ssl - Python pyOpenssl 服务器不协商 TLS 1.3

Question

我很难与 pyOpenssl 服务器协商 TLS 1.3。我使用openssl s_client(支持1.3)连接到服务器没有运气。但是，服务器适用于 TLS 1.2 及更低版本。
你能帮我看看我错过了什么吗？提前致谢!

tls_server.py
-------------

import socket
from OpenSSL import SSL
sslctx = SSL.Context(SSL.TLSv1_2_METHOD)
sslctx.set_options(SSL.OP_NO_TLSv1_2 | SSL.OP_NO_TLSv1_1 | SSL.OP_NO_TLSv1)
sslctx.set_cipher_list(b"TLS_AES_128_GCM_SHA256:AES128-GCM-SHA256")
sslctx.use_privatekey_file("key.pem")
sslctx.use_certificate_file("cert.pem")

bindsocket = socket.socket()
bindsocket.bind(('', 4433))
bindsocket.listen(5)

while True:
    newsocket, fromaddr = bindsocket.accept()
    sslconn = SSL.Connection(sslctx, newsocket)
    sslconn.set_accept_state()
    sslconn.do_handshake()
    print(f"List of ciphers: {sslconn.get_cipher_list()}")
    req = sslconn.read(4096)
    print(req)
    sslconn.write(b"HTTP/1.1 200 OK\r\nServer: my-special\r\nContent-length: 10\r\n\r\nHello!\r\n\r\n")
    sslconn.set_shutdown(SSL.SENT_SHUTDOWN)

当我强制客户端仅连接 tls1.3 时，我得到的只是以下错误

$ openssl version
OpenSSL 1.1.1d  10 Sep 2019
$ openssl s_client -connect localhost:4433 -tls1_3
4641068480:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:ssl/record/rec_layer_s3.c:1544:SSL alert number 40

并且服务器返回跟踪:

$ python3.8 tls_server.py
Traceback (most recent call last):
  File "tls_server.py", line 18, in <module>
    sobj.do_handshake()
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/OpenSSL/SSL.py", line 1934, in do_handshake
    self._raise_ssl_error(self._ssl, result)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/OpenSSL/SSL.py", line 1671, in _raise_ssl_error
    _raise_current_error()
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/OpenSSL/_util.py", line 54, in exception_from_error_queue
    raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'tls_post_process_client_hello', 'no shared cipher')]
$

通过成功的 TLS 1.2 连接，我看到服务器返回以下密码以确认 TLS 1.3 支持。

$ python3.8 tls_server.py
List of ciphers: ['TLS_AES_256_GCM_SHA384', 'TLS_CHACHA20_POLY1305_SHA256', 'TLS_AES_128_GCM_SHA256', 'AES128-GCM-SHA256']
b'GET /\n'

我正在使用的工具版本

$ python3.8 -m OpenSSL.debug
pyOpenSSL: 19.1.0
cryptography: 2.9.2
cffi: 1.13.2
cryptography's compiled against OpenSSL: OpenSSL 1.1.1g  21 Apr 2020
cryptography's linked OpenSSL: OpenSSL 1.1.1g  21 Apr 2020
Pythons's OpenSSL: OpenSSL 1.1.1d  10 Sep 2019
Python executable: /Library/Frameworks/Python.framework/Versions/3.8/bin/python3.8
Python version: 3.8.1 (v3.8.1:1b293b6006, Dec 18 2019, 14:08:53)
[Clang 6.0 (clang-600.0.57)]
Platform: darwin

Answer 1

我不确定这个配置:

sslctx = SSL.Context(SSL.TLSv1_2_METHOD)
sslctx.set_options(SSL.OP_NO_TLSv1_2 | SSL.OP_NO_TLSv1_1 | SSL.OP_NO_TLSv1)

您不是说只使用 TLSv1.2，然后也不使用 TLSv1 - TLSv1.2 吗？

现在没有 SSL.TLSv1_3_METHOD选项和 you’re supposed to use SSL.TLS_METHOD 但看起来像 that is not exposed to pyopenssl yet .

好像有一个 (currently) open issue关于如何更好地配置它，但仍然没有添加 SSL.TLS_METHOD .