drbild / sslpsk Goto Github PK

There is an issue with server hint and some clients will not work properly.
If you don't specify a server hint, the server hint should not be sent. But in the code what you specify finally is a zero-length bytes object, so you get the hint sent with length equals to zero.

What I did for not changing the c source is:

-In sslpsk.py, in function _ssl_set_psk_server_callback, change
_ = _sslpsk.sslpsk_use_psk_identity_hint(_sslobj(sock), hint if hint else b"")
for

 if hint:
        _      = _sslpsk.sslpsk_use_psk_identity_hint(_sslobj(sock), hint)

regards

Hi,

I'm trying to use PSK with the NULL Cipher.
While "PSK-NULL-SHA256" is supported in ssl.py, I can't use it as cipher suite in sslpsk.
I tried to mess around with the ssl.SSCLContext() and .set_ciphers() methods, but I couldn't get it to work.
Do you have any ideas?

The Python ssl module documentation says:

Since Python 3.2 and 2.7.9, it is recommended to use the SSLContext.wrap_socket() of an SSLContext instance to wrap sockets as SSLSocket objects. The helper functions create_default_context() returns a new context with secure default settings. The old wrap_socket() function is deprecated since it is both inefficient and has no support for server name indication (SNI) and hostname matching.

It'd be nice if sslpsk followed suit and provided a similar API. It seems that 3.7+ provides some core API improvements that would make this possible. I played around and this seemed to work:

def _ssl_setup_psk_callbacks(sslobj):
    psk = sslobj.context.psk
    hint = sslobj.context.hint
    if psk:
        if sslobj.server_side:
            cb = psk if callable(psk) else lambda _identity: psk
            _ssl_set_psk_server_callback(sslobj, cb, hint)
        else:
            cb = psk if callable(psk) else lambda _hint: psk if isinstance(psk, tuple) else (psk, b"")
            _ssl_set_psk_client_callback(sslobj, cb)



class SSLPSKContext(ssl.SSLContext):
    @property
    def psk(self):
        return getattr(self, "_psk", None)

    @psk.setter
    def psk(self, psk):
        self._psk = psk

    @property
    def hint(self):
        return getattr(self, "_hint", None)

    @hint.setter
    def hint(self, hint):
        self._hint = hint


class SSLPSKObject(ssl.SSLObject):
    def do_handshake(self, *args, **kwargs):
        _ssl_setup_psk_callbacks(self)
        super().do_handshake(*args, **kwargs)


class SSLPSKSocket(ssl.SSLSocket):
    def do_handshake(self, *args, **kwargs):
        _ssl_setup_psk_callbacks(self)
        super().do_handshake(*args, **kwargs)


SSLPSKContext.sslobject_class = SSLPSKObject
SSLPSKContext.sslsocket_class = SSLPSKSocket

(It seems like SSLPSKSocket alone is useful to replace the existing functionality. I think SSLPSKObject is useful only under certain frameworks. I could not test that, so perhaps it'd be smarter to even avoid including that for now.)

With that, one can use SSLPSKContext where they'd use SSLContext before, and SSLPSKContext.psk = … to set the PSK (and .hint = … for the hint).

A backwards-compatible sslpsk.wrap_socket() can still be offered with:

def wrap_socket(sock, psk, hint=None,
                server_side=False,
                ssl_version=ssl.PROTOCOL_TLS,
                do_handshake_on_connect=True,
                suppress_ragged_eofs=True,
                ciphers=None):

    context = SSLPSKContext(ssl_version)
    if ciphers:
        context.set_ciphers(ciphers)
    context.psk = psk
    context.hint = hint

    return context.wrap_socket(
        sock=sock, server_side=server_side,
        do_handshake_on_connect=do_handshake_on_connect,
        suppress_ragged_eofs=suppress_ragged_eofs
    )

Cannot get around an error with this package on Windows 11 or 10 when trying to install sslpsk.

sslpsk/_sslpsk.c(19): fatal error C1083: Cannot open include file: 'openssl/ssl.h': No such file or directory

Not sure what should I add on where to satisfy this error.

Python 2.7 system.
pip install sslpsk
import sslpsk failed.

C:\Python27>python psk_client.py
Traceback (most recent call last):
File "psk_client.py", line 3, in
import sslpsk
File "C:\Python27\lib\site-packages\sslpsk_init_.py", line 17, in
from sslpsk.sslpsk import wrap_socket
File "C:\Python27\lib\site-packages\sslpsk\sslpsk.py", line 21, in
from sslpsk import _sslpsk
ImportError: DLL load failed: The specified module could not be found.

How could I set a specific cipher suite to use in client side.

It seems by default, the Cipher list in clientHello message are all cert based. so the connection will be refused by server side which expect PSK cipher suite.

Traceback (most recent call last):
File "server.py", line 33, in
main()
File "server.py", line 30, in main
server(host, port)
File "server.py", line 18, in server
hint='server1')
File "C:\Python27\lib\site-packages\sslpsk\sslpsk.py", line 109, i
t
sock.do_handshake()
File "C:\Python27\lib\ssl.py", line 840, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: NO_SHARED_CIPHER] no shared cipher (_ssl.c:661)

I face an issue when using sslpsk with Python 3.7.0. The TLS connection gets refused.

I run a server application, which upon receiving a Client Hello, closes the TCP connection with a ACK&RES.

Did you run into a similar problem?

Thanks for your efforts in authoring and maintaining this module!

I was wondering whether this should be something that exists in Python's stdlib and if you've thought about that. I found issue 19084, which is very old and was resolved due to inactivity. Noone objected it on philosophical grounds though, and you seem to have done most of the work for it, so perhaps it'd be worth reviving that issue and continuing that conversation?

I'm trying to properly refuse a connection when the client_identity is not in the list.

For now, I'm generating a random psk as workaround and catch the SSLError that is raised on a PSK mismatch:

import string
from random import choice

def psk_resolution(identity):
    try:
        psk = PSK_LIST[identity]
    except KeyError:
        allchar = string.ascii_letters + string.punctuation + string.digits
        psk = ("".join(choice(allchar) for x in range(40)))
    return psk

Is there a more elegant solution?

Hi, i am new to this and needs help in connecting to the server. When i try to connect to the example_server from example_client, it gives the below message. Can someone help?

Hi,

I'm running the openssl simple server locally:
openssl s_server -accept 7654 -psk 000 -nocert -debug -state

and I try to connect to it:

# python3
Python 3.6.6rc1 (default, Jun 13 2018, 06:59:48) 
[GCC 8.1.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import socket, ssl, sslpsk
>>> s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
>>> s.connect(("localhost",7654)) 
>>> ssl_sock = sslpsk.wrap_socket(s, psk=000)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/local/lib/python3.6/dist-packages/sslpsk/sslpsk.py", line 109, in wrap_socket
    sock.do_handshake()
  File "/usr/lib/python3.6/ssl.py", line 1068, in do_handshake
    self._sslobj.do_handshake()
  File "/usr/lib/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:841)

My server returns:

