From ec5413beb7282dde3a8cc47f0c211eb8eb3fd418 Mon Sep 17 00:00:00 2001
From: j <j@mailb.org>
Date: Wed, 22 Oct 2014 11:42:11 +0100
Subject: [PATCH] only enable TLS 1.2

---
 peerlink/nodeserver.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/peerlink/nodeserver.py b/peerlink/nodeserver.py
index da8bf57..5fb2971 100644
--- a/peerlink/nodeserver.py
+++ b/peerlink/nodeserver.py
@@ -2,6 +2,7 @@
 # vi:si:et:sw=4:sts=4:ts=4
 
 import json
+import ssl
 
 from tornado.httpserver import HTTPServer
 from tornado.ioloop import PeriodicCallback
@@ -100,7 +101,8 @@ def start():
     ], gzip=True)
     http_server = HTTPServer(application, ssl_options={
         "certfile": settings.tls_cert_path,
-        "keyfile": settings.tls_key_path
+        "keyfile": settings.tls_key_path,
+        "ssl_version": ssl.PROTOCOL_TLSv1_2
     })
     http_server.listen(settings.server['node_port'], settings.server['node_address'])
     state.main.add_callback(publish_node)