Fix sslv2/sslv3 with unverified connections (#93037)

In #90191 we use the same ssl context for httpx now to avoid a memory leak, but httpx previously allowed sslv2/sslv3 for unverified connections This reverts to the behavior before #90191
home-assistant · May 14, 2023 · e593cea · e593cea
1 parent 7d371a3
commit e593cea
Showing 1 changed file with 0 additions and 2 deletions.
diff --git a/homeassistant/util/ssl.py b/homeassistant/util/ssl.py
@@ -73,8 +73,6 @@ def create_no_verify_ssl_context(
     https://github.com/aio-libs/aiohttp/blob/33953f110e97eecc707e1402daa8d543f38a189b/aiohttp/connector.py#L911
     """
     sslcontext = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
-    sslcontext.options |= ssl.OP_NO_SSLv2
-    sslcontext.options |= ssl.OP_NO_SSLv3
     sslcontext.check_hostname = False
     sslcontext.verify_mode = ssl.CERT_NONE
     with contextlib.suppress(AttributeError):