You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
ciphers="EECDH+ECDSA+SHA384"# my customized ciphers_socket=eventlet.listen((ip, int(port)), family)
_socket=eventlet.wrap_ssl(_socket,
certfile='/path/to/cert',
keyfile='/path/to/key',
server_side=True,
do_handshake_on_connect=False,
ssl_version=ssl.PROTOCOL_TLSv1_2,
ciphers=ciphers)
# some other stuff to start the server
Then I scanned the server with nmap to list the cipher suites used by this server. It comes out that the result is not what I passed to eventlet.wrap_ssl, but rather the default cipher suites defined in Python standard ssl.py library.
After digging into the code for a whole day, finally I got to the GreenSSLSocket.accept() method in eventlet/green/ssl.py:
the "ciphers" argument is not passed when constructing the new_ssl object, That's why the cipher setting passed to eventlet.wrap_ssl seems to not working at all!
After I modified the above code as below, the problem is solved.
If I initialize a green socket as below:
Then I scanned the server with nmap to list the cipher suites used by this server. It comes out that the result is not what I passed to
eventlet.wrap_ssl
, but rather the default cipher suites defined in Python standard ssl.py library.After digging into the code for a whole day, finally I got to the
GreenSSLSocket.accept()
method in eventlet/green/ssl.py:the "ciphers" argument is not passed when constructing the new_ssl object, That's why the cipher setting passed to eventlet.wrap_ssl seems to not working at all!
After I modified the above code as below, the problem is solved.
The text was updated successfully, but these errors were encountered: