CODEWITHSUNDEEP
python-2.7sslopensslprotocols
randomuser15995183
randomuser15995183

Reputation: 251

context.option setting in ssl.py

This is from the ssl.py file from python2.7.12.

context = SSLContext(PROTOCOL_SSLv23)

# SSLv2 considered harmful.
context.options |= OP_NO_SSLv2

# SSLv3 has problematic security and is only required for really old
# clients such as IE6 on Windows XP
context.options |= OP_NO_SSLv3

I am not sure how to read this, can anyone shed some light on what this means? Does it mean that support any protocol other than SSLv2 and SSLv3?

Also, if setting the context this way results in failure in establishing communication between client and server and just setting the context using SSLContext(PROTOCOL_SSLv23) and not updating the context.options results in establishing the communication successfully then does it mean that the server only supports SSLv2 and SSLv3? Is there an easier way to find out which protocols does the server support? I am trying to run the openssl ciphers command but not able to understand it.

Appreciate your help on this.

Upvotes: 0

Views: 712

Answers (1)

Burhan Khalid
Burhan Khalid

Reputation: 174662

I am not sure how to read this, can anyone shed some light on what this means? Does it mean that support any protocol other than SSLv2 and SSLv3?

It means block support for SSLv2 and SSLv3

The |= is a bitwise operator, you can think of it as +=

Is there an easier way to find out which protocols does the server support?

There are lots of command line utilities that can help with this. Over at superuser they have a nice summary of a few options at https://superuser.com/questions/109213/how-do-i-list-the-ssl-tls-cipher-suites-a-particular-website-offers

Upvotes: 1

Related Questions