diff --git a/Doc/whatsnew/3.7.rst b/Doc/whatsnew/3.7.rst
@@ -623,6 +623,12 @@ wildcard matching disabled by default.
(Contributed by Mandeep Singh in :issue:`23033` and Christian Heimes in
:issue:`31399`.)

string
------


diff --git a/Lib/ssl.py b/Lib/ssl.py
@@ -115,6 +115,7 @@


from _ssl import HAS_SNI, HAS_ECDH, HAS_NPN, HAS_ALPN, HAS_TLSv1_3
from _ssl import _OPENSSL_API_VERSION


@@ -174,48 +175,7 @@
HAS_NEVER_CHECK_COMMON_NAME = hasattr(_ssl, 'HOSTFLAG_NEVER_CHECK_SUBJECT')


-# Disable weak or insecure ciphers by default
-# (OpenSSL's default setting is 'DEFAULT:!aNULL:!eNULL')
-# Enable a better set of ciphers by default
-# This list has been explicitly chosen to:
-#   * TLS 1.3 ChaCha20 and AES-GCM cipher suites
-#   * Prefer cipher suites that offer perfect forward secrecy (DHE/ECDHE)
-#   * Prefer ECDHE over DHE for better performance
-#   * Prefer AEAD over CBC for better performance and security
-#   * Prefer AES-GCM over ChaCha20 because most platforms have AES-NI
-#     (ChaCha20 needs OpenSSL 1.1.0 or patched 1.0.2)
-#   * Prefer any AES-GCM and ChaCha20 over any AES-CBC for better
-#     performance and security
-#   * Then Use HIGH cipher suites as a fallback
-#   * Disable NULL authentication, NULL encryption, 3DES and MD5 MACs
-#     for security reasons
-_DEFAULT_CIPHERS = (
-    'TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:'
-    'TLS13-AES-128-GCM-SHA256:'
-    'ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:DH+AES256:'
-    'ECDH+AES128:DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:RSA+AES:RSA+HIGH:'
-    '!aNULL:!eNULL:!MD5:!3DES'
-    )
-
-# Restricted and more secure ciphers for the server side
-# This list has been explicitly chosen to:
-#   * TLS 1.3 ChaCha20 and AES-GCM cipher suites
-#   * Prefer cipher suites that offer perfect forward secrecy (DHE/ECDHE)
-#   * Prefer ECDHE over DHE for better performance
-#   * Prefer AEAD over CBC for better performance and security
-#   * Prefer AES-GCM over ChaCha20 because most platforms have AES-NI
-#   * Prefer any AES-GCM and ChaCha20 over any AES-CBC for better
-#     performance and security
-#   * Then Use HIGH cipher suites as a fallback
-#   * Disable NULL authentication, NULL encryption, MD5 MACs, DSS, RC4, and
-#     3DES for security reasons
-_RESTRICTED_SERVER_CIPHERS = (
-    'TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:'
-    'TLS13-AES-128-GCM-SHA256:'
-    'ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:DH+AES256:'
-    'ECDH+AES128:DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:RSA+AES:RSA+HIGH:'
-    '!aNULL:!eNULL:!MD5:!DSS:!RC4:!3DES'
-)

CertificateError = SSLCertVerificationError

@@ -393,8 +353,6 @@ class SSLContext(_SSLContext):

    def __new__(cls, protocol=PROTOCOL_TLS, *args, **kwargs):
        self = _SSLContext.__new__(cls, protocol)
-        if protocol != _SSLv2_IF_EXISTS:
-            self.set_ciphers(_DEFAULT_CIPHERS)
        return self

    def __init__(self, protocol=PROTOCOL_TLS):
@@ -530,8 +488,6 @@ def create_default_context(purpose=Purpose.SERVER_AUTH, *, cafile=None,
        # verify certs and host name in client mode
        context.verify_mode = CERT_REQUIRED
        context.check_hostname = True
-    elif purpose == Purpose.CLIENT_AUTH:
-        context.set_ciphers(_RESTRICTED_SERVER_CIPHERS)

    if cafile or capath or cadata:
        context.load_verify_locations(cafile, capath, cadata)

diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
@@ -18,6 +18,7 @@
import weakref
import platform
import functools
try:
    import ctypes
except ImportError:
@@ -30,7 +31,7 @@
HOST = support.HOST
IS_LIBRESSL = ssl.OPENSSL_VERSION.startswith('LibreSSL')
IS_OPENSSL_1_1 = not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 0)
-

def data_file(*name):
    return os.path.join(os.path.dirname(__file__), *name)
@@ -936,6 +937,19 @@ def test_ciphers(self):
        with self.assertRaisesRegex(ssl.SSLError, "No cipher can be selected"):
            ctx.set_ciphers("^$:,;?*'dorothyx")

    @unittest.skipIf(ssl.OPENSSL_VERSION_INFO < (1, 0, 2, 0, 0), 'OpenSSL too old')
    def test_get_ciphers(self):
        ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)

diff --git a/Modules/_ssl.c b/Modules/_ssl.c
@@ -234,6 +234,31 @@ SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)

#endif /* OpenSSL < 1.1.0 or LibreSSL */


enum py_ssl_error {
    /* these mirror ssl.h */
@@ -2873,7 +2898,12 @@ _ssl__SSLContext_impl(PyTypeObject *type, int proto_version)
    /* A bare minimum cipher list without completely broken cipher suites.
     * It's far from perfect but gives users a better head start. */
    if (proto_version != PY_SSL_VERSION_SSL2) {
-        result = SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!eNULL:!MD5");
    } else {
        /* SSLv2 needs MD5 */
        result = SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!eNULL");
@@ -5430,6 +5460,9 @@ PyInit__ssl(void)
                             (PyObject *)&PySSLSession_Type) != 0)
        return NULL;

    PyModule_AddIntConstant(m, "SSL_ERROR_ZERO_RETURN",
                            PY_SSL_ERROR_ZERO_RETURN);
    PyModule_AddIntConstant(m, "SSL_ERROR_WANT_READ",

diff --git a/configure b/configure
@@ -840,6 +840,7 @@ enable_big_digits
with_computed_gotos
with_ensurepip
with_openssl
'
      ac_precious_vars='build_alias
host_alias
@@ -1538,6 +1539,11 @@ Optional Packages:
  --with(out)-ensurepip=[=upgrade]
                          "install" or "upgrade" using bundled pip
  --with-openssl=DIR      root of the OpenSSL directory

Some influential environment variables:
  MACHDEP     name for machine-dependent library files
@@ -16931,6 +16937,48 @@ $as_echo "#define HAVE_X509_VERIFY_PARAM_SET1_HOST 1" >>confdefs.h
    LIBS="$save_LIBS"
fi

# generate output files
ac_config_files="$ac_config_files Makefile.pre Misc/python.pc Misc/python-config.sh"


diff --git a/pyconfig.h.in b/pyconfig.h.in
@@ -1311,6 +1311,13 @@
/* Define to printf format modifier for Py_ssize_t */
#undef PY_FORMAT_SIZE_T

/* Define to emit a locale compatibility warning in the C locale */
#undef PY_WARN_ON_C_LOCALE
-Original file line number
+Diff line change
@@ Expand Up / @@ -623,6 +623,12 @@ wildcard matching disabled by default. @@
     (Contributed by Mandeep Singh in :issue:`23033` and Christian Heimes in
     :issue:`31399`.)
     string
     ------
@@ Expand Down @@