Add ability to TLS 1.3 cipher suites on SSL Context #1432
Conversation
|
Needs test + changelog entry. |
schwabe
force-pushed
the
set_tls13_ciphersuites
branch
from
0f13c17 to
406e319
Compare
|
should be possible to rebase on main to resolve the CI issues |
schwabe
force-pushed
the
set_tls13_ciphersuites
branch
2 times, most recently
from
182450c to
c6fe5df
Compare
src/OpenSSL/SSL.py
Outdated
|
|
||
| .. versionadded:: 25.2.0 | ||
| """ | ||
| ciphersuites = _text_to_bytes_and_warn("ciphersuites", ciphersuites) |
There was a problem hiding this comment.
No warning for new APIs, we should strictly enforce types.
tests/test_ssl.py
Outdated
| ) | ||
| def test_set_cipher_list( | ||
| def test_set_ciphersuites( |
There was a problem hiding this comment.
We need tests for both, you can't get rid of the old test.
There was a problem hiding this comment.
my mistake I copied the old and then messed up the existing one.
schwabe
force-pushed
the
set_tls13_ciphersuites
branch
3 times, most recently
from
07815b9 to
09a3e1f
Compare
src/OpenSSL/SSL.py
Outdated
| @@ -1501,6 +1504,29 @@ def set_cipher_list(self, cipher_list: bytes) -> None: | |||
| ], | |||
| ) | |||
|
|
|||
| @_require_not_used | |||
| def set_ciphersuites(self, ciphersuites: bytes) -> None: | |||
There was a problem hiding this comment.
@reaperhulk should this be set_tls13_ciphersuites, or just match the OpenSSL name?
There was a problem hiding this comment.
Yeah, I think we should put tls13 in there even though it's inconsistent with OpenSSL itself. Marginally less confusing to consumers or people reading code who haven't memorized the docstrings for every function.
There was a problem hiding this comment.
I changed the PR to add the tls13 in there. I hope we don't have to rename it again when TLS 1.4/2.0 comes out
schwabe
force-pushed
the
set_tls13_ciphersuites
branch
from
09a3e1f to
39218cf
Compare
No description provided.