commit 67986f94311ffb46fe5b3efce74d749029041b73
author Christian Heimes <christian@cheimes.de> Sat Nov 23 22:43:47 2013 +0100
committer Christian Heimes <christian@cheimes.de> Sat Nov 23 22:43:47 2013 +0100
tree 70aeabba17581022cb3dfcd1c9a59a284a0c1bca
parent 32eddc1bbc47479a3639b9191ffc82a52903c5f4

Issue #19735: Implement private function ssl._create_stdlib_context() to
create SSLContext objects in Python's stdlib module. It provides a single
configuration point and makes use of SSLContext.load_default_certs().

Lib/ftplib.py

diff --git a/Lib/ftplib.py b/Lib/ftplib.py
index 9538fec..1b16e0a 100644
--- a/Lib/ftplib.py
+++ b/Lib/ftplib.py
@@ -727,6 +727,10 @@
                                  "exclusive")
             self.keyfile = keyfile
             self.certfile = certfile
+            if context is None:
+                context = ssl._create_stdlib_context(self.ssl_version,
+                                                     certfile=certfile,
+                                                     keyfile=keyfile)
             self.context = context
             self._prot_p = False
             FTP.__init__(self, host, user, passwd, acct, timeout, source_address)
@@ -744,12 +748,7 @@
                 resp = self.voidcmd('AUTH TLS')
             else:
                 resp = self.voidcmd('AUTH SSL')
-            if self.context is not None:
-                self.sock = self.context.wrap_socket(self.sock)
-            else:
-                self.sock = ssl.wrap_socket(self.sock, self.keyfile,
-                                            self.certfile,
-                                            ssl_version=self.ssl_version)
+            self.sock = self.context.wrap_socket(self.sock)
             self.file = self.sock.makefile(mode='r', encoding=self.encoding)
             return resp
 
@@ -788,11 +787,7 @@
         def ntransfercmd(self, cmd, rest=None):
             conn, size = FTP.ntransfercmd(self, cmd, rest)
             if self._prot_p:
-                if self.context is not None:
-                    conn = self.context.wrap_socket(conn)
-                else:
-                    conn = ssl.wrap_socket(conn, self.keyfile, self.certfile,
-                                           ssl_version=self.ssl_version)
+                conn = self.context.wrap_socket(conn)
             return conn, size
 
         def abort(self):