def init(): """Disable insecure SSL ciphers on old Qt versions.""" if not qtutils.version_check("5.3.0"): # Disable weak SSL ciphers. # See https://codereview.qt-project.org/#/c/75943/ good_ciphers = [c for c in QSslSocket.supportedCiphers() if c.usedBits() >= 128] QSslSocket.setDefaultCiphers(good_ciphers)
def init(): """Disable insecure SSL ciphers on old Qt versions.""" if not qtutils.version_check('5.3.0'): # Disable weak SSL ciphers. # See https://codereview.qt-project.org/#/c/75943/ good_ciphers = [c for c in QSslSocket.supportedCiphers() if c.usedBits() >= 128] QSslSocket.setDefaultCiphers(good_ciphers)
def init(): """Disable insecure SSL ciphers on old Qt versions.""" default_ciphers = QSslSocket.defaultCiphers() log.init.debug("Default Qt ciphers: {}".format(', '.join( c.name() for c in default_ciphers))) good_ciphers = [] bad_ciphers = [] for cipher in default_ciphers: if _is_secure_cipher(cipher): good_ciphers.append(cipher) else: bad_ciphers.append(cipher) log.init.debug("Disabling bad ciphers: {}".format(', '.join( c.name() for c in bad_ciphers))) QSslSocket.setDefaultCiphers(good_ciphers)
def init(): """Disable insecure SSL ciphers on old Qt versions.""" default_ciphers = QSslSocket.defaultCiphers() log.init.debug("Default Qt ciphers: {}".format( ', '.join(c.name() for c in default_ciphers))) good_ciphers = [] bad_ciphers = [] for cipher in default_ciphers: if _is_secure_cipher(cipher): good_ciphers.append(cipher) else: bad_ciphers.append(cipher) log.init.debug("Disabling bad ciphers: {}".format( ', '.join(c.name() for c in bad_ciphers))) QSslSocket.setDefaultCiphers(good_ciphers)
def initSSL(): """ Function to initialize some global SSL stuff. """ blacklist = [ "SRP-AES-256-CBC-SHA", # open to MitM "SRP-AES-128-CBC-SHA", # open to MitM ] try: from PyQt5.QtNetwork import QSslSocket except ImportError: # no SSL available, so there is nothing to initialize return strongCiphers = [c for c in QSslSocket.supportedCiphers() if c.name() not in blacklist and c.usedBits() >= 128] QSslSocket.setDefaultCiphers(strongCiphers)
def init(): """Disable insecure SSL ciphers on old Qt versions.""" if qtutils.version_check("5.3.0"): default_ciphers = QSslSocket.defaultCiphers() log.init.debug("Default Qt ciphers: {}".format(", ".join(c.name() for c in default_ciphers))) else: # https://codereview.qt-project.org/#/c/75943/ default_ciphers = QSslSocket.supportedCiphers() log.init.debug("Supported Qt ciphers: {}".format(", ".join(c.name() for c in default_ciphers))) good_ciphers = [] bad_ciphers = [] for cipher in default_ciphers: if _is_secure_cipher(cipher): good_ciphers.append(cipher) else: bad_ciphers.append(cipher) log.init.debug("Disabling bad ciphers: {}".format(", ".join(c.name() for c in bad_ciphers))) QSslSocket.setDefaultCiphers(good_ciphers)
def initSSL(): """ Function to initialize some global SSL stuff. """ blacklist = [ "SRP-AES-256-CBC-SHA", # open to MitM "SRP-AES-128-CBC-SHA", # open to MitM ] try: from PyQt5.QtNetwork import QSslSocket except ImportError: # no SSL available, so there is nothing to initialize return strongCiphers = [ c for c in QSslSocket.supportedCiphers() if c.name() not in blacklist and c.usedBits() >= 128 ] QSslSocket.setDefaultCiphers(strongCiphers)
def init(): """Disable insecure SSL ciphers on old Qt versions.""" if qtutils.version_check('5.3.0'): default_ciphers = QSslSocket.defaultCiphers() log.init.debug("Default Qt ciphers: {}".format(', '.join( c.name() for c in default_ciphers))) else: # https://codereview.qt-project.org/#/c/75943/ default_ciphers = QSslSocket.supportedCiphers() log.init.debug("Supported Qt ciphers: {}".format(', '.join( c.name() for c in default_ciphers))) good_ciphers = [] bad_ciphers = [] for cipher in default_ciphers: if _is_secure_cipher(cipher): good_ciphers.append(cipher) else: bad_ciphers.append(cipher) log.init.debug("Disabling bad ciphers: {}".format(', '.join( c.name() for c in bad_ciphers))) QSslSocket.setDefaultCiphers(good_ciphers)