subject:"\[issue32813\] SSL shared_ciphers implementation wrong \- returns configured but not shared ciphers"

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

2021-04-19 Thread Christian Heimes

Christian Heimes added the comment: 3.10 now supports only OpenSSL versions that return the correct value. Older Python versions may return wrong value when they are linked with OpenSSL 1.1.0 or 1.0.2. -- resolution: -> third party stage: -> resolved status: open -> closed

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

2018-05-02 Thread Benjamin Peterson

Benjamin Peterson added the comment: It's looks like OpenSSL just fixed SSL_get_shared_ciphers to actually do what we would want here. https://github.com/openssl/openssl/commit/a216df599a6076147c27acea6c976fb11f505b1a -- ___

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

2018-02-11 Thread Benjamin Peterson

Benjamin Peterson added the comment: I think at the time I was writing a Python version of the "openssl" tool. "openssl s_client" prints out what it says are the "Shared ciphers". So, yes, I agree the usecase is mostly debugging. --

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

2018-02-11 Thread Christian Heimes

Christian Heimes added the comment: I don't see the issue as critical. For me, the method is just a debugging tool. Benjamin, for which purpose did you add the method? -- ___ Python tracker

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

2018-02-10 Thread Ned Deily

Ned Deily added the comment: Christian, what is your take on the criticality of this? -- nosy: +ned.deily ___ Python tracker ___

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

2018-02-10 Thread Christian Heimes

Christian Heimes added the comment: SSL_get_shared_ciphers() won't help either. Internally it gets the ciphers from s->session->ciphers just like SSL_get_client_ciphers(). It doesn't perform additional filtering.

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

2018-02-10 Thread Christian Heimes

Christian Heimes added the comment: Yeah, looks like I used the wrong API when I ported to Python to OpenSSL 1.1.0, because there is no correct API. For client_context.set_ciphers("AES128-SHA256:AES256-SHA256") server_context.set_ciphers("AES128-SHA:AES256-SHA256") I'm

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

2018-02-10 Thread Benjamin Peterson

Benjamin Peterson added the comment: I suppose we should fix .shared_ciphers to be SSL_get_shared_ciphers() again and perhaps add .client_ciphers, which calls SSL_get_client_ciphers? -- ___ Python tracker

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

2018-02-10 Thread Steffen Ullrich

Steffen Ullrich added the comment: It looks like the function shared_ciphers actually returned the list of client ciphers when initially implemented although I think that the name is misleading and suggests that it would return the ciphers shared between client and

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

2018-02-10 Thread Christian Heimes

Christian Heimes added the comment: Benjamin, you implemented the feature in bpo23186. Do you have any idea what's going on? -- assignee: -> christian.heimes components: +SSL nosy: +alex, benjamin.peterson, dstufft, janssen versions: -Python 3.5

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

2018-02-10 Thread Ned Deily

Change by Ned Deily : -- nosy: +christian.heimes ___ Python tracker ___ ___

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

2018-02-10 Thread Steffen Ullrich

Steffen Ullrich added the comment: Actually, it looks like that neither SSL_get_shared ciphers nor SSL_get_client_ciphers nor accessing ssl->session->ciphers nor SSL_get_ciphers return the **shared** ciphers. The first three seem to return the ciphers offered by the

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

2018-02-09 Thread Steffen Ullrich

New submission from Steffen Ullrich : The current implementation of shared_ciphers uses the SSL_get_ciphers method. This method returns the list of configured ciphers (i.e. from the context) and not the list of ciphers shared between client and server. To get this list

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

[issue32813] SSL shared_ciphers implementation wrong - returns configured but not shared ciphers

13 matches

Site Navigation

Mail list logo

Footer information