Is there a library for TLS 1.1 or TLS 1.2 in Python 2.6?

Question

I've got an assignment to create a socket server and client that communicate securely. I have to use either TLS 1.1 or 1.2 to avoid BEAST attacks. We're given Python version 2.6, but this doesn't have support for TLS 1.1 or 1.2.

Are there any external libraries you guys know of that implement this in Python 2.6, or would I be better off using the Python 3.4 dev version that added support?

Answer 1

From a quick test, if you build pyOpenSSL on top of OpenSSL 1.0.1, it looks like you get TLSv1.1 and 1.2 support. And it supports Python 2.6+/3.2+.

The API is different from the stock ssl module, but the Connection object is not that different from ssl.SSLSocket , so there's a good chance porting will just be a trivial search-and-replace.

With the current released version 0.13.1, there is implicit TLS 1.1 and 1.2 support, but no way to explicitly request or require them. The best you can do from the client side is set SSLv23_METHOD add OP_NO_SSLv2 and OP_NO_SSLv3 options, which guarantees TLS 1.0, 1.1, or 1.2. I haven't tested what you can do from the server side.

With the trunk code (the patch in #1020632 has been committed), there is explicit 1.1 and 1.2 support. From the client side, you can use TLSv1_1_METHOD to get TLSv1.1 only, TLSv1_2_METHOD to get TLSv1.2 only, and probably (I haven't tested) SSLv23_METHOD with OP_NO_SSLv2 , OP_NO_SSLv3 , and OP_NO_TLSv1 to get 1.1 or 1.2. Again, I haven't tested what you can do from the server side.

You should be able to pip install bzr+lp:pyopenssl to install the trunk; if not, check it out or download a current tarball and pip install that.

---

My guess is that you can write code that always gets 1.2 when using properly-built pyOpenSSL 0.13.1 and OpenSSL 1.0.0 or later, but may silently use something worse if either the client or server environment is built in a way that doesn't meet those requirements, and have no way to detect the problem. If you want the connection to fail instead of fall back in that case (which you probably do), it looks like you'll need a newer pyOpenSSL.

---

Here's my first test on a mostly-clean OS X 10.8.5 machine with Homebrew and pip installed:

$ brew install --universal openssl
$ sudo LDFLAGS=-L/usr/local/opt/openssl/lib CPPFLAGS=-I/usr/local/opt/openssl/include pip-2.6 install pyOpenSSL
$ python2.6
>>> import socket, OpenSSL
>>> OpenSSL.SSL.SSLeay_version(OpenSSL.SSL.SSLEAY_VERSION)
'OpenSSL 1.0.1e 11 Feb 2013'
>>> ctx = OpenSSL.SSL.Context(OpenSSL.SSL.SSLv23_METHOD)
>>> sock = socket.socket()
>>> ssock = OpenSSL.SSL.Connection(ctx, sock)
>>> ssock.connect_ex(('www.ssllabs.com', 443))
0
>>> ssock.send('GET /ssltest/viewMyClient.html HTTP/1.1\r\nHost: www.ssllabs.com\r\n\r\n')
66
>>> ssock.recv(16384)
-- snipped headers for chunked reply
>>> ssock.recv(16384)
'2000\r\n'
>>> d = ssock.recv(16384)
>>> d.find('TLS 1.1')
2324
>>> d.find('TLS 1.0')
2432
>>> d[2324:2432]
'TLS 1.1</td>\r\n\t\t<td class="tableRight">Yes</td>\t\t\t\r\n\t</tr>\r\n\t<tr class="tableRow">\r\n\t\t<td class="tableLeft">'

This proves (assuming ssltest.org is correct) that we not only claim TLS 1.1 support, but also made a 1.2 or 1.1 connection.