mirror of
https://github.com/licsber/micropython.git
synced 2024-09-20 00:50:24 +08:00
extmod/modssl_mbedtls: Fix cipher iteration in SSLContext.get_ciphers.
Prior to this commit it would skip every second cipher returned from mbedtls. The corresponding test is also updated and now passes on esp32, rp2, stm32 and unix. Signed-off-by: Damien George <damien@micropython.org>
This commit is contained in:
parent
46e833b071
commit
d5b96813dc
@ -311,10 +311,6 @@ STATIC mp_obj_t ssl_context_get_ciphers(mp_obj_t self_in) {
|
|||||||
for (const int *cipher_list = mbedtls_ssl_list_ciphersuites(); *cipher_list; ++cipher_list) {
|
for (const int *cipher_list = mbedtls_ssl_list_ciphersuites(); *cipher_list; ++cipher_list) {
|
||||||
const char *cipher_name = mbedtls_ssl_get_ciphersuite_name(*cipher_list);
|
const char *cipher_name = mbedtls_ssl_get_ciphersuite_name(*cipher_list);
|
||||||
mp_obj_list_append(list, MP_OBJ_FROM_PTR(mp_obj_new_str(cipher_name, strlen(cipher_name))));
|
mp_obj_list_append(list, MP_OBJ_FROM_PTR(mp_obj_new_str(cipher_name, strlen(cipher_name))));
|
||||||
cipher_list++;
|
|
||||||
if (!*cipher_list) {
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
return list;
|
return list;
|
||||||
}
|
}
|
||||||
|
@ -12,7 +12,9 @@ ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
|
|||||||
ciphers = ctx.get_ciphers()
|
ciphers = ctx.get_ciphers()
|
||||||
|
|
||||||
for ci in ciphers:
|
for ci in ciphers:
|
||||||
print(ci)
|
# Only print those ciphers know to exist on all ports.
|
||||||
|
if ("TLS-ECDHE-ECDSA-WITH-AES" in ci or "TLS-RSA-WITH-AES" in ci) and "CBC" in ci:
|
||||||
|
print(ci)
|
||||||
|
|
||||||
ctx.set_ciphers(ciphers[:1])
|
ctx.set_ciphers(ciphers[:1])
|
||||||
|
|
||||||
|
@ -1,6 +1,10 @@
|
|||||||
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
|
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
|
||||||
|
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
|
||||||
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
|
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
|
||||||
|
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
|
||||||
TLS-RSA-WITH-AES-256-CBC-SHA256
|
TLS-RSA-WITH-AES-256-CBC-SHA256
|
||||||
|
TLS-RSA-WITH-AES-256-CBC-SHA
|
||||||
TLS-RSA-WITH-AES-128-CBC-SHA256
|
TLS-RSA-WITH-AES-128-CBC-SHA256
|
||||||
|
TLS-RSA-WITH-AES-128-CBC-SHA
|
||||||
object 'str' isn't a tuple or list
|
object 'str' isn't a tuple or list
|
||||||
(-24192, 'MBEDTLS_ERR_SSL_BAD_CONFIG')
|
(-24192, 'MBEDTLS_ERR_SSL_BAD_CONFIG')
|
||||||
|
Loading…
Reference in New Issue
Block a user