def init_socket(self):
"""Initalizes listening socket and SSL Connection"""
if not hasattr(self, 'socket'):
self.socket = self.get_listener(self.address, self.backlog,
self.family)
self.address = self.socket.getsockname()
self._handle = self.handle
self._socket = self.socket
self.scn = SSLConnection(self._socket,
keyfile=self.ssl_args["keyfile"],
certfile=self.ssl_args["certfile"],
ca_certs=self.ssl_args["certfile"],
server_side=True,
do_handshake_on_connect=False)
def dtls(nssfile_path, certs_path, certs_name):
sck = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sck.bind(("0.0.0.0", 4433))
# Windows
scn = SSLConnection(sck,
keyfile="{}{}.key".format(certs_path, certs_name),
certfile="{}{}.pem".format(certs_path, certs_name),
server_side=True,
ca_certs="{}{}.ca".format(certs_path, certs_name),
do_handshake_on_connect=False,
cb_user_config_ssl_ctx=ssl_ctx_cb)
while True:
peer_address = scn.listen()
act = scn.accept()
if act:
conn = act[0]
z = threading.Thread(target=readdtls, args=[conn, nssfile_path])
z.start()
def __init__(self,
address_family=socket.AF_INET,
socket_type=socket.SOCK_DGRAM,
socket_proto=socket.IPPROTO_UDP,
ssl_enabled=False, keyfile=None, certfile=None, cacertfile=None, port=constants.COAP_PORT):
self.__socket = socket.socket(address_family, socket_type,
socket_proto)
self.ssl = ssl_enabled
self._sslobj = None
if self.ssl:
ssl_sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
if not keyfile or not certfile:
raise Exception("Missing keyfile or certfile")
# https://github.com/rbit/pydtls/blob/master/dtls/sslconnection.py
if not cacertfile:
cacertfile = certfile
self._sslobj = SSLConnection(
ssl_sock,
keyfile=keyfile,
certfile=certfile,
server_side=False,
cert_reqs=ssl.CERT_REQUIRED,
ssl_version=2,
ca_certs=cacertfile,
# ca_certs = "/opt/OpenMTC/openmtc-python/openmtc-gevent/certs/CA_and_certs/pydtls/ca/ca-cert.pem",
do_handshake_on_connect=True,
suppress_ragged_eofs=True,
ciphers=None
)
self.processor = MiniProc(sslobj=self._sslobj)
else:
# self.__socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
self.__socket.bind(('', port))
# processor.add_socket(self.__socket, self._sslobj)
self.processor = MiniProc(socket=self.__socket)
def main():
sck = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sck.bind(("127.0.0.1", 28000))
sck.settimeout(30)
cert_path = path.join(path.abspath(path.dirname(__file__)), "certs")
scn = SSLConnection(sck,
keyfile=path.join(cert_path, "keycert.pem"),
certfile=path.join(cert_path, "keycert.pem"),
server_side=True,
ca_certs=path.join(cert_path, "ca-cert.pem"),
do_handshake_on_connect=False)
cnt = 0
while True:
cnt += 1
print "Listen invocation: %d" % cnt
peer_address = scn.listen()
if peer_address:
print "Completed listening for peer: %s" % str(peer_address)
break
print "Accepting..."
conn = scn.accept()[0]
sck.settimeout(5)
conn.get_socket(True).settimeout(5)
cnt = 0
while True:
cnt += 1
print "Listen invocation: %d" % cnt
peer_address = scn.listen()
assert not peer_address
print "Handshake invocation: %d" % cnt
try:
conn.do_handshake()
except SSLError as err:
if err.errno == 504:
continue
raise
print "Completed handshaking with peer"
break
cnt = 0
while True:
cnt += 1
print "Listen invocation: %d" % cnt
peer_address = scn.listen()
assert not peer_address
print "Read invocation: %d" % cnt
try:
message = conn.read()
except SSLError as err:
if err.errno == 502:
continue
if err.args[0] == SSL_ERROR_ZERO_RETURN:
break
raise
print message
conn.write("Back to you: " + message)
cnt = 0
while True:
cnt += 1
print "Listen invocation: %d" % cnt
peer_address = scn.listen()
assert not peer_address
print "Shutdown invocation: %d" % cnt
try:
s = conn.shutdown()
s.shutdown(socket.SHUT_RDWR)
except SSLError as err:
if err.errno == 502:
continue
raise
break