From cf2207f8ff052157e1a13587c2ff8558f992b729 Mon Sep 17 00:00:00 2001
From: slrslr <6596726+slrslr@users.noreply.github.com>
Date: Tue, 25 Jul 2023 14:59:56 +0000
Subject: [PATCH] fix default ssl version to be secure

Based on https://github.com/zeronet-conservancy/zeronet-conservancy/pull/170/commits/813245718406ec3933532010af05a48bf5bcc5b6

Details: http://127.0.0.1:43110/1ForumFXWo6hpHPLx2pzVXFYtEnymJYmFF/?Topic:1690069977_1MXSMqxw6CVesYjFxtSpLEJMsqzTbYW4Jp/To+all+ZeroNet+Developpers+importand+updates+what+we+all+must+integrate+it#comment_13_1MXSMqxw6CVesYjFxtSpLEJMsqzTbYW4Jp
---
 src/util/helper.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/util/helper.py b/src/util/helper.py
index 61455b085..20f4aaf70 100644
--- a/src/util/helper.py
+++ b/src/util/helper.py
@@ -209,7 +209,11 @@ def httpRequest(url, as_file=False):
 
         conn = http.client.HTTPSConnection(host)
         sock = socket.create_connection((conn.host, conn.port), conn.timeout, conn.source_address)
-        conn.sock = ssl.wrap_socket(sock, conn.key_file, conn.cert_file)
+
+        context = ssl.create_default_context()
+        context.minimum_version = ssl.TLSVersion.TLSv1_2
+
+        conn.sock = context.wrap_socket(sock, conn.key_file, conn.cert_file)
         conn.request("GET", request)
         response = conn.getresponse()
         if response.status in [301, 302, 303, 307, 308]: