From 5892cdf456f9c546e7c2be0d33e9965f946265fc Mon Sep 17 00:00:00 2001
From: Chris Smowton <chris@smowton.net>
Date: Thu, 20 Mar 2025 15:49:21 +0000
Subject: [PATCH] Avoid CodeQL alert against integration test

This doesn't really matter since it's a dummy test server, but it's simpler to fix than to dismiss.
---
 .../java/buildless-inherit-trust-store/server.py               | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/java/ql/integration-tests/java/buildless-inherit-trust-store/server.py b/java/ql/integration-tests/java/buildless-inherit-trust-store/server.py
index 60b3f408a05d..33d0fdb2672a 100644
--- a/java/ql/integration-tests/java/buildless-inherit-trust-store/server.py
+++ b/java/ql/integration-tests/java/buildless-inherit-trust-store/server.py
@@ -4,7 +4,8 @@
 
 httpd = HTTPServer(('localhost', 4443), SimpleHTTPRequestHandler)
 
-sslctx = ssl.SSLContext()
+sslctx = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
+sslctx.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1
 sslctx.load_cert_chain(certfile="../cert.pem", keyfile="../key.pem")
 
 httpd.socket = sslctx.wrap_socket (httpd.socket, server_side=True)