New submission from Christian Heimes: SSLContext has a set_ciphers() method but no method to get the actual list of enabled ciphers. https://github.com/tiran/cpython/tree/feature/openssl_ciphers implements get_ciphers()
>>> import ssl, pprint >>> ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23) >>> ctx.set_ciphers('ECDHE+AESGCM:!ECDSA') >>> pprint.pprint(ctx.get_ciphers()) [{'alg_bits': 256, 'description': 'ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA ' 'Enc=AESGCM(256) Mac=AEAD', 'id': 50380848, 'name': 'ECDHE-RSA-AES256-GCM-SHA384', 'protocol': 'TLSv1/SSLv3', 'strength_bits': 256}, {'alg_bits': 128, 'description': 'ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA ' 'Enc=AESGCM(128) Mac=AEAD', 'id': 50380847, 'name': 'ECDHE-RSA-AES128-GCM-SHA256', 'protocol': 'TLSv1/SSLv3', 'strength_bits': 128}] With OpenSSL 1.1 the dict will have more fields. Both the return value and functionality is different to https://docs.python.org/3/library/ssl.html#ssl.SSLSocket.shared_ciphers . ---------- components: Library (Lib) messages: 273703 nosy: alex, christian.heimes, dstufft, giampaolo.rodola, janssen priority: normal severity: normal status: open title: ssl: get list of enabled ciphers type: enhancement versions: Python 3.6 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue27866> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com