search

mobius-software-ltd / pyton3-dtls

Datagram Transport Layer Security for Python
Apache License 2.0
6 stars 6 forks source link

python3-dtls 1.0.3 does not work with OpenSSL 1.1.1b #4

Closed mcfreis closed 4 years ago

mcfreis commented 5 years ago

An "import dtls" fails with a Segmentation fault. This is due to a missing parameter in OPENSSL_init_ssl() in sslconnection.py.

mcfreis commented 5 years ago

OPENSSL_init_ssl.patch.txt

edmont commented 5 years ago

Even after applying the previous patch I'm getting the following exception when running the example code from README.md:

Traceback (most recent call last):
  File "/home/user/.local/lib/python3.7/site-packages/dtls/sslconnection.py", line 716, in do_handshake
    ERR_HANDSHAKE_TIMEOUT)
  File "/home/user/.local/lib/python3.7/site-packages/dtls/sslconnection.py", line 459, in _wrap_socket_library_call
    return call()
  File "/home/user/.local/lib/python3.7/site-packages/dtls/sslconnection.py", line 715, in <lambda>
    lambda: SSL_do_handshake(self._ssl.value),
  File "/home/user/.local/lib/python3.7/site-packages/dtls/openssl.py", line 524, in errcheck_ord
    raise_ssl_error(result, func, args, find_ssl_arg(args))
  File "/home/user/.local/lib/python3.7/site-packages/dtls/openssl.py", line 515, in raise_ssl_error
    raise openssl_error()(ssl_error, errqueue, result, func, args)
dtls.err.__OpenSSLError: (5, [])

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "testdtls.py", line 7, in <module>
    sock.connect(('10.1.1.222', 5684))
  File "/usr/lib/python3.7/ssl.py", line 1150, in connect
    self._real_connect(addr, False)
  File "/home/user/.local/lib/python3.7/site-packages/dtls/patch.py", line 268, in _SSLSocket_real_connect
    raise e
  File "/home/user/.local/lib/python3.7/site-packages/dtls/patch.py", line 262, in _SSLSocket_real_connect
    self._sslobj.connect(addr)
  File "/home/user/.local/lib/python3.7/site-packages/dtls/sslconnection.py", line 703, in connect
    self.do_handshake()
  File "/home/user/.local/lib/python3.7/site-packages/dtls/sslconnection.py", line 719, in do_handshake
    raise_ssl_error(ERR_PORT_UNREACHABLE, err)
  File "/home/user/.local/lib/python3.7/site-packages/dtls/err.py", line 112, in raise_ssl_error
    raise SSLError(code, err_string + str(nested))
ssl.SSLError: 505: The peer address is not reachable(5, [])
mcfreis commented 5 years ago

Well yes, I found that out myself a few days ago. The patch only makes the import dtls work but fails in all tests. unit.py, unit_warpper.py, echo_seq.py and simple_client.py all fail. With what version of OpenSSL do they work?

What is this testdtls.py? It is not included in the soruce.

edmont commented 5 years ago

@mcfreis testdtls.py is this:

import ssl
from socket import socket, AF_INET, SOCK_DGRAM
from dtls import do_patch
do_patch()
sock = ssl.wrap_socket(socket(AF_INET, SOCK_DGRAM))
sock.connect(('10.1.1.222', 5684))
sock.send('Hi there')
yulianoifa-mobius commented 4 years ago

Applied patch