The 2.6 documentation states selecting the most compatible SSLv23 mode may mean low quality ciphers, which does not really help the application developers. It would be better to provide a way to set the allowed ciphers. Even better, IMO, would be if the ssl module would default to the stronger ciphers. I use the following default in M2Crypto: set_cipher_list('ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH').
I'm afraid you're ahead of me in knowledge here. I've experimented with the ciphers a bit, but there seem to be various compatibility issues. I finally decided to let the OpenSSL folks and various standard groups worry about this; the designation of SSL 2, SSL 3, or TLS 1, is supposed to select the appropriate cipher groups. Now, as to making the default be different: we discussed this on python-dev a bit. I think it might make sense to default to TLS 1, even at the expense of compatibility, but we (the two or three of us actually discussing it) finally decided to go with what the current Python socket.ssl module used.
Yeah, compatibility can be a problem. The cipher list I used for M2Crypto was recommended in the book Network Security with OpenSSL (I think). Besides removing unsafe ciphers, it orders the remaining ciphers from strongest to weakest, based on the hope/assumption/practice that peers will hopefully select the first matching cipher. It is not foolproof, though, so for truly compatible application you'd probably need to try with different ciphers lists if you run into errors. However, I have never run into a problem myself with that list, nor has anyone reported any bugs against M2Crypto because of that. Defaulting to TLSv1 should select a better cipher list than otherwise, but I would be a bit concerned about that in turn being an even bigger compatibility issue. I guess I could ask around.
I believe the attached patch provides the desired functionality. By default, the SSL library selects appropriate ciphers. If the user creates an SSLSocket with a cipher_list, the string is passed directly to SSL_CTX_set_cipher_list().
I had never seen this issue but committed almost exactly the same feature in r80151. The parameters is named "ciphers" rather than "cipher_list" and allows you to override the allowed ciphers when creating an SSL object. It will be available in Python 2.7 and 3.2. (note that OpenSSL itself defaults to what it considers strong ciphers, at least in the most recent versions)
History
Date
User
Action
Args
2022-04-11 14:56:37
admin
set
github: 47847
2010-04-20 20🔞06
pitrou
set
status: open -> closedversions: + Python 2.7, Python 3.2, - Python 2.6nosy: + pitroumessages: + resolution: out of date
