Add a configurable way of setting cipher suites

And put reasonable defaults
author: Mathieu Pasquet <mathieui@mathieui.net> 2014-01-15 18:28:23 +0100
committer: mathieui <mathieui@mathieui.net> 2014-02-13 00:50:32 +0100
commit: 05a9e03d5392103e2e17b0d3da58532ef5b3f671 (patch)
tree: 7123242ce8f943ee4f98e2a6dbf44e15cb1ca906 /src/connection.py
parent: 7e3efccb537ae11e9550ddf14ea6ca4ba472804a (diff)
download: poezio-05a9e03d5392103e2e17b0d3da58532ef5b3f671.tar.gz
poezio-05a9e03d5392103e2e17b0d3da58532ef5b3f671.tar.bz2
poezio-05a9e03d5392103e2e17b0d3da58532ef5b3f671.tar.xz
poezio-05a9e03d5392103e2e17b0d3da58532ef5b3f671.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/src/connection.py b/src/connection.py
index b60f3b71..fed43d88 100644
--- a/src/connection.py
+++ b/src/connection.py
@@ -61,6 +61,9 @@ class Connection(sleekxmpp.ClientXMPP):
         self.auto_reconnect = True if config.get('auto_reconnect', 'false').lower() in ('true', '1') else False
         self.reconnect_max_attempts = 0
         self.auto_authorize = None
+        # prosody defaults, lowest is AES128-SHA, it should be a minimum
+        # for anything that came out after 2002
+        self.ciphers = config.get('ciphers', 'HIGH+kEDH:HIGH+kEECDH:HIGH:!PSK:!SRP:!3DES:!aNULL')
         self.ca_certs = config.get('ca_cert_path', '') or None
         interval = config.get('whitespace_interval', '300')
         if interval.isdecimal() and int(interval) > 0:
author	Mathieu Pasquet <mathieui@mathieui.net>	2014-01-15 18:28:23 +0100
committer	mathieui <mathieui@mathieui.net>	2014-02-13 00:50:32 +0100
commit	05a9e03d5392103e2e17b0d3da58532ef5b3f671 (patch)
tree	7123242ce8f943ee4f98e2a6dbf44e15cb1ca906 /src/connection.py
parent	7e3efccb537ae11e9550ddf14ea6ca4ba472804a (diff)
download	poezio-05a9e03d5392103e2e17b0d3da58532ef5b3f671.tar.gz poezio-05a9e03d5392103e2e17b0d3da58532ef5b3f671.tar.bz2 poezio-05a9e03d5392103e2e17b0d3da58532ef5b3f671.tar.xz poezio-05a9e03d5392103e2e17b0d3da58532ef5b3f671.zip