Author christian.heimes
Recipients alex, christian.heimes, dstufft, giampaolo.rodola, janssen
Date 2016-08-26.11:29:13
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1472210954.34.0.734962882785.issue27866@psf.upfronthosting.co.za>
In-reply-to
Content
SSLContext has a set_ciphers() method but no method to get the actual list of enabled ciphers. https://github.com/tiran/cpython/tree/feature/openssl_ciphers implements get_ciphers()

>>> import ssl, pprint
>>> ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
>>> ctx.set_ciphers('ECDHE+AESGCM:!ECDSA')
>>> pprint.pprint(ctx.get_ciphers())
[{'alg_bits': 256,
  'description': 'ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  '
                 'Enc=AESGCM(256) Mac=AEAD',
  'id': 50380848,
  'name': 'ECDHE-RSA-AES256-GCM-SHA384',
  'protocol': 'TLSv1/SSLv3',
  'strength_bits': 256},
 {'alg_bits': 128,
  'description': 'ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  '
                 'Enc=AESGCM(128) Mac=AEAD',
  'id': 50380847,
  'name': 'ECDHE-RSA-AES128-GCM-SHA256',
  'protocol': 'TLSv1/SSLv3',
  'strength_bits': 128}]

With OpenSSL 1.1 the dict will have more fields.

Both the return value and functionality is different to https://docs.python.org/3/library/ssl.html#ssl.SSLSocket.shared_ciphers .
History
Date User Action Args
2016-08-26 11:29:14christian.heimessetrecipients: + christian.heimes, janssen, giampaolo.rodola, alex, dstufft
2016-08-26 11:29:14christian.heimessetmessageid: <1472210954.34.0.734962882785.issue27866@psf.upfronthosting.co.za>
2016-08-26 11:29:14christian.heimeslinkissue27866 messages
2016-08-26 11:29:13christian.heimescreate