def init():
"""Disable insecure SSL ciphers on old Qt versions."""
if not qtutils.version_check("5.3.0"):
# Disable weak SSL ciphers.
# See https://codereview.qt-project.org/#/c/75943/
good_ciphers = [c for c in QSslSocket.supportedCiphers() if c.usedBits() >= 128]
QSslSocket.setDefaultCiphers(good_ciphers)
def init():
"""Disable insecure SSL ciphers on old Qt versions."""
if not qtutils.version_check('5.3.0'):
# Disable weak SSL ciphers.
# See https://codereview.qt-project.org/#/c/75943/
good_ciphers = [c for c in QSslSocket.supportedCiphers()
if c.usedBits() >= 128]
QSslSocket.setDefaultCiphers(good_ciphers)
def init():
"""Disable insecure SSL ciphers on old Qt versions."""
default_ciphers = QSslSocket.defaultCiphers()
log.init.debug("Default Qt ciphers: {}".format(', '.join(
c.name() for c in default_ciphers)))
good_ciphers = []
bad_ciphers = []
for cipher in default_ciphers:
if _is_secure_cipher(cipher):
good_ciphers.append(cipher)
else:
bad_ciphers.append(cipher)
log.init.debug("Disabling bad ciphers: {}".format(', '.join(
c.name() for c in bad_ciphers)))
QSslSocket.setDefaultCiphers(good_ciphers)
def init():
"""Disable insecure SSL ciphers on old Qt versions."""
default_ciphers = QSslSocket.defaultCiphers()
log.init.debug("Default Qt ciphers: {}".format(
', '.join(c.name() for c in default_ciphers)))
good_ciphers = []
bad_ciphers = []
for cipher in default_ciphers:
if _is_secure_cipher(cipher):
good_ciphers.append(cipher)
else:
bad_ciphers.append(cipher)
log.init.debug("Disabling bad ciphers: {}".format(
', '.join(c.name() for c in bad_ciphers)))
QSslSocket.setDefaultCiphers(good_ciphers)
def initSSL():
"""
Function to initialize some global SSL stuff.
"""
blacklist = [
"SRP-AES-256-CBC-SHA", # open to MitM
"SRP-AES-128-CBC-SHA", # open to MitM
]
try:
from PyQt5.QtNetwork import QSslSocket
except ImportError:
# no SSL available, so there is nothing to initialize
return
strongCiphers = [c for c in QSslSocket.supportedCiphers()
if c.name() not in blacklist and c.usedBits() >= 128]
QSslSocket.setDefaultCiphers(strongCiphers)
def init():
"""Disable insecure SSL ciphers on old Qt versions."""
if qtutils.version_check("5.3.0"):
default_ciphers = QSslSocket.defaultCiphers()
log.init.debug("Default Qt ciphers: {}".format(", ".join(c.name() for c in default_ciphers)))
else:
# https://codereview.qt-project.org/#/c/75943/
default_ciphers = QSslSocket.supportedCiphers()
log.init.debug("Supported Qt ciphers: {}".format(", ".join(c.name() for c in default_ciphers)))
good_ciphers = []
bad_ciphers = []
for cipher in default_ciphers:
if _is_secure_cipher(cipher):
good_ciphers.append(cipher)
else:
bad_ciphers.append(cipher)
log.init.debug("Disabling bad ciphers: {}".format(", ".join(c.name() for c in bad_ciphers)))
QSslSocket.setDefaultCiphers(good_ciphers)
def initSSL():
"""
Function to initialize some global SSL stuff.
"""
blacklist = [
"SRP-AES-256-CBC-SHA", # open to MitM
"SRP-AES-128-CBC-SHA", # open to MitM
]
try:
from PyQt5.QtNetwork import QSslSocket
except ImportError:
# no SSL available, so there is nothing to initialize
return
strongCiphers = [
c for c in QSslSocket.supportedCiphers()
if c.name() not in blacklist and c.usedBits() >= 128
]
QSslSocket.setDefaultCiphers(strongCiphers)
def init():
"""Disable insecure SSL ciphers on old Qt versions."""
if qtutils.version_check('5.3.0'):
default_ciphers = QSslSocket.defaultCiphers()
log.init.debug("Default Qt ciphers: {}".format(', '.join(
c.name() for c in default_ciphers)))
else:
# https://codereview.qt-project.org/#/c/75943/
default_ciphers = QSslSocket.supportedCiphers()
log.init.debug("Supported Qt ciphers: {}".format(', '.join(
c.name() for c in default_ciphers)))
good_ciphers = []
bad_ciphers = []
for cipher in default_ciphers:
if _is_secure_cipher(cipher):
good_ciphers.append(cipher)
else:
bad_ciphers.append(cipher)
log.init.debug("Disabling bad ciphers: {}".format(', '.join(
c.name() for c in bad_ciphers)))
QSslSocket.setDefaultCiphers(good_ciphers)
