-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding custom cipher list to serverFromString #12134
Comments
Thanks for the report. I am not sure that In all my use cases, I am using Can you suggest what would be the expected string that will include custom ciphers? OpensSSL cipher configuration is something like this
Feel free to summit a PR with a possible solution for this. Regards |
Design-wise, any static configuration like this should be doable from the Twisted-provided plugins for (I will say that for most users we should be providing good defaults and strongly encouraging usage of those defaults so we can evolve them to be up-to-date in terms of consensus security practices, but it sounds like @KaviHarjani has a very clear and specific idea of what they want here) |
Hey guys this is my first open-source contribution Could you guys help me here |
thank you @KaviHarjani ! |
The failures that you are pointing at are not on Windows & macOS, they are failures on every platform that runs with SSL. The message, |
Is your feature request related to a problem? Please describe.
I have to limit the cipher from which requests could be accepted even in Tls1.2 and I was able to do it by getting the context from 'ssl.DefaultOpenSslContextFactory'
And setting the option using set_cipher_list
Describe the solution you'd like
I would like to set that while using serverFromString or after or before that before running the reactor
Since Daphne is using serverFromString this would be a good addition
Describe alternatives you've considered
I have considered making my own server to serve it and limit the cipher list but will have to migrate from Daphne to twisted
And not sure if any functionality would break doing that
The text was updated successfully, but these errors were encountered: