I have an asynchronous server using asyncio and ssl. It works in non-ssl mode but when I switch to ssl it doesn’t connect correctly. I think the error should be in the SSL part because I’ve done a few tests including openssl s_client which returns this:
CONNECTED(00000003)
read:errno=0
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 194 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Start Time: 1672390588
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
Most of the parts of the output is expected, including no peer cert which I set in both client SSLContext and server SSLContext. The part that worried me was Cipher:0000.
But when I created the context, I used ssl.create_default_context() and changed only no server hostname check (because lack of support of configuring overriding server_hostname in asyncio loop.create_server()) and no cert verify (because I wanted the server to be one-file and not with certs)
Here is my server creation code (with sslcontext definition):
def config_ssl(self):
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
context.verify_mode = ssl.CERT_NONE
self.sslcontext = context
def run(self):
try:
loop = asyncio.get_event_loop()
except RuntimeError:
loop = asyncio.new_event_loop()
if self.sslcontext is not None:
coro = loop.create_server(
lambda: ChatSession(self.addr, self.name, self),
*self.addr, ssl=self.sslcontext
)
else:
coro = loop.create_server(
lambda: ChatSession(self.addr, self.name, self),
*self.addr
)
srv = loop.run_until_complete(coro)
try:
loop.run_forever()
except KeyboardInterrupt:
pass
finally:
srv.close()
loop.close()
Any help would be apprieciated, and thanks.