Mercurial Repositories > eric / file diff

diff: E5Network/E5SslUtilities.py

E5Network/E5SslUtilities.py

changeset 4348
fcb65da90a07
parent 4332
64034d85c709
child 4631
5c1a96925da4
--- a/E5Network/E5SslUtilities.py	Sat Aug 01 18:38:52 2015 +0200
+++ b/E5Network/E5SslUtilities.py	Sun Aug 02 15:24:56 2015 +0200
@@ -9,21 +9,22 @@
 
 from __future__ import unicode_literals
 
-from PyQt5.QtCore import qVersion
-
 
 def initSSL():
     """
     Function to initialize some global SSL stuff.
     """
-    if qVersion() < "5.3.0":
-        # Qt 5.3.0 and newer don't use weak ciphers anymore
-        try:
-            from PyQt5.QtNetwork import QSslSocket
-        except ImportError:
-            # no SSL available, so there is nothing to initialize
-            return
-        
-        strongCiphers = [c for c in QSslSocket.supportedCiphers()
-                         if c.usedBits() >= 128]
-        QSslSocket.setDefaultCiphers(strongCiphers)
+    blacklist = [
+        "SRP-AES-256-CBC-SHA",          # open to MitM
+        "SRP-AES-128-CBC-SHA",          # open to MitM
+    ]
+    
+    try:
+        from PyQt5.QtNetwork import QSslSocket
+    except ImportError:
+        # no SSL available, so there is nothing to initialize
+        return
+    
+    strongCiphers = [c for c in QSslSocket.supportedCiphers()
+                     if c.name() not in blacklist and c.usedBits() >= 128]
+    QSslSocket.setDefaultCiphers(strongCiphers)

Mercurial Repository: eric

eric ide

mercurial