Message 311940 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	noxxi
Recipients	noxxi
Date	2018-02-10.07:04:15
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1518246255.91.0.467229070634.issue32813@psf.upfronthosting.co.za>
In-reply-to

Content
The current implementation of shared_ciphers uses the SSL_get_ciphers method. This method returns the list of configured ciphers (i.e. from the context) and not the list of ciphers shared between client and server. To get this list one can use the documented SSL_get_client_ciphers for OpenSSL >= 1.1.0, access ssl->sessions->ciphers directly or parse the result from the undocumented SSL_get_shared_ciphers for older versions of OpenSSL. See also https://stackoverflow.com/questions/48717497/python-ssl-shared-ciphers-not-as-documented/48718081#48718081

The current implementation of shared_ciphers uses the SSL_get_ciphers method. This method returns the list of configured ciphers (i.e. from the context) and not the list of ciphers shared between client and server. 

To get this list one can use the documented SSL_get_client_ciphers for OpenSSL >= 1.1.0, access ssl->sessions->ciphers directly or parse the result from the undocumented SSL_get_shared_ciphers for older versions of OpenSSL.

See also https://stackoverflow.com/questions/48717497/python-ssl-shared-ciphers-not-as-documented/48718081#48718081

History
Date	User	Action	Args
2018-02-10 07:04:15	noxxi	set	recipients: + noxxi
2018-02-10 07:04:15	noxxi	set	messageid: <1518246255.91.0.467229070634.issue32813@psf.upfronthosting.co.za>
2018-02-10 07:04:15	noxxi	link	issue32813 messages
2018-02-10 07:04:15	noxxi	create