def getContext(self):
"""Return a SSL.Context object. override in subclasses."""
ssl_context_factory = ssl.DefaultOpenSSLContextFactory(PARLAY_PATH+'/keys/broker.key',
PARLAY_PATH+'/keys/broker.crt')
# We only want to use 'High' and 'Medium' ciphers, not 'Weak' ones. We want *actual* security here.
ssl_context = ssl_context_factory.getContext()
# perfect forward secrecy ciphers
ssl_context.set_cipher_list('EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH' +
'+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL' +
'!eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS')
return ssl_context
评论列表
文章目录
