From d5b3e397e142ae60275fb89ea765423903e99bb6 Mon Sep 17 00:00:00 2001
From: Israel Nir <israel@Israel-Nirs-MacBook-Pro.local>
Date: Wed, 21 Aug 2013 13:42:30 +0300
Subject: adding cipher list selection option to BaseHandler

---
 netlib/tcp.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'netlib/tcp.py')

diff --git a/netlib/tcp.py b/netlib/tcp.py
index 31e9a398..f1496a32 100644
--- a/netlib/tcp.py
+++ b/netlib/tcp.py
@@ -266,7 +266,7 @@ class BaseHandler:
 
         self.clientcert = None
 
-    def convert_to_ssl(self, cert, key, method=SSLv23_METHOD, options=None, handle_sni=None, request_client_cert=False):
+    def convert_to_ssl(self, cert, key, method=SSLv23_METHOD, options=None, handle_sni=None, request_client_cert=False, cipher_list=None):
         """
             cert: A certutils.SSLCert object.
             method: One of SSLv2_METHOD, SSLv3_METHOD, SSLv23_METHOD, or TLSv1_METHOD
@@ -294,6 +294,8 @@ class BaseHandler:
         ctx = SSL.Context(method)
         if not options is None:
             ctx.set_options(options)
+        if cipher_list:
+            ctx.set_cipher_list(cipher_list)
         if handle_sni:
             # SNI callback happens during do_handshake()
             ctx.set_tlsext_servername_callback(handle_sni)
-- 
cgit v1.2.3