relyt29
commented
7 years ago Additionally, this library does not verify SSL certificates presented by the OpenVAS server.
Probably it would be better to expose SSL certificate verification to library users as an option that could be controlled
You use ssl.PROTOCOL_TLSv1 when opening the socket. That's not a good idea, especially when connecting to a server that's only supporting TLS v1.1 and 1.2 (as the current Greenbone Appliance does)
https://github.com/golismero/openvas_lib/search?utf8=%E2%9C%93&q=ssl.PROTOCOL_TLSv1&type=Code
You should use ssl.PROTOCOL_SSLv23 Selects the highest protocol version that both the client and server support. Despite the name, this option can select “TLS” protocols as well as “SSL”. https://docs.python.org/2/library/ssl.html