MCPcopy Index your code
hub / github.com/mitmproxy/mitmproxy / _default_ciphers

Function _default_ciphers

mitmproxy/addons/tlsconfig.py:66–76  ·  view source on GitHub ↗

@SECLEVEL=0 is necessary for TLS 1.1 and below to work, see https://github.com/pyca/cryptography/issues/9523

(
    min_tls_version: net_tls.Version,
)

Source from the content-addressed store, hash-verified

64
65
66def _default_ciphers(
67 min_tls_version: net_tls.Version,
68) -> tuple[str, ...]:
69 """
70 @SECLEVEL=0 is necessary for TLS 1.1 and below to work,
71 see https://github.com/pyca/cryptography/issues/9523
72 """
73 if min_tls_version in net_tls.INSECURE_TLS_MIN_VERSIONS:
74 return _DEFAULT_CIPHERS_WITH_SECLEVEL_0
75 else:
76 return _DEFAULT_CIPHERS
77
78
79# 2022/05: X509_CHECK_FLAG_NEVER_CHECK_SUBJECT is not available in LibreSSL, ignore gracefully as it's not critical.

Callers 2

tls_start_clientMethod · 0.85
tls_start_serverMethod · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…