disable legacy openssl for cryptography

2026-06-28 18:01:36 +00:00 · 2025-04-24 15:17:59 +00:00
parent 458e08645d
commit 170a2e593b
1 changed files with 2 additions and 0 deletions
--- a/src/gam/init.py
+++ b/src/gam/init.py
@@ -95,6 +95,8 @@ import wsgiref.simple_server
 import wsgiref.util
 import zipfile

+# disable legacy stuff we don't use and isn't secure
+os.environ['CRYPTOGRAPHY_OPENSSL_NO_LEGACY'] = 1
 from cryptography import x509
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import hashes, serialization