How to disable session resumption in pyOpenSSL?

前端未结

关注

 2  1514

悲哀的现实 2021-01-20 19:03

The Tripple Handshake Issue was disclosed lately. Wether disabling session resumption will mitigate this or not, is a topic for another question. Let\'s assume I want to dis

2条回答

北恋 (楼主)

2021-01-20 19:57

Starting with pyOpenSSL 0.14 this is possible:

from OpenSSL.SSL import TLSv1_2_METHOD SESS_CACHE_OFF, Context, Connection

ctx = Context(TLSv1_2_METHOD)
ctx.set_session_cache_mode(SESS_CACHE_OFF)

conn = Connection(ctx, ...)

Earlier versions of pyOpenSSL do not expose these APIs.

If you also need to turn off session tickets then:

from OpenSSL.SSL import OP_NO_TICKET

...

ctx.set_options(OP_NO_TICKET)

0 讨论(0)

查看其它2个回答