pycrypto's AES implementation is not constant time
This is a non-issue when AES-NI is supported by the host CPU since a separate code path is taken.
https://github.com/dlitz/pycrypto/blob/master/src/AES.c
It's not too bad in the pluggable transport case since traffic is super-enciphered, the session keys are ephemeral, and actually extracting sufficiently accurate timing information is probably non-trivial, but it probably should be addressed somehow.