def tls_incoming(self, m): self.log('incoming from remote', m) if m.type == ContentType.ChangeCipherSpec: self.seen_changecipherspec = True if m.type == ContentType.Handshake and not m.opaque and m.body.type == HandshakeType.ServerHello: self.log('server selected', CipherSuite.tostring(m.body.body.ciphersuite)) self.request.sendall(bytes(m))
def tls_outgoing(self, m): self.log('outgoing from local', m) if m.type == ContentType.ChangeCipherSpec: self.seen_changecipherspec = True if m.type == ContentType.Handshake and m.version >= ProtocolVersion.TLSv1_0 and ENABLE_DOWNGRADE: self.log('sabotaging >= TLS1.0') self.log('original ciphersuites were:') for cs in m.body.body.ciphersuites: self.log(' ', CipherSuite.tostring(cs)) self.request.sendall(bytes(build_fatal_alert(AlertDescription.HandshakeFailure))) return self.backend.sendall(bytes(m))
def tls_outgoing(self, m): self.log('outgoing from local', m) if m.type == ContentType.ChangeCipherSpec: self.seen_changecipherspec = True if m.type == ContentType.Handshake and m.version >= ProtocolVersion.TLSv1_0 and ENABLE_DOWNGRADE: self.log('sabotaging >= TLS1.0') self.log('original ciphersuites were:') for cs in m.body.body.ciphersuites: self.log(' ', CipherSuite.tostring(cs)) self.request.sendall( bytes(build_fatal_alert(AlertDescription.HandshakeFailure))) return self.backend.sendall(bytes(m))