Split ciphers up to individual lines.

author: Cory Benfield <lukasaoz@gmail.com> 2016-08-15 14:50:51 +0100
committer: Cory Benfield <lukasaoz@gmail.com> 2016-08-15 14:50:51 +0100
commit: 4a15efa7c954abfd6575591c0504265d2703b446 (patch)
tree: 7af81d3c6a44e01bf677650659adc2c22a5cb8f1
parent: 86d5e24639e91a5d30511833bf6b04daba792180 (diff)
download: urllib3-4a15efa7c954abfd6575591c0504265d2703b446.tar.gz
1 files changed, 21 insertions, 5 deletions
diff --git a/urllib3/util/ssl_.py b/urllib3/util/ssl_.py
index 2baf0b5f..1aa46d81 100644
--- a/urllib3/util/ssl_.py
+++ b/urllib3/util/ssl_.py
@@ -67,11 +67,27 @@ except ImportError:
 # - prefer AES-GCM over ChaCha20 because hardware-accelerated AES is common,
 # - use 3DES as fallback which is secure but slow,
 # - disable NULL authentication, MD5 MACs and DSS for security reasons.
-DEFAULT_CIPHERS = (
-    'ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:DH+AES256:'
-    'ECDH+AES128:DH+AES:ECDH+HIGH:DH+HIGH:ECDH+3DES:DH+3DES:RSA+AESGCM:'
-    'RSA+AES:RSA+HIGH:RSA+3DES:!aNULL:!eNULL:!MD5'
-)
+DEFAULT_CIPHERS = ':'.join([
+    'ECDH+AESGCM',
+    'ECDH+CHACHA20',
+    'DH+AESGCM',
+    'DH+CHACHA20',
+    'ECDH+AES256',
+    'DH+AES256',
+    'ECDH+AES128',
+    'DH+AES',
+    'ECDH+HIGH',
+    'DH+HIGH',
+    'ECDH+3DES',
+    'DH+3DES',
+    'RSA+AESGCM',
+    'RSA+AES',
+    'RSA+HIGH',
+    'RSA+3DES',
+    '!aNULL',
+    '!eNULL',
+    '!MD5',
+])
 
 try:
     from ssl import SSLContext  # Modern SSL?
author	Cory Benfield <lukasaoz@gmail.com>	2016-08-15 14:50:51 +0100
committer	Cory Benfield <lukasaoz@gmail.com>	2016-08-15 14:50:51 +0100
commit	4a15efa7c954abfd6575591c0504265d2703b446 (patch)
tree	7af81d3c6a44e01bf677650659adc2c22a5cb8f1
parent	86d5e24639e91a5d30511833bf6b04daba792180 (diff)
download	urllib3-4a15efa7c954abfd6575591c0504265d2703b446.tar.gz