Message 311966 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	christian.heimes
Recipients	alex, benjamin.peterson, christian.heimes, dstufft, janssen, noxxi
Date	2018-02-10.22:38:35
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1518302315.61.0.467229070634.issue32813@psf.upfronthosting.co.za>
In-reply-to

Content
Yeah, looks like I used the wrong API when I ported to Python to OpenSSL 1.1.0, because there is no correct API. For client_context.set_ciphers("AES128-SHA256:AES256-SHA256") server_context.set_ciphers("AES128-SHA:AES256-SHA256") I'm getting: client_ciphers = {'AES128-SHA256', 'AES256-SHA256'} server_ciphers = {'AES256-SHA256', 'AES128-SHA'} shared_ciphers = {'AES128-SHA256', 'AES256-SHA256'} # SSL_get_client_ciphers() shared_ciphers = {'AES256-SHA256', 'AES128-SHA'} # SSL_get_ciphers() which are clearly both wrong. The only shared cipher is {'AES256-SHA256'}.

Yeah, looks like I used the wrong API when I ported to Python to OpenSSL 1.1.0, because there is no correct API.

For

client_context.set_ciphers("AES128-SHA256:AES256-SHA256")
server_context.set_ciphers("AES128-SHA:AES256-SHA256")

I'm getting:

client_ciphers = {'AES128-SHA256', 'AES256-SHA256'}
server_ciphers = {'AES256-SHA256', 'AES128-SHA'}
shared_ciphers = {'AES128-SHA256', 'AES256-SHA256'}  # SSL_get_client_ciphers()
shared_ciphers = {'AES256-SHA256', 'AES128-SHA'}  # SSL_get_ciphers()

which are clearly both wrong. The only shared cipher is {'AES256-SHA256'}.

History
Date	User	Action	Args
2018-02-10 22:38:35	christian.heimes	set	recipients: + christian.heimes, janssen, benjamin.peterson, alex, dstufft, noxxi
2018-02-10 22:38:35	christian.heimes	set	messageid: <1518302315.61.0.467229070634.issue32813@psf.upfronthosting.co.za>
2018-02-10 22:38:35	christian.heimes	link	issue32813 messages
2018-02-10 22:38:35	christian.heimes	create