From bced8a8162f4de366da6ff453343ba856173be3f Mon Sep 17 00:00:00 2001
From: Min RK <benjaminrk@gmail.com>
Date: Thu, 16 Jun 2016 16:16:10 +0200
Subject: [PATCH] avoid clobbering ssl_options.ssl_version

use setdefault instead of setting directly, so that the user can override these values.
---
 notebook/notebookapp.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/notebook/notebookapp.py b/notebook/notebookapp.py
index 414121f5b..a0972475c 100644
--- a/notebook/notebookapp.py
+++ b/notebook/notebookapp.py
@@ -1020,10 +1020,10 @@ class NotebookApp(JupyterApp):
         else:
             # SSL may be missing, so only import it if it's to be used
             import ssl
-            # Disable SSLv3, since its use is discouraged.
-            ssl_options['ssl_version'] = ssl.PROTOCOL_TLSv1
+            # Disable SSLv3 by default, since its use is discouraged.
+            ssl_options.setdefault('ssl_version', ssl.PROTOCOL_TLSv1)
             if ssl_options.get('ca_certs', False):
-                ssl_options['cert_reqs'] = ssl.CERT_REQUIRED
+                ssl_options.setdefault('cert_reqs', ssl.CERT_REQUIRED)
         
         self.login_handler_class.validate_security(self, ssl_options=ssl_options)
         self.http_server = httpserver.HTTPServer(self.web_app, ssl_options=ssl_options,