Tls1.2 support #535
Comments
|
Hello there.
I think this should work (not tested):
from OpenSSL import SSL
from pyftpdlib.authorizers import DummyAuthorizer
from pyftpdlib.handlers import TLS_FTPHandler
from pyftpdlib.servers import FTPServer
authorizer = DummyAuthorizer()
authorizer.add_anonymous('.')
handler = TLS_FTPHandler
handler.certfile = "/path/to/certfile.pem"
handler.authorizer = authorizer
handler.ssl_protocol = SSL.TLSv1_2_METHOD
server = FTPServer(('', 2121), handler)
server.serve_forever()
Also, as a note the self: the current default is SSL.SSLv23_METHOD. That is
probably too old. I'm going to file an issue on the tracker.
…On Fri, Jul 3, 2020 at 5:12 PM sourabhyadavgit ***@***.***> wrote:
Does this supports tls1.2?
When trying updating with ssl_protocol to ssl.protocol_TLSv1_2 its failing
to connect with clients with tls1.2.
When set back to 1.0 works fine with clients.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#535>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAFGKLFN4JAKIA23TXK5I6LRZXYMJANCNFSM4OP4OZJQ>
.
--
Giampaolo - gmpy.dev <https://gmpy.dev/about>
|
|
Thanks a lot giampolo 👍 it worked |
|
Hi, I dig into an issue where files uploaded to pyftpdlib with lftp 4.8.4 / GnuTLS 3.7.1 (debian stable) where truncated above a certain size. I guess lftp/gnutls doesn't handle correctly SSLv23_METHOD Using TLSv1_2_METHOD fixed the issue. Maybe this should become the default ? I'm not an TLS/SSL expert but it seems to me that TLSv1.2 should always be preferred now. |
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Does this supports tls1.2?
When trying updating with ssl_protocol to ssl.protocol_TLSv1_2 its failing to connect with clients with tls1.2.
When set back to 1.0 works fine with clients.
The text was updated successfully, but these errors were encountered: