Remove information about SSL/TSL Protocols because it is inccorect

There is no way to get the actually enabled SSL/TLS protcols on a system, let along from Python. It's not even possible from the `openssl` command line. See also #994 And: https://stackoverflow.com/questions/45924030/get-available-ssl-tls-protocols-in-python-2-7
8 years ago · d28f775c71
4 changed files with 5 additions and 86 deletions
--- a/SABnzbd.py
+++ b/SABnzbd.py
@ -37,6 +37,7 @@ import getopt
 import signal
 import socket
 import platform
 import ssl
 import time
 import re
@ -97,7 +98,6 @@ import sabnzbd.downloader
 from sabnzbd.encoding import unicoder, deunicode
 import sabnzbd.notifier as notifier
 import sabnzbd.zconfig
 import sabnzbd.utils.sslinfo
 from threading import Thread
@ -1177,8 +1177,7 @@ def main():
        logging.warning(T("SABnzbd was started with encoding %s, this should be UTF-8. Expect problems with Unicoded file and directory names in downloads.") % preferredencoding)
    # SSL Information
-    logging.info("SSL version %s", sabnzbd.utils.sslinfo.ssl_version())
+    logging.info("SSL version %s", ssl.OPENSSL_VERSION)
    logging.info("SSL known protocols %s", str(sabnzbd.utils.sslinfo.ssl_protocols_labels()))
    # Load (extra) certificates in the distributions
    if hasattr(sys, "frozen"):
@ -1189,7 +1188,6 @@ def main():
        logging.info('Loaded additional certificates from %s', os.environ["SSL_CERT_FILE"])
        # List the number of certificates available
        import ssl
        ctx = ssl.create_default_context()
        logging.info('Available certificates: %s', repr(ctx.cert_store_stats()))
--- a/interfaces/Config/templates/config.tmpl
+++ b/interfaces/Config/templates/config.tmpl
@ -30,7 +30,7 @@
                <tr>
                    <th scope="row">OpenSSL:</th>
                    <td>
-                        $ssl_version &nbsp; [$ssl_protocols]
+                        $ssl_version
                    </td>
                </tr>
                <!--#if not $have_ssl_context#-->
--- a/sabnzbd/interface.py
+++ b/sabnzbd/interface.py
@ -27,6 +27,7 @@ import urllib
 import json
 import re
 import hashlib
 import ssl
 from threading import Thread
 from random import randint
 from xml.sax.saxutils import escape
@ -54,7 +55,6 @@ from sabnzbd.nzbqueue import NzbQueue
 import sabnzbd.wizard
 from sabnzbd.utils.servertests import test_nntp_server_dict
 from sabnzbd.decoder import HAVE_YENC, SABYENC_ENABLED
 from sabnzbd.utils.sslinfo import ssl_version, ssl_protocols_labels
 from sabnzbd.utils.diskspeed import diskspeedmeasure
 from sabnzbd.utils.getperformance import getpystone
@ -1156,8 +1156,7 @@ class ConfigPage(object):
        conf['have_mt_par2'] = sabnzbd.newsunpack.PAR2_MT
        conf['have_ssl_context'] = sabnzbd.HAVE_SSL_CONTEXT
-        conf['ssl_version'] = ssl_version()
+        conf['ssl_version'] = ssl.OPENSSL_VERSION
        conf['ssl_protocols'] = ', '.join(ssl_protocols_labels())
        new = {}
        for svr in config.get_servers():
--- a/sabnzbd/utils/sslinfo.py
+++ b/sabnzbd/utils/sslinfo.py
@ -1,78 +0,0 @@
 #!/usr/bin/python -OO
 # Copyright 2008-2017 The SABnzbd-Team <team@sabnzbd.org>
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
 # as published by the Free Software Foundation; either version 2
 # of the License, or (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 """
 sabnzbd.utils.sslinfo - Information on the system's SSL setup
 """
 # v23 indicates "negotiate highest possible"
 _ALL_PROTOCOLS = ('v23', 't12', 't11', 't1', 'v3', 'v2')
 _SSL_PROTOCOLS = {}
 _SSL_PROTOCOLS_LABELS = []
 try:
    import ssl
    # Basic
    _SSL_PROTOCOLS['v23'] = ssl.PROTOCOL_SSLv23
    # Loop through supported versions
    for ssl_prop in dir(ssl):
        if ssl_prop.startswith('PROTOCOL_'):
            if ssl_prop.endswith('SSLv2'):
                _SSL_PROTOCOLS['v2'] = ssl.PROTOCOL_SSLv2
                _SSL_PROTOCOLS_LABELS.append('SSL v2')
            elif ssl_prop.endswith('SSLv3'):
                _SSL_PROTOCOLS['v3'] = ssl.PROTOCOL_SSLv3
                _SSL_PROTOCOLS_LABELS.append('SSL v3')
            elif ssl_prop.endswith('TLSv1'):
                _SSL_PROTOCOLS['t1'] = ssl.PROTOCOL_TLSv1
                _SSL_PROTOCOLS_LABELS.append('TLS v1')
            elif ssl_prop.endswith('TLSv1_1'):
                _SSL_PROTOCOLS['t11'] = ssl.PROTOCOL_TLSv1_1
                _SSL_PROTOCOLS_LABELS.append('TLS v1.1')
            elif ssl_prop.endswith('TLSv1_2'):
                _SSL_PROTOCOLS['t12'] = ssl.PROTOCOL_TLSv1_2
                _SSL_PROTOCOLS_LABELS.append('TLS v1.2')
    # Reverse the labels, SSL's always come first in the dir()
    _SSL_PROTOCOLS_LABELS.reverse()
 except:
    pass
 def ssl_protocols():
    ''' Return acronyms for SSL protocols '''
    return _SSL_PROTOCOLS.keys()
 def ssl_protocols_labels():
    ''' Return human readable labels for SSL protocols, highest quality first '''
    return _SSL_PROTOCOLS_LABELS
 def ssl_version():
    try:
        import ssl
        return ssl.OPENSSL_VERSION
    except (ImportError, AttributeError):
        return None
 if __name__ == '__main__':
    print 'SSL version: %s' % ssl_version()
    print 'Supported protocols: %s' % ssl_protocols()