SSL_accept:before SSL initialization
read from 0x55799b5ef5e0 [0x55799b5fa563] (5 bytes => 5 (0x5))
0000 - 16 03 01 00 ef                                    .....
read from 0x55799b5ef5e0 [0x55799b5fa568] (239 bytes => 239 (0xEF))
0000 - 01 00 00 eb 03 03 21 23-b9 3b 4a 24 ec ff 91 f6   ......!#.;J$....
0010 - 34 4f 63 57 4e f8 6d d0-2c 92 dc 36 77 5a d6 9c   4OcWN.m.,..6wZ..
0020 - bf ac b3 ab a4 ad 00 00-7c c0 2c c0 30 c0 2b c0   ........|.,.0.+.
0030 - 2f cc a9 cc a8 00 a3 00-9f 00 a2 00 9e cc aa c0   /...............
0040 - af c0 ad c0 24 c0 28 c0-0a c0 14 c0 a3 c0 9f 00   ....$.(.........
0050 - 6b 00 6a 00 39 00 38 c0-ae c0 ac c0 23 c0 27 c0   k.j.9.8.....#.'.
0060 - 09 c0 13 c0 a2 c0 9e 00-67 00 40 00 33 00 32 c0   [email protected].
0070 - 73 c0 77 c0 72 c0 76 00-c4 00 c3 00 be 00 bd 00   s.w.r.v.........
0080 - 88 00 87 00 45 00 44 00-9d 00 9c c0 a1 c0 9d c0   ....E.D.........
0090 - a0 c0 9c 00 3d 00 3c 00-35 00 2f 00 c0 00 ba 00   ....=.<.5./.....
00a0 - 84 00 41 00 ff 01 00 00-46 00 0b 00 04 03 00 01   ..A.....F.......
00b0 - 02 00 0a 00 0a 00 08 00-1d 00 17 00 19 00 18 00   ................
00c0 - 23 00 00 00 16 00 00 00-17 00 00 00 0d 00 20 00   #............. .
00d0 - 1e 06 01 06 02 06 03 05-01 05 02 05 03 04 01 04   ................
00e0 - 02 04 03 03 01 03 02 03-03 02 01 02 02 02 03      ...............
SSL_accept:before SSL initialization
write to 0x55799b5ef5e0 [0x55799b603780] (7 bytes => 7 (0x7))
0000 - 15 03 03 00 02 02 28                              ......(
SSL3 alert write:fatal:handshake failure
SSL_accept:error in error
ERROR
140359626637504:error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher:../ssl/statem/statem_srvr.c:1404:
shutting down SSL
CONNECTION CLOSED

The Wireshark dissect shows me that the ClientHello does not contain any PSK-Ciphersuite:

Cipher Suites (62 suites)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9)
    Cipher Suite: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)
    Cipher Suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 (0x00a3)
    Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f)
    Cipher Suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (0x00a2)
    Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
    Cipher Suite: TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xccaa)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 (0xc0af)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CCM (0xc0ad)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
    Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CCM_8 (0xc0a3)
    Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CCM (0xc09f)
    Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x006b)
    Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 (0x006a)
    Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)
    Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 (0xc0ae)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CCM (0xc0ac)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
    Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CCM_8 (0xc0a2)
    Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CCM (0xc09e)
    Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067)
    Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040)
    Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
    Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 (0xc073)
    Cipher Suite: TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 (0xc077)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 (0xc072)
    Cipher Suite: TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 (0xc076)
    Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 (0x00c4)
    Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 (0x00c3)
    Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 (0x00be)
    Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 (0x00bd)
    Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088)
    Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087)
    Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045)
    Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044)
    Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)
    Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
    Cipher Suite: TLS_RSA_WITH_AES_256_CCM_8 (0xc0a1)
    Cipher Suite: TLS_RSA_WITH_AES_256_CCM (0xc09d)
    Cipher Suite: TLS_RSA_WITH_AES_128_CCM_8 (0xc0a0)
    Cipher Suite: TLS_RSA_WITH_AES_128_CCM (0xc09c)
    Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
    Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
    Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 (0x00c0)
    Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 (0x00ba)
    Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084)
    Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041)
    Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)

The server then immediately sends a TLS Fatal Handshake Failure Response and closes the connection.

There have been quite some changes since release tag 1.0.0. On new distribution, release 1.0.0 is no longer working.
Please add a new release tag. A new package https://PyPI.org would also be highly appreciated.
If there is anything I can do to help, please let me know.

i tried installing the package but it doesn't work
when i do this: pip install sslpsk

it gives a lot of errors but i think this is the problem:
sslpsk/_sslpsk.c(19): fatal error C1083: Cannot open include file: 'openssl/ssl.h': No such file or directory

Does anyone have an idea what this means?

The README says that there are Windows binaries available, but how does one get them?

edit: i see that there are binaries on pypi.org but if i specify --only-binary=sslpsk when trying to pip install it, i get

ERROR: Could not find a version that satisfies the requirement sslpsk (from versions: none)
ERROR: No matching distribution found for sslpsk

further edit: after learning a little more about python and pip, i think this request becomes "can we get compiled versions for python newer than 3.6?" .. so i'm going to update the title

What if the key is not a string but 4 bytes of data, like 0x12345678

How can I specify the key in client side.

