCOL_TLS_CLIENT)
         ssl_context.load_default_certs()
-        ssl_context.options |= ssl.OP_NO_SSLv2
-        ssl_context.options |= ssl.OP_NO_SSLv3
-        ssl_context.options |= ssl.OP_NO_TLSv1
-        ssl_context.options |= ssl.OP_NO_TLSv1_1
-        ssl_context.options |= ssl.OP_ENABLE_MIDDLEBOX_COMPAT
+        if hasattr(ssl, "OP_ENABLE_MIDDLEBOX_COMPAT"):
+            ssl_context.options |= ssl.OP_ENABLE_MIDDLEBOX_COMPAT
         self.poolmanager = urllib3.poolmanager.PoolManager(
             num_pools=connections, maxsize=maxsize, block=block, ssl_context=ssl_context, **pool_kwargs
         )

mygeotab/api_async.py

@@ -202,13 +202,10 @@ async def _query(server, method, parameters, timeout=DEFAULT_TIMEOUT, verify_ssl
 
     ssl_context = False
     if verify_ssl or cert:
-        ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS)
+        ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
         ssl_context.load_default_certs()
-        ssl_context.options |= ssl.OP_NO_SSLv2
-        ssl_context.options |= ssl.OP_NO_SSLv3
-        ssl_context.options |= ssl.OP_NO_TLSv1
-        ssl_context.options |= ssl.OP_NO_TLSv1_1
-        ssl_context.options |= ssl.OP_ENABLE_MIDDLEBOX_COMPAT
+        if hasattr(ssl, "OP_ENABLE_MIDDLEBOX_COMPAT"):
+            ssl_context.options |= ssl.OP_ENABLE_MIDDLEBOX_COMPAT
     if cert:
         if isinstance(cert, str):
             ssl_context.load_cert_chain(cert)