Message 238222 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	alex, benjamin.peterson, dstufft, mogli, vstinner
Date	2015-03-16.16:42:36
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1426524156.95.0.733346825407.issue23679@psf.upfronthosting.co.za>
In-reply-to

Content
You can explicitly disable RC4 if you create a SSLContext and then call set_ciphers() with the right list of ciphers. See for examples cipher lists of Python 2.7 (development branch): https://hg.python.org/cpython/file/0b44c749ae51/Lib/ssl.py#l150 Add ":!RC4" at the end of the cipher list to disable RC4. OpenSSL cipher list format: https://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT

You can explicitly disable RC4 if you create a SSLContext and then call set_ciphers() with the right list of ciphers. See for examples cipher lists of Python 2.7 (development branch):
https://hg.python.org/cpython/file/0b44c749ae51/Lib/ssl.py#l150

Add ":!RC4" at the end of the cipher list to disable RC4.

OpenSSL cipher list format:
https://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT

History
Date	User	Action	Args
2015-03-16 16:42:36	vstinner	set	recipients: + vstinner, benjamin.peterson, alex, dstufft, mogli
2015-03-16 16:42:36	vstinner	set	messageid: <1426524156.95.0.733346825407.issue23679@psf.upfronthosting.co.za>
2015-03-16 16:42:36	vstinner	link	issue23679 messages
2015-03-16 16:42:36	vstinner	create