From 08b630f83ad112bcbd40911d8ef6036d0d00ef45 Mon Sep 17 00:00:00 2001
From: Maximilian Hils <git@maximilianhils.com>
Date: Sat, 29 Aug 2015 12:30:54 +0200
Subject: better sslversion handling

---
 libpathod/pathoc_cmdline.py | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

(limited to 'libpathod/pathoc_cmdline.py')

diff --git a/libpathod/pathoc_cmdline.py b/libpathod/pathoc_cmdline.py
index 58963265..bf827a9a 100644
--- a/libpathod/pathoc_cmdline.py
+++ b/libpathod/pathoc_cmdline.py
@@ -109,12 +109,10 @@ def args_pathoc(argv, stdout=sys.stdout, stderr=sys.stderr):
         help="SSL cipher specification"
     )
     group.add_argument(
-        "--ssl-version", dest="ssl_version", type=str, default=tcp.SSL_DEFAULT_VERSION,
-        choices=tcp.SSL_VERSIONS.keys(),
-        help=""""
-            Use a specified protocol:
-            TLSv1.2, TLSv1.1, TLSv1, SSLv3, SSLv2, SSLv23.
-            Default to SSLv23."""
+        "--ssl-version", dest="ssl_version", type=str, default="secure",
+        choices=tcp.sslversion_choices.keys(),
+        help="Set supported SSL/TLS versions. "
+             "SSLv2, SSLv3 and 'all' are INSECURE. Defaults to secure, which is TLS1.0+."
     )
 
     group = parser.add_argument_group(
@@ -163,7 +161,7 @@ def args_pathoc(argv, stdout=sys.stdout, stderr=sys.stderr):
 
     args = parser.parse_args(argv[1:])
 
-    args.ssl_version = tcp.SSL_VERSIONS[args.ssl_version]
+    args.ssl_version, args.ssl_options = tcp.sslversion_choices[args.ssl_version]
 
     args.port = None
     if ":" in args.host:
-- 
cgit v1.2.3