0

This is from the ssl.py file from python2.7.12.

context = SSLContext(PROTOCOL_SSLv23)

# SSLv2 considered harmful.
context.options |= OP_NO_SSLv2

# SSLv3 has problematic security and is only required for really old
# clients such as IE6 on Windows XP
context.options |= OP_NO_SSLv3

I am not sure how to read this, can anyone shed some light on what this means? Does it mean that support any protocol other than SSLv2 and SSLv3?

Also, if setting the context this way results in failure in establishing communication between client and server and just setting the context using SSLContext(PROTOCOL_SSLv23) and not updating the context.options results in establishing the communication successfully then does it mean that the server only supports SSLv2 and SSLv3? Is there an easier way to find out which protocols does the server support? I am trying to run the openssl ciphers command but not able to understand it.

Appreciate your help on this.

Improve this question
2
  • It will be a lot simpler to use a dedicated utility for this. There are a few listed here: superuser.com/questions/109213/… Commented Jul 13, 2016 at 3:36
  • Thanks @BurhanKhalid will take a look at that. Could you comment on the first part of the question, whether what I have stated is correct or not? Commented Jul 13, 2016 at 3:50

1 Answer 1

Reset to default
1

I am not sure how to read this, can anyone shed some light on what this means? Does it mean that support any protocol other than SSLv2 and SSLv3?

It means block support for SSLv2 and SSLv3

The |= is a bitwise operator, you can think of it as +=

Is there an easier way to find out which protocols does the server support?

There are lots of command line utilities that can help with this. Over at superuser they have a nice summary of a few options at https://superuser.com/questions/109213/how-do-i-list-the-ssl-tls-cipher-suites-a-particular-website-offers

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.