def tls_incoming(self, m):
self.log('incoming from remote', m)
if m.type == ContentType.ChangeCipherSpec:
self.seen_changecipherspec = True
if m.type == ContentType.Handshake and not m.opaque and m.body.type == HandshakeType.ServerHello:
self.log('server selected', CipherSuite.tostring(m.body.body.ciphersuite))
self.request.sendall(bytes(m))
def tls_incoming(self, m):
self.log('incoming from remote', m)
if m.type == ContentType.ChangeCipherSpec:
self.seen_changecipherspec = True
if m.type == ContentType.Handshake and not m.opaque and m.body.type == HandshakeType.ServerHello:
self.log('server selected',
CipherSuite.tostring(m.body.body.ciphersuite))
self.request.sendall(bytes(m))
def tls_outgoing(self, m):
self.log('outgoing from local', m)
if m.type == ContentType.ChangeCipherSpec:
self.seen_changecipherspec = True
if m.type == ContentType.Handshake and m.version >= ProtocolVersion.TLSv1_0 and ENABLE_DOWNGRADE:
self.log('sabotaging >= TLS1.0')
self.log('original ciphersuites were:')
for cs in m.body.body.ciphersuites:
self.log(' ', CipherSuite.tostring(cs))
self.request.sendall(bytes(build_fatal_alert(AlertDescription.HandshakeFailure)))
return
self.backend.sendall(bytes(m))
def tls_outgoing(self, m):
self.log('outgoing from local', m)
if m.type == ContentType.ChangeCipherSpec:
self.seen_changecipherspec = True
if m.type == ContentType.Handshake and m.version >= ProtocolVersion.TLSv1_0 and ENABLE_DOWNGRADE:
self.log('sabotaging >= TLS1.0')
self.log('original ciphersuites were:')
for cs in m.body.body.ciphersuites:
self.log(' ', CipherSuite.tostring(cs))
self.request.sendall(
bytes(build_fatal_alert(AlertDescription.HandshakeFailure)))
return
self.backend.sendall(bytes(m))
