Skip to content

GitLab

M
micropython
Commit 2531a152 authored by Damien George's avatar Damien George
Browse files
Options

extmod/modssl_mbedtls: Fix cipher iteration in SSLContext.get_ciphers. 

Prior to this commit it would skip every second cipher returned from
mbedtls.

The corresponding test is also updated and now passes on esp32, rp2, stm32
and unix.
Signed-off-by: default avatarDamien George <damien@micropython.org>
parent 8b6e89a8
Hide whitespace changes
Inline Side-by-side
Showing with 7 additions and 5 deletions
extmod/modssl_mbedtls.c
View file @ 2531a152
......@@ -311,10 +311,6 @@ STATIC mp_obj_t ssl_context_get_ciphers(mp_obj_t self_in) {
for (const int *cipher_list = mbedtls_ssl_list_ciphersuites(); *cipher_list; ++cipher_list) {
const char *cipher_name = mbedtls_ssl_get_ciphersuite_name(*cipher_list);
mp_obj_list_append(list, MP_OBJ_FROM_PTR(mp_obj_new_str(cipher_name, strlen(cipher_name))));
cipher_list++;
if (!*cipher_list) {
break;
}
}
return list;
}
......
tests/extmod/ssl_sslcontext_ciphers.py
View file @ 2531a152
......@@ -12,7 +12,9 @@ ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
ciphers = ctx.get_ciphers()
for ci in ciphers:
print(ci)
# Only print those ciphers know to exist on all ports.
if ("TLS-ECDHE-ECDSA-WITH-AES" in ci or "TLS-RSA-WITH-AES" in ci) and "CBC" in ci:
print(ci)
ctx.set_ciphers(ciphers[:1])
......
tests/extmod/ssl_sslcontext_ciphers.py.exp
View file @ 2531a152
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
TLS-RSA-WITH-AES-256-CBC-SHA256
TLS-RSA-WITH-AES-256-CBC-SHA
TLS-RSA-WITH-AES-128-CBC-SHA256
TLS-RSA-WITH-AES-128-CBC-SHA
object 'str' isn't a tuple or list
(-24192, 'MBEDTLS_ERR_SSL_BAD_CONFIG')
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment