def _connect(self):
sock = socket.socket()
host = self.link[1].get('host')
port = self.link[1].get('port')
cafile = self.link[1].get('cafile')
keyfile = self.link[1].get('keyfile')
certfile = self.link[1].get('certfile')
sslopts = dict(ca_certs=cafile,
keyfile=keyfile,
certfile=certfile,
cert_reqs=ssl.CERT_REQUIRED,
ssl_version=ssl.PROTOCOL_TLSv1)
if self.link[1].get('nocheck'):
sslopts['cert_reqs'] = ssl.CERT_NONE
try:
sock.connect((host, port))
except s_compat.sockerrs as e:
sock.close()
raiseSockError(self.link, e)
try:
wrap = ssl.wrap_socket(sock, **sslopts)
except ssl.SSLError as e:
sock.close()
raise LinkErr(self.link, str(e))
return s_socket.Socket(wrap)
def _connect(self):
path = self.link[1].get('sockpath')
s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
try:
s.connect(path)
return s_socket.Socket(s)
except s_compat.sockerrs as e:
s.close()
raiseSockError(self.link, e)
def _listen(self):
s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
path = self.link[1].get('sockpath')
if os.path.exists(path):
os.unlink(path)
s.bind(path)
s.listen(120)
return s_socket.Socket(s, listen=True)
def _listen(self):
host = self.link[1].get('host')
port = self.link[1].get('port')
sock = socket.socket()
sock.bind((host, port))
sock.listen(100)
self.link[1]['port'] = sock.getsockname()[1]
certdir = self.link[1].get('certdir')
cdir = s_certdir.CertDir(path=certdir)
hostname = socket.gethostname()
cafile = self.link[1].get('cafile')
if cafile is None:
caname = self.link[1].get('ca')
if caname is not None:
cafile = cdir.getCaCertPath(caname)
certfile = self.link[1].get('certfile')
if certfile is None:
certfile = cdir.getHostCertPath(hostname)
keyfile = self.link[1].get('keyfile')
if keyfile is None:
keyfile = cdir.getHostKeyPath(hostname)
sslopts = dict(
server_side=True,
ca_certs=cafile,
keyfile=keyfile,
certfile=certfile,
cert_reqs=ssl.CERT_NONE,
do_handshake_on_connect=False,
ssl_version=ssl.PROTOCOL_TLSv1,
)
# if they give a cafile to the server, require client certs
if cafile is not None:
sslopts['cert_reqs'] = ssl.CERT_REQUIRED
wrap = ssl.wrap_socket(sock, **sslopts)
sock = s_socket.Socket(wrap)
sock.on('link:sock:accept', self._onSslAccept)
return sock
def _connect(self):
sock = socket.socket()
host = self.link[1].get('host')
port = self.link[1].get('port')
cafile = None
keyfile = None
certfile = None
user = self.link[1].get('user')
certdir = self.link[1].get('certdir')
cdir = s_certdir.CertDir(path=certdir)
certuser = cdir.getUserForHost(user, host)
if certuser is not None:
cafile = cdir.getUserCaPath(certuser)
keyfile = cdir.getUserKeyPath(certuser)
certfile = cdir.getUserCertPath(certuser)
cafile = self.link[1].get('cafile', cafile)
keyfile = self.link[1].get('keyfile', keyfile)
certfile = self.link[1].get('certfile', certfile)
sslopts = dict(ca_certs=cafile,
keyfile=keyfile,
certfile=certfile,
cert_reqs=ssl.CERT_REQUIRED,
ssl_version=ssl.PROTOCOL_TLSv1)
if self.link[1].get('nocheck'):
sslopts['cert_reqs'] = ssl.CERT_NONE
try:
sock.connect((host, port))
except s_common.sockerrs as e:
sock.close()
raiseSockError(self.link, e)
try:
wrap = ssl.wrap_socket(sock, **sslopts)
except ssl.SSLError as e:
sock.close()
raise s_common.LinkErr(self.link, str(e))
return s_socket.Socket(wrap)
def _connect(self):
host = self.link[1].get('host')
user = self.link[1].get('user')
port = self.link[1].get('port')
passwd = self.link[1].get('passwd')
keyfile = self.link[1].get('keyfile')
timeout = self.link[1].get('timeout')
try:
ssh = paramiko.client.SSHClient()
ssh.load_system_host_keys()
ssh.connect(host,
port=port,
username=user,
password=passwd,
key_filename=keyfile,
timeout=timeout,
allow_agent=True)
trns = ssh.get_transport()
fwdhost = self.link[1].get('fwdhost')
fwdport = self.link[1].get('fwdport')
s = trns.open_channel('direct-tcpip', (fwdhost, fwdport),
('127.0.0.1', 0))
return s_socket.Socket(s, ssh=ssh)
except s_compat.sockerrs as e:
raiseSockError(self.link, e)
except Exception as e:
ssh.close()
raise
def _listen(self):
host = self.link[1].get('host')
port = self.link[1].get('port')
sock = socket.socket()
sock.bind((host, port))
sock.listen(100)
self.link[1]['port'] = sock.getsockname()[1]
cafile = self.link[1].get('cafile')
keyfile = self.link[1].get('keyfile')
certfile = self.link[1].get('certfile')
sslopts = dict(
server_side=True,
ca_certs=cafile,
keyfile=keyfile,
certfile=certfile,
cert_reqs=ssl.CERT_NONE,
do_handshake_on_connect=False,
ssl_version=ssl.PROTOCOL_TLSv1,
)
# if they give a cafile to the server, require client certs
if cafile != None:
sslopts['cert_reqs'] = ssl.CERT_REQUIRED
wrap = ssl.wrap_socket(sock, **sslopts)
sock = s_socket.Socket(wrap)
sock.on('link:sock:accept', self._onSslAccept)
return sock
