New submission from Christian Heimes <li...@cheimes.de>: The definition and configuration of TLS 1.3 cipher suites has changed during the development phase of OpenSSL 1.1.1. The cipher suites are no longer prefixed with "TLS13-". TLS 1.3 are always enabled and can no longer be disabled with SSLContext.set_ciphers() / SSL_CTX_set_cipher_list(). Instead the suites are now configured with SSL_CTX_set_ciphersuites(). See https://github.com/openssl/openssl/pull/5392
For now I'm not going to expose the new API. Instead I'll update the documentation and tests for 2.7 to 3.8 with new names. I'll also mention that TLS 1.3 suites will be always available with OpenSSL 1.1.1. ---------- assignee: christian.heimes components: SSL messages: 317027 nosy: alex, benjamin.peterson, christian.heimes, dstufft, janssen, ned.deily priority: high severity: normal stage: test needed status: open title: OpenSSL 1.1.1 / TLS 1.3 cipher suite changes type: behavior versions: Python 2.7, Python 3.6, Python 3.7, Python 3.8 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue33570> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