PSKS = {'server1' : '1234',
'server2' : '0x1a2b3c4d'}

Hi @drbild, great work on this library. I have a script that is running fine with python2 but fails in python3. It seems to have problems when either the hint or identity contain non-unicode sequences.

This fork had intended to fix it, but it doesn't seem to be working with my system.
M4dmartig4n@157f063

When hint is of type bytes:

Traceback (most recent call last):
  File "./psk-frontend.py", line 111, in <module>
    main()
  File "./psk-frontend.py", line 107, in main
    p.data_ready_cb(s)
  File "./psk-frontend.py", line 78, in data_ready_cb
    self.new_client(_s)
  File "./psk-frontend.py", line 68, in new_client
    hint=self.hint)
  File "/usr/local/lib/python3.6/dist-packages/sslpsk/sslpsk.py", line 104, in wrap_socket
    _ssl_set_psk_server_callback(sock, cb, hint)
  File "/usr/local/lib/python3.6/dist-packages/sslpsk/sslpsk.py", line 80, in _ssl_set_psk_server_callback
    _      = _sslpsk.sslpsk_use_psk_identity_hint(_sslobj(sock), hint if hint else "")
TypeError: argument 2 must be str, not bytes

Here the identity is non-unicode, position 20 is indeed 0xfc.

UnicodeDecodeError: 'utf-8' codec can't decode byte 0xfc in position 20: invalid start byte

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "./psk-frontend.py", line 111, in <module>
    main()
  File "./psk-frontend.py", line 107, in main
    p.data_ready_cb(s)
  File "./psk-frontend.py", line 78, in data_ready_cb
    self.new_client(_s)
  File "./psk-frontend.py", line 68, in new_client
    hint=self.hint)
  File "/usr/local/lib/python3.6/dist-packages/sslpsk/sslpsk.py", line 110, in wrap_socket
    sock.do_handshake()
  File "/usr/lib/python3.6/ssl.py", line 1077, in do_handshake
    self._sslobj.do_handshake()
  File "/usr/lib/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
SystemError: <class 'ssl.SSLError'> returned a result with an error set

For reference, the script being used is part of tuya-convert, which creates a connection with Tuya IoT devices. As a workaround we're forcing python2, but since python2 is being deprecated I'd like to get it working in python3.

Oddly this only seems to impact some users, others have reported that python3 works fine for them. This makes me think it might be a problem with part of the build process in different environments.

Thanks in advance for any insight you might have into this issue.

Hi,

i want to know if is possible to use you library for Philips Hue Entertainment that has the following requirements:

UDP port 2100 is used for DTLS handshaking and streaming. Only DTLS mode version 1.2 with Pre-Shared Key (PSK) Key exchange method with TLS_PSK_WITH_AES_128_GCM_SHA256 set as Cipher Suite is supported.

Thanks,
Marius.

Hi,
please help me.
I have try install sslpsk module in python i got below error. I have installed visual sudio 15 and openssl on my windows pc.

