Support for Python 3.7.0?

[Danaozhong]

I face an issue when using sslpsk with Python 3.7.0. The TLS connection gets refused.

I run a server application, which upon receiving a Client Hello, closes the TCP connection with a ACK&RES.

Did you run into a similar problem?

[drbild]

I haven't tried this library with Python 3.7.

Can you share the code that is failing for you?

[AndreySV]

Test failed on python 3.7.2 on Debian Buster.

$ python3 -m sslpsk.test
Exception in thread Thread-1:
Traceback (most recent call last):
  File "/usr/lib/python3.7/threading.py", line 917, in _bootstrap_inner
    self.run()
  File "/usr/lib/python3.7/threading.py", line 865, in run
    self._target(*self._args, **self._kwargs)
  File "/home/developer/.local/lib/python3.7/site-packages/sslpsk/test/test_sslpsk.py", line 67, in accept
    ssl_version=ssl.PROTOCOL_TLSv1, server_side=True)
  File "/home/developer/.local/lib/python3.7/site-packages/sslpsk/sslpsk.py", line 103, in wrap_socket
    _ssl_set_psk_server_callback(sock, cb, hint)
  File "/home/developer/.local/lib/python3.7/site-packages/sslpsk/sslpsk.py", line 77, in _ssl_set_psk_server_callback
    ssl_id = _sslpsk.sslpsk_set_accept_state(_sslobj(sock))
  File "/home/developer/.local/lib/python3.7/site-packages/sslpsk/sslpsk.py", line 55, in _sslobj
    return sock._sslobj._sslobj
AttributeError: '_ssl._SSLSocket' object has no attribute '_sslobj'

E
======================================================================
ERROR: testClient (test_sslpsk.SSLPSKTest)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/developer/.local/lib/python3.7/site-packages/sslpsk/test/test_sslpsk.py", line 81, in testClient
    ssl_version=ssl.PROTOCOL_TLSv1, server_side=False)
  File "/home/developer/.local/lib/python3.7/site-packages/sslpsk/sslpsk.py", line 106, in wrap_socket
    _ssl_set_psk_client_callback(sock, cb)
  File "/home/developer/.local/lib/python3.7/site-packages/sslpsk/sslpsk.py", line 73, in _ssl_set_psk_client_callback
    ssl_id = _sslpsk.sslpsk_set_psk_client_callback(_sslobj(sock))
  File "/home/developer/.local/lib/python3.7/site-packages/sslpsk/sslpsk.py", line 55, in _sslobj
    return sock._sslobj._sslobj
AttributeError: '_ssl._SSLSocket' object has no attribute '_sslobj'

----------------------------------------------------------------------
Ran 1 test in 0.013s

FAILED (errors=1)

 $ python3 --version
Python 3.7.2+

[Danaozhong]

I think that's a different problem, if I remember correctly the attribute _sslobj was renamed to sslobj, so at least that is easy to fix. But after fixing that I stumbled across the problem I described above.

Unfortunately, I didn't manage to write a short example so far, but if I have a free minute I will give it a try.

[drbild]

These tests are passing on travis for Python 3.7, thanks to @AndreySV's fixes.

@Danaozhong Can you try the current master?

I'll try to cut a release this weekend.

EDIT: 3.7 fails on Windows. Is that your OS?

[AndreySV]

BTW friend of mine told me about some problems on Windows (but with python 2.7.16) with sslpsk. Probably because of different openssl versions used for python and sslpsk. He has got it working only with old python 2.7.13. And I had problems (tests were ok, but actual PSK authentication wasn't working at all) on Linux until I removed old libopenssl1.0.2 headers and compiled against libopenssl1.1.1 cpython (2.7.16) was compiled most likely against. Maybe it's related.

[skboro]

@AndreySV Can you share the steps that you took for building with new ssl version?

BTW friend of mine told me about some problems on Windows (but with python 2.7.16) with sslpsk. Probably because of different openssl versions used for python and sslpsk. He has got it working only with old python 2.7.13. And I had problems (tests were ok, but actual PSK authentication wasn't working at all) on Linux until I removed old libopenssl1.0.2 headers and compiled against libopenssl1.1.1 cpython (2.7.16) was compiled most likely against. Maybe it's related.

[thiyaneshece]

BTW friend of mine told me about some problems on Windows (but with python 2.7.16) with sslpsk. Probably because of different openssl versions used for python and sslpsk. He has got it working only with old python 2.7.13. And I had problems (tests were ok, but actual PSK authentication wasn't working at all) on Linux until I removed old libopenssl1.0.2 headers and compiled against libopenssl1.1.1 cpython (2.7.16) was compiled most likely against. Maybe it's related.

