From 413657d72daa82e7e112da7659b804493a87a718 Mon Sep 17 00:00:00 2001
From: szymonjas <166526821+szymonjas@users.noreply.github.com>
Date: Fri, 18 Oct 2024 10:50:38 +0200
Subject: [PATCH] =?UTF-8?q?Revert=20"use=20SSL=20DEFAULT=20CONTEX,=20use?=
 =?UTF-8?q?=20tls=20version=20min=201.2,=20allow=20for=20usage=20of=20S?=
 =?UTF-8?q?=E2=80=A6"?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .github/workflows/test.yml | 2 +-
 splunklib/binding.py       | 9 +--------
 2 files changed, 2 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 8f660e8e..e97c7630 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -23,7 +23,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Run docker-compose
-        run: SPLUNK_VERSION=${{matrix.splunk-version}} docker compose up -d
+        run: SPLUNK_VERSION=${{matrix.splunk-version}} docker-compose up -d
 
       - name: Setup Python
         uses: actions/setup-python@v4
diff --git a/splunklib/binding.py b/splunklib/binding.py
index 25a09948..958be96e 100644
--- a/splunklib/binding.py
+++ b/splunklib/binding.py
@@ -465,8 +465,6 @@ class Context:
     :type scheme: "https" or "http"
     :param verify: Enable (True) or disable (False) SSL verification for https connections.
     :type verify: ``Boolean``
-    :param self_signed_certificate: Specifies if self signed certificate is used
-    :type self_signed_certificate: ``Boolean``
     :param sharing: The sharing mode for the namespace (the default is "user").
     :type sharing: "global", "system", "app", or "user"
     :param owner: The owner context of the namespace (optional, the default is "None").
@@ -528,7 +526,6 @@ def __init__(self, handler=None, **kwargs):
         self.bearerToken = kwargs.get("splunkToken", "")
         self.autologin = kwargs.get("autologin", False)
         self.additional_headers = kwargs.get("headers", [])
-        self._self_signed_certificate = kwargs.get("self_signed_certificate", True)
 
         # Store any cookies in the self.http._cookies dict
         if "cookie" in kwargs and kwargs['cookie'] not in [None, _NoAuthenticationToken]:
@@ -607,11 +604,7 @@ def connect(self):
         """
         sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
         if self.scheme == "https":
-            context = ssl.create_default_context()
-            context.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1
-            context.check_hostname = not self._self_signed_certificate
-            context.verify_mode = ssl.CERT_NONE if self._self_signed_certificate else ssl.CERT_REQUIRED
-            sock = context.wrap_socket(sock, server_hostname=self.host)
+            sock = ssl.wrap_socket(sock)
         sock.connect((socket.gethostbyname(self.host), self.port))
         return sock