------------------------e/sslpsk-1.0.0.tar.gz
Installing collected packages: sslpsk
Running setup.py install for sslpsk ... error
ERROR: Command errored out with exit status 1:
command: 'c:\users\uic68729\appdata\local\programs\python\python38\python.exe' -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'C:\Users\uic68729\AppData\Local\Temp\pip-install-dqbz47lu\sslpsk\setup.py'"'"'; file='"'"'C:\Users\uic68729\AppData\Local\Temp\pip-install-dqbz47lu\sslpsk\setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(file);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, file, '"'"'exec'"'"'))' install --record 'C:\Users\uic68729\AppData\Local\Temp\pip-record-n2l2413k\install-record.txt' --single-version-externally-managed --compile
cwd: C:\Users\uic68729\AppData\Local\Temp\pip-install-dqbz47lu\sslpsk
Complete output (21 lines):
running install
running build
running build_py
creating build
creating build\lib.win-amd64-3.8
creating build\lib.win-amd64-3.8\sslpsk
copying sslpsk\sslpsk.py -> build\lib.win-amd64-3.8\sslpsk
copying sslpsk_init_.py -> build\lib.win-amd64-3.8\sslpsk
creating build\lib.win-amd64-3.8\sslpsk\test
copying sslpsk\test\test_sslpsk.py -> build\lib.win-amd64-3.8\sslpsk\test
copying sslpsk\test_init_.py -> build\lib.win-amd64-3.8\sslpsk\test
copying sslpsk\test_main_.py -> build\lib.win-amd64-3.8\sslpsk\test
running build_ext
building 'sslpsk._sslpsk' extension
creating build\temp.win-amd64-3.8
creating build\temp.win-amd64-3.8\Release
creating build\temp.win-amd64-3.8\Release\sslpsk
C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\VC\Tools\MSVC\14.25.28610\bin\HostX86\x64\cl.exe /c /nologo /Ox /W3 /GL /DNDEBUG /MD -Ic:\users\uic68729\appdata\local\programs\python\python38\include -Ic:\users\uic68729\appdata\local\programs\python\python38\include "-IC:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\VC\Tools\MSVC\14.25.28610\include" "-IC:\Program Files (x86)\Windows Kits\NETFXSDK\4.8\include\um" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.18362.0\ucrt" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.18362.0\shared" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.18362.0\um" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.18362.0\winrt" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.18362.0\cppwinrt" /Tcsslpsk/_sslpsk.c /Fobuild\temp.win-amd64-3.8\Release\sslpsk/_sslpsk.obj
_sslpsk.c
sslpsk/_sslpsk.c(19): fatal error C1083: Cannot open include file: 'openssl/ssl.h': No such file or directory
error: command 'C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\VC\Tools\MSVC\14.25.28610\bin\HostX86\x64\cl.exe' failed with exit status 2
----------------------------------------
ERROR: Command errored out with exit status 1: 'c:\users\uic68729\appdata\local\programs\python\python38\python.exe' -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'C:\Users\uic68729\AppData\Local\Temp\pip-install-dqbz47lu\sslpsk\setup.py'"'"'; file='"'"'C:\Users\uic68729\AppData\Local\Temp\pip-install-dqbz47lu\sslpsk\setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(file);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, file, '"'"'exec'"'"'))' install --record 'C:\Users\uic68729\AppData\Local\Temp\pip-record-n2l2413k\install-record.txt' --single-version-externally-managed --compile Check the logs for full command output.

When build for Python 3.11 an deprecation warning is shown on testing:

+ /usr/bin/python3 setup.py test
/usr/lib/python3.11/site-packages/setuptools/dist.py:771: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead
  warnings.warn(
running test
running egg_info
WARNING: Testing via this command is deprecated and will be removed in a future version. Users looking for a generic test entry point independent of test runner are encouraged to use tox.
writing sslpsk.egg-info/PKG-INFO
writing dependency_links to sslpsk.egg-info/dependency_links.txt
writing top-level names to sslpsk.egg-info/top_level.txt
reading manifest file 'sslpsk.egg-info/SOURCES.txt'
adding license file 'LICENSE'
adding license file 'NOTICE'
writing manifest file 'sslpsk.egg-info/SOURCES.txt'
running build_ext
copying build/lib.linux-x86_64-cpython-311/sslpsk/_sslpsk.cpython-311-x86_64-linux-gnu.so -> sslpsk
.
----------------------------------------------------------------------
Ran 1 test in 0.010s

OK
testClient (sslpsk.test.test_sslpsk.SSLPSKTest.testClient) ... /builddir/build/BUILD/sslpsk-1.0.0/sslpsk/sslpsk.py:99: DeprecationWarning: ssl.wrap_socket() is deprecated, use SSLContext.wrap_socket()
  sock = ssl.wrap_socket(*args, **kwargs)
/usr/lib64/python3.11/ssl.py:1471: DeprecationWarning: ssl.PROTOCOL_TLSv1 is deprecated
  context = SSLContext(ssl_version)
ok

----------------------------------------------------------------------
Ran 1 test in 0.004s