Hi Andrey, I am facing similar issue that "AttributeError: '_ssl._SSLSocket' object has no attribute '_sslobj' " in linux ubuntu python 3.6.9 version. Can you please help me out to fix this issue ?

[aellwein]

Same issue on Python 3.8.5

[YannGarcia]

Hello,

I had also the same issue with python 3.8 on Linux Ubuntu 18.04 TLS. The command 'python3.8 -m pip list | grep ssl' returns 'sslpsk (1.0.0)'

Do you have any hints please?

Many thanks in advance,

BR \Yann

[markkuleinio]

See this: https://github.com/drbild/sslpsk/pull/14#issuecomment-776700116

import sys
import sslpsk

# Monkey patch for SSLPSK
def _sslobj(sock):
    if (3, 5) <= sys.version_info <= (3, 7):
        return sock._sslobj._sslobj
    else:
        return sock._sslobj
sslpsk.sslpsk._sslobj = _sslobj

Helped me to get sslpsk working on Python 3.9.2.

[elupus]

This seem to be solved in master. Can we get a new release in pip?

[elliot-eichen]

Hi:

I am having the same problem even after adding "import sys" to the script.

Running python 3.8.5 (apt tells me that my version of Python is the latest, rather than 3.9.2 as above) on Ubuntu 20.04.4, also with sslpsl 1.0.0. The error [return sock._sslobj._sslobj / AttributeError: '_ssl._SSLSocket' object has no attribute '_sslobj' ] seems to be at the same point in the code:

def _sslobj(sock): if (3, 5) <= sys.version_info <= (3, 7): return sock._sslobj._sslobj

Many Thanks - Elliot

[ratelwork]

Hi @elliot-eichen Did you somehow solved this problem?

[elliot-eichen]

Nope. Went in another direction.

On Tue, Apr 25, 2023, 5:32 AM ratelwork @.***> wrote:

Hi @elliot-eichen https://github.com/elliot-eichen Do you somehow solve this problem?

— Reply to this email directly, view it on GitHub https://github.com/drbild/sslpsk/issues/11#issuecomment-1521474706, or unsubscribe https://github.com/notifications/unsubscribe-auth/AOS4QFXMYWBSYPTV3JG5A73XC6K2BANCNFSM4GPOBITA . You are receiving this because you were mentioned.Message ID: @.***>

[markkuleinio]

You can use this in your code that uses sslpsk:

# Monkey patch for SSLPSK
import sslpsk
def patch_sslobj(sock):
    return sock._sslobj
sslpsk.sslpsk._sslobj = patch_sslobj

You can add it to the beginning of your own code, you don't need to touch the sslpsk package itself. Just be sure that this patch is executed before you actually use the TLS PSK connections.

If it still fails, please show the actual traceback you get.

[markkuleinio]

Or, install sslpsk from the master branch of the sslpsk repository, now I understood the earlier comment about publishing to PyPI. This is the code that you get with pip:

def _sslobj(sock):
    """Returns the underlying PySLLSocket object with which the C extension
    functions interface.

    """
    pass
    if sys.version_info >= (3, 5):
        return sock._sslobj._sslobj
    else:
        return sock._sslobj

which is incorrect and doesn't work at least with Python 3.9. Master branch has this:

def _sslobj(sock):
    """Returns the underlying PySLLSocket object with which the C extension
    functions interface.
    """
    pass
    if isinstance(sock._sslobj, _ssl._SSLSocket):
        return sock._sslobj
    else:
        return sock._sslobj._sslobj

pass is still redundant but the code seems to work.

[elliot-eichen]

Many thanks!

On Wed, Apr 26, 2023, 10:32 AM Markku Leiniö @.***> wrote:

You can use this in your code that uses sslpsk:

Monkey patch for SSLPSK

import sslpsk def patch_sslobj(sock): return sock._sslobj sslpsk.sslpsk._sslobj = patch_sslobj

You can add it to the beginning of your own code, you don't need to touch the sslpsk package itself. Just be sure that this patch is executed before you actually use the TLS PSK connections.

— Reply to this email directly, view it on GitHub https://github.com/drbild/sslpsk/issues/11#issuecomment-1523526902, or unsubscribe https://github.com/notifications/unsubscribe-auth/AOS4QFQDW4OESM6QG6B3G23XDEWZVANCNFSM4GPOBITA . You are receiving this because you were mentioned.Message ID: @.***>