diff options
| author | Antoine Pitrou <solipsis@pitrou.net> | 2010-04-17 17:10:38 +0000 |
|---|---|---|
| committer | Antoine Pitrou <solipsis@pitrou.net> | 2010-04-17 17:10:38 +0000 |
| commit | 0a6373c1a928e80c8c3fa9b88d925b3dccc5afc4 (patch) | |
| tree | a943cdb41cc6eaf54fc12b0dc225b086e4111bc5 /Lib/ssl.py | |
| parent | 7794b5b52f8c5c4bf465a44a53025e9b6fa49592 (diff) | |
| download | cpython-git-0a6373c1a928e80c8c3fa9b88d925b3dccc5afc4.tar.gz | |
Issue #8322: Add a *ciphers* argument to SSL sockets, so as to change the
available cipher list. Helps fix test_ssl with OpenSSL 1.0.0.
Diffstat (limited to 'Lib/ssl.py')
| -rw-r--r-- | Lib/ssl.py | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/Lib/ssl.py b/Lib/ssl.py index cd1d865c92..c960aaa76a 100644 --- a/Lib/ssl.py +++ b/Lib/ssl.py @@ -89,7 +89,7 @@ class SSLSocket(socket): server_side=False, cert_reqs=CERT_NONE, ssl_version=PROTOCOL_SSLv23, ca_certs=None, do_handshake_on_connect=True, - suppress_ragged_eofs=True): + suppress_ragged_eofs=True, ciphers=None): socket.__init__(self, _sock=sock._sock) # the initializer for socket trashes the methods (tsk, tsk), so... self.send = lambda data, flags=0: SSLSocket.send(self, data, flags) @@ -111,7 +111,8 @@ class SSLSocket(socket): # yes, create the SSL object self._sslobj = _ssl.sslwrap(self._sock, server_side, keyfile, certfile, - cert_reqs, ssl_version, ca_certs) + cert_reqs, ssl_version, ca_certs, + ciphers) if do_handshake_on_connect: timeout = self.gettimeout() try: @@ -124,6 +125,7 @@ class SSLSocket(socket): self.cert_reqs = cert_reqs self.ssl_version = ssl_version self.ca_certs = ca_certs + self.ciphers = ciphers self.do_handshake_on_connect = do_handshake_on_connect self.suppress_ragged_eofs = suppress_ragged_eofs self._makefile_refs = 0 @@ -291,7 +293,7 @@ class SSLSocket(socket): socket.connect(self, addr) self._sslobj = _ssl.sslwrap(self._sock, False, self.keyfile, self.certfile, self.cert_reqs, self.ssl_version, - self.ca_certs) + self.ca_certs, self.ciphers) if self.do_handshake_on_connect: self.do_handshake() @@ -309,6 +311,7 @@ class SSLSocket(socket): cert_reqs=self.cert_reqs, ssl_version=self.ssl_version, ca_certs=self.ca_certs, + ciphers=self.ciphers, do_handshake_on_connect=self.do_handshake_on_connect, suppress_ragged_eofs=self.suppress_ragged_eofs), addr) @@ -328,13 +331,14 @@ def wrap_socket(sock, keyfile=None, certfile=None, server_side=False, cert_reqs=CERT_NONE, ssl_version=PROTOCOL_SSLv23, ca_certs=None, do_handshake_on_connect=True, - suppress_ragged_eofs=True): + suppress_ragged_eofs=True, ciphers=None): return SSLSocket(sock, keyfile=keyfile, certfile=certfile, server_side=server_side, cert_reqs=cert_reqs, ssl_version=ssl_version, ca_certs=ca_certs, do_handshake_on_connect=do_handshake_on_connect, - suppress_ragged_eofs=suppress_ragged_eofs) + suppress_ragged_eofs=suppress_ragged_eofs, + ciphers=ciphers) # some utility functions |