stackoom
  简体   繁体   中英

How do I get NPN support for PyOpenSSL?

 原文  2020-09-24 20:57:52       python/ openssl/ pyopenssl

Question

I have an application that uses PyOpenSSL. It depends upon the use of NPN. This used to work, but when I've re-created my virtual environment, the version of openssl PyOpenSSL is built against no longer supports NPN:

Traceback (most recent call last):
  File "/tmp/sbpv/http2/proxy1/test_proxy.py", line 60, in <module>
    sys.exit(main())
  File "/tmp/sbpv/http2/proxy1/test_proxy.py", line 46, in main
    proxy_http2.configure_http2_server(args.listen_port, args.server_port, args.https_pem)
  File "/home/bneradt/repos/proxy-verifier/test/autests/gold_tests/autest-site/proxy_http2.py", line 188, in configure_http2_server
    context.set_npn_advertise_callback(npn_advertise_cb)
  File "/home/bneradt/.local/share/virtualenvs/autests-kCEHOjhw/lib/python3.8/site-packages/OpenSSL/SSL.py", line 650, in explode
    raise NotImplementedError(error)
NotImplementedError: NPN not available

The current version of PyOpenSSL is 19.1.0. I've pulled back to PyOpenSSL 19.0.0 and 18.0.0, but they all seem to have been built against openssl1.1.1h:

$ python -c "import OpenSSL; print(OpenSSL.version.__version__)"
18.0.0

$ python -c "import OpenSSL; print(OpenSSL.SSL.SSLeay_version(OpenSSL.SSL.SSLEAY_VERSION))"                                                                                                                                                
b'OpenSSL 1.1.1h  22 Sep 2020'

$ python -c "import OpenSSL; print(OpenSSL._util.lib.Cryptography_HAS_NEXTPROTONEG)"                                                                                                                                                          
0

Do the openssl versions PyOpenSSL is built against get updated with regularity such that my recent installs of these have different openssl versions? Or am I confused about how this works and PyOpenSSL is somehow using some local openssl version?

To be succinct, the question I'm asking is: how do I get a version of PyOpenSSL with NPN support?

1 answers

solution1
 0  2020-09-24 21:06:14

PyOpenSSL does not ship with the built version of openssl. It instead relies upon the cryptography Python module for that. If I pin the version of cryptography to 2.8 , then PyOpenSSL version 19.1.0 uses a version of openssl that has NPN support:

$ python -c "import OpenSSL; print(OpenSSL._util.lib.Cryptography_HAS_NEXTPROTONEG)"
1

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How do I generate public and private keys with pyOpenSSL? How do I create and sign certificates with Python's pyOpenSSL? How do I install PyOpenSSL on Windows 7 64-bit? How do I use PyOpenSSL to read a PFX file? PyOpenSSL - how can I get SAN(Subject Alternative Names) list How to get public key using PyOpenSSL? How to get current cipher in pyOpenSSL for DTLS How do you verify an RSA SHA1 signature in pyOpenSSL pyOpenSSL's PKCS7 object provide very little information, how can I get the sha1 digest of the public key in the signature How do I get fastavro to support logical types?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM