示例#1
0
    def send_response(self):
        if self.task.responsed:
            xlog.error("http2_stream send_response but responsed.%s", self.task.url)
            self.close("h2 stream send_response but sended.")
            return

        self.task.responsed = True
        status = int(self.response_headers[b':status'][0])
        strip_headers(self.response_headers)
        response = simple_http_client.BaseResponse(status=status, headers=self.response_headers)
        response.ssl_sock = self.connection.ssl_sock
        response.worker = self.connection
        response.task = self.task
        self.task.queue.put(response)
        check_local_network.report_ok(self.connection.ssl_sock.ip)
示例#2
0
    def send_response(self):
        if self.task.responsed:
            xlog.error("http2_stream send_response but responsed.%s",
                       self.task.url)
            self.close("h2 stream send_response but sended.")
            return

        self.task.responsed = True
        status = int(self.response_headers[b':status'][0])
        strip_headers(self.response_headers)
        response = simple_http_client.BaseResponse(
            status=status, headers=self.response_headers)
        response.ssl_sock = self.connection.ssl_sock
        response.worker = self.connection
        response.task = self.task
        self.task.queue.put(response)
        check_local_network.report_ok(self.connection.ssl_sock.ip)
示例#3
0
    def update_ip(self, ip, handshake_time):
        if not isinstance(ip, basestring):
            xlog.error("set_ip input")
            return

        handshake_time = int(handshake_time)
        if handshake_time < 5: # that's impossible
            xlog.warn("%s handshake:%d impossible", ip, 1000 * handshake_time)
            return

        time_now = time.time()
        check_local_network.report_ok(ip)
        check_ip.last_check_time = time_now
        check_ip.continue_fail_count = 0

        self.ip_lock.acquire()
        try:
            if ip in self.ip_dict:


                # Case: some good ip, average handshake time is 300ms
                # some times ip package lost cause handshake time become 2000ms
                # this ip will not return back to good ip front until all become bad
                # There for, prevent handshake time increase too quickly.
                org_time = self.ip_dict[ip]['handshake_time']
                if handshake_time - org_time > 500:
                    self.ip_dict[ip]['handshake_time'] = org_time + 500
                else:
                    self.ip_dict[ip]['handshake_time'] = handshake_time

                self.ip_dict[ip]['success_time'] = time_now
                if self.ip_dict[ip]['fail_times'] > 0:
                    self._add_ip_num(ip, 1)
                self.ip_dict[ip]['fail_times'] = 0
                self.append_ip_history(ip, handshake_time)
                self.ip_dict[ip]["fail_time"] = 0

                self.iplist_need_save = True

            #xlog.debug("update ip:%s not exist", ip)
        except Exception as e:
            xlog.error("update_ip err:%s", e)
        finally:
            self.ip_lock.release()

        self.save_ip_list()
示例#4
0
    def update_ip(self, ip, handshake_time):
        if not isinstance(ip, basestring):
            xlog.error("set_ip input")
            return

        handshake_time = int(handshake_time)
        if handshake_time < 5: # that's impossible
            xlog.warn("%s handshake:%d impossible", ip, 1000 * handshake_time)
            return

        time_now = time.time()
        check_local_network.report_ok(ip)
        check_ip.last_check_time = time_now
        check_ip.continue_fail_count = 0

        self.ip_lock.acquire()
        try:
            if ip in self.ip_dict:


                # Case: some good ip, average handshake time is 300ms
                # some times ip package lost cause handshake time become 2000ms
                # this ip will not return back to good ip front until all become bad
                # There for, prevent handshake time increase too quickly.
                org_time = self.ip_dict[ip]['handshake_time']
                if handshake_time - org_time > 500:
                    self.ip_dict[ip]['handshake_time'] = org_time + 500
                else:
                    self.ip_dict[ip]['handshake_time'] = handshake_time

                self.ip_dict[ip]['success_time'] = time_now
                if self.ip_dict[ip]['fail_times'] > 0:
                    self._add_ip_num(ip, 1)
                self.ip_dict[ip]['fail_times'] = 0
                self.append_ip_history(ip, handshake_time)
                self.ip_dict[ip]["fail_time"] = 0

                self.iplist_need_save = True

            #xlog.debug("update ip:%s not exist", ip)
        except Exception as e:
            xlog.error("update_ip err:%s", e)
        finally:
            self.ip_lock.release()

        self.save_ip_list()
示例#5
0
def connect_ssl(ip, port=443, timeout=5, check_cert=True, close_cb=None):
    if not check_local_network.is_ok(ip):
        with network_fail_lock:
           time.sleep(0.1)

    ip_port = (ip, port)

    sni = sni_generater.get()

    if int(config.PROXY_ENABLE):
        sock = socks.socksocket(socket.AF_INET if ':' not in ip else socket.AF_INET6)
    else:
        sock = socket.socket(socket.AF_INET if ':' not in ip else socket.AF_INET6)
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
    # set struct linger{l_onoff=1,l_linger=0} to avoid 10048 socket error
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_LINGER, struct.pack('ii', 1, 0))
    # resize socket recv buffer 8K->32K to improve browser releated application performance
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF, 32*1024)
    sock.setsockopt(socket.SOL_TCP, socket.TCP_NODELAY, True)
    sock.settimeout(timeout)

    ssl_sock = openssl_wrap.SSLConnection(openssl_context, sock, ip, close_cb)
    ssl_sock.set_connect_state()
    if hasattr(ssl_sock, 'set_tlsext_host_name'):
        try:
            ssl_sock.set_tlsext_host_name(sni)
        except:
            pass

    time_begin = time.time()
    ssl_sock.connect(ip_port)
    time_connected = time.time()
    ssl_sock.do_handshake()

    try:
        h2 = ssl_sock.get_alpn_proto_negotiated()
        if h2 == "h2":
            ssl_sock.h2 = True
        else:
            ssl_sock.h2 = False

        xlog.debug("%s alpn h2:%s", ip, h2)
    except Exception as e:
        #xlog.exception("alpn:%r", e)
        if hasattr(ssl_sock._connection, "protos") and ssl_sock._connection.protos == "h2":
            ssl_sock.h2 = True
            # xlog.debug("ip:%s http/2", ip)
        else:
            ssl_sock.h2 = False
            # xlog.debug("ip:%s http/1.1", ip)
    time_handshaked = time.time()

    check_local_network.report_ok(ip)

    def verify_SSL_certificate_issuer(ssl_sock):
        # cert = ssl_sock.get_peer_certificate()
        # if not cert:
        #    #google_ip.report_bad_ip(ssl_sock.ip)
        #    #connect_control.fall_into_honeypot()
        #    raise socket.error(' certficate is none')

        # issuer_commonname = next((v for k, v in cert.get_issuer().get_components() if k == 'CN'), '')
        # if not issuer_commonname.startswith('Google'):
        #    google_ip.report_connect_fail(ip, force_remove=True)
        #    raise socket.error(' certficate is issued by %r, not Google' % ( issuer_commonname))
        certs = ssl_sock.get_peer_cert_chain()
        if not certs:
            # google_ip.report_bad_ip(ssl_sock.ip)
            # connect_control.fall_into_honeypot()
            raise socket.error(' certficate is none')
        if len(certs) < 3:
            # google_ip.report_connect_fail(ip, force_remove=True)
            raise Cert_Exception('No intermediate CA was found.')

        if hasattr(OpenSSL.crypto, "dump_publickey"):
            # old OpenSSL not support this function.
            if OpenSSL.crypto.dump_publickey(OpenSSL.crypto.FILETYPE_PEM, certs[1].get_pubkey()) not in GoogleG23PKP:
                # google_ip.report_connect_fail(ip, force_remove=True)
                raise Cert_Exception('The intermediate CA is mismatching.')

        issuer_commonname = next((v for k, v in certs[0].get_issuer().get_components() if k == 'CN'), '')
        if not issuer_commonname.startswith('Google'):
            # google_ip.report_connect_fail(ip, force_remove=True)
            raise Cert_Exception(' certficate is issued by %r, not Google' % (issuer_commonname))

    if check_cert:
        verify_SSL_certificate_issuer(ssl_sock)

    connct_time = int((time_connected - time_begin) * 1000)
    handshake_time = int((time_handshaked - time_connected) * 1000)
    #xlog.debug("conn: %d  handshake:%d", connct_time, handshake_time)

    # sometimes, we want to use raw tcp socket directly(select/epoll), so setattr it to ssl socket.
    ssl_sock._sock = sock
    ssl_sock.connct_time = connct_time
    ssl_sock.handshake_time = handshake_time

    ssl_sock.fd = sock.fileno()
    ssl_sock.create_time = time_begin
    ssl_sock.last_use_time = time_begin
    ssl_sock.received_size = 0
    ssl_sock.load = 0
    ssl_sock.sni = sni
    ssl_sock.host = ""

    return ssl_sock
示例#6
0
def connect_ssl(ip, port=443, timeout=5, check_cert=True, close_cb=None):
    if not check_local_network.is_ok(ip):
        with network_fail_lock:
            time.sleep(0.1)

    ip_port = (ip, port)

    sni = sni_generater.get()

    if int(config.PROXY_ENABLE):
        sock = socks.socksocket(socket.AF_INET if ':' not in
                                ip else socket.AF_INET6)
    else:
        sock = socket.socket(socket.AF_INET if ':' not in
                             ip else socket.AF_INET6)
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
    # set struct linger{l_onoff=1,l_linger=0} to avoid 10048 socket error
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_LINGER,
                    struct.pack('ii', 1, 0))
    # resize socket recv buffer 8K->32K to improve browser releated application performance
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF, 32 * 1024)
    sock.setsockopt(socket.SOL_TCP, socket.TCP_NODELAY, True)
    sock.settimeout(timeout)

    ssl_sock = openssl_wrap.SSLConnection(openssl_context, sock, ip, close_cb)
    ssl_sock.set_connect_state()
    if hasattr(ssl_sock, 'set_tlsext_host_name'):
        try:
            ssl_sock.set_tlsext_host_name(sni)
        except:
            pass

    time_begin = time.time()
    ssl_sock.connect(ip_port)
    time_connected = time.time()
    ssl_sock.do_handshake()

    try:
        h2 = ssl_sock.get_alpn_proto_negotiated()
        if h2 == "h2":
            ssl_sock.h2 = True
        else:
            ssl_sock.h2 = False

        xlog.debug("%s alpn h2:%s", ip, h2)
    except Exception as e:
        #xlog.exception("alpn:%r", e)
        if hasattr(ssl_sock._connection,
                   "protos") and ssl_sock._connection.protos == "h2":
            ssl_sock.h2 = True
            # xlog.debug("ip:%s http/2", ip)
        else:
            ssl_sock.h2 = False
            # xlog.debug("ip:%s http/1.1", ip)
    time_handshaked = time.time()

    check_local_network.report_ok(ip)

    def verify_SSL_certificate_issuer(ssl_sock):
        # cert = ssl_sock.get_peer_certificate()
        # if not cert:
        #    #google_ip.report_bad_ip(ssl_sock.ip)
        #    #connect_control.fall_into_honeypot()
        #    raise socket.error(' certficate is none')

        # issuer_commonname = next((v for k, v in cert.get_issuer().get_components() if k == 'CN'), '')
        # if not issuer_commonname.startswith('Google'):
        #    google_ip.report_connect_fail(ip, force_remove=True)
        #    raise socket.error(' certficate is issued by %r, not Google' % ( issuer_commonname))
        certs = ssl_sock.get_peer_cert_chain()
        if not certs:
            # google_ip.report_bad_ip(ssl_sock.ip)
            # connect_control.fall_into_honeypot()
            raise socket.error(' certficate is none')
        if len(certs) < 3:
            # google_ip.report_connect_fail(ip, force_remove=True)
            raise Cert_Exception('No intermediate CA was found.')

        if hasattr(OpenSSL.crypto, "dump_publickey"):
            # old OpenSSL not support this function.
            if OpenSSL.crypto.dump_publickey(
                    OpenSSL.crypto.FILETYPE_PEM,
                    certs[1].get_pubkey()) not in GoogleG23PKP:
                # google_ip.report_connect_fail(ip, force_remove=True)
                raise Cert_Exception('The intermediate CA is mismatching.')

        issuer_commonname = next(
            (v
             for k, v in certs[0].get_issuer().get_components() if k == 'CN'),
            '')
        if not issuer_commonname.startswith('Google'):
            # google_ip.report_connect_fail(ip, force_remove=True)
            raise Cert_Exception(' certficate is issued by %r, not Google' %
                                 (issuer_commonname))

    if check_cert:
        verify_SSL_certificate_issuer(ssl_sock)

    connct_time = int((time_connected - time_begin) * 1000)
    handshake_time = int((time_handshaked - time_connected) * 1000)
    #xlog.debug("conn: %d  handshake:%d", connct_time, handshake_time)

    # sometimes, we want to use raw tcp socket directly(select/epoll), so setattr it to ssl socket.
    ssl_sock._sock = sock
    ssl_sock.connct_time = connct_time
    ssl_sock.handshake_time = handshake_time

    ssl_sock.fd = sock.fileno()
    ssl_sock.create_time = time_begin
    ssl_sock.last_use_time = time_begin
    ssl_sock.received_size = 0
    ssl_sock.load = 0
    ssl_sock.sni = sni
    ssl_sock.host = ""

    return ssl_sock
示例#7
0
文件: http1.py 项目: zxtcc/XX-Net
    def request_task(self, task):
        start_time = time.time()
        task.set_state("h1_req")

        self.ssl_sock.last_use_time = time.time()

        task.headers['Host'] = self.ssl_sock.host
        request_data = 'POST /_gh/ HTTP/1.1\r\n'
        request_data += ''.join('%s: %s\r\n' % (k, v)
                                for k, v in task.headers.items())
        request_data += '\r\n'

        try:
            self.ssl_sock.send(request_data.encode())
            payload_len = len(task.body)
            start = 0
            while start < payload_len:
                send_size = min(payload_len - start, 65535)
                sended = self.ssl_sock.send(task.body[start:start + send_size])
                start += sended

            response = simple_http_client.Response(self.ssl_sock)
            response.begin(timeout=task.timeout)

        except Exception as e:
            xlog.warn("%s h1_request:%s %r time_cost:%d inactive:%d", self.ip,
                      task.url, e, (time.time() - start_time) * 1000,
                      (time.time() - self.last_active_time) * 1000)
            google_ip.report_connect_closed(self.ssl_sock.ip, "request_fail")
            self.task = task
            self.close("request fail")
            return

        task.set_state("h1_get_head")
        body_length = int(response.getheader("Content-Length", "0"))
        task.content_length = body_length

        task.responsed = True
        response.worker = self
        response.task = task
        response.ssl_sock = self.ssl_sock
        task.queue.put(response)

        if body_length == 0:
            self.accept_task = True
            self.processed_tasks += 1
            return

        # read response body,
        try:
            start = 0
            end = body_length
            time_response = last_read_time = time.time()
            while True:
                if start >= end:
                    self.ssl_sock.received_size += body_length
                    time_cost = (time.time() - time_response)
                    if time_cost != 0:
                        speed = body_length / time_cost
                        task.set_state("h1_finish[SP:%d]" % speed)
                        self.report_speed(speed, body_length)
                        self.transfered_size += body_length
                    task.finish()
                    self.task = None
                    self.accept_task = True
                    self.idle_cb()
                    self.processed_tasks += 1
                    self.last_active_time = time.time()
                    check_local_network.report_ok(self.ssl_sock.ip)
                    return

                data = response.read()
                # task.set_state("read body:%d" % len(data))
                if not data:
                    if time.time() - last_read_time > 20:
                        xlog.warn("%s read timeout t:%d expect:%d left:%d ",
                                  self.ip,
                                  (time.time() - time_response) * 1000,
                                  body_length, (end - start))
                        break
                    else:
                        time.sleep(0.1)
                        continue

                last_read_time = time.time()
                data_len = len(data)
                start += data_len
                task.put_data(data)

        except Exception as e:
            xlog.warn("%s h1 get data:%r", self.ip, e)

        task.finish()
        google_ip.report_connect_closed(self.ssl_sock.ip, "down fail")
        self.close("request body fail")
示例#8
0
def connect_ssl(ip, port=443, timeout=5, check_cert=True, close_cb=None):
    if check_local_network.is_ok(ip):
        with network_fail_lock:
            time.sleep(0.1)

    ip_port = (ip, port)

    sni = sni_generater.get()

    if config.PROXY_ENABLE:
        sock = socks.socksocket(socket.AF_INET if ':' not in
                                ip else socket.AF_INET6)
    else:
        sock = socket.socket(socket.AF_INET if ':' not in
                             ip else socket.AF_INET6)
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
    # set struct linger{l_onoff=1,l_linger=0} to avoid 10048 socket error
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_LINGER,
                    struct.pack('ii', 1, 0))
    # resize socket recv buffer 8K->32K to improve browser releated application performance
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF, 32 * 1024)
    sock.setsockopt(socket.SOL_TCP, socket.TCP_NODELAY, True)
    sock.settimeout(timeout)

    ssl_sock = openssl_wrap.SSLConnection(openssl_context, sock, ip, close_cb)
    ssl_sock.set_connect_state()
    ssl_sock.set_tlsext_host_name(sni)

    time_begin = time.time()
    ssl_sock.connect(ip_port)
    time_connected = time.time()
    ssl_sock.do_handshake()

    try:
        h2 = ssl_sock.get_alpn_proto_negotiated()
        if h2 == "h2":
            ssl_sock.h2 = True
        else:
            ssl_sock.h2 = False
    except Exception as e:
        if hasattr(ssl_sock._connection,
                   "protos") and ssl_sock._connection.protos == "h2":
            ssl_sock.h2 = True
        else:
            ssl_sock.h2 = False
    time_handshaked = time.time()

    # report network ok
    check_local_network.report_ok(ip)

    cert = ssl_sock.get_peer_certificate()
    if not cert:
        raise socket.error(' certficate is none')

    if check_cert:
        issuer_commonname = next(
            (v for k, v in cert.get_issuer().get_components() if k == 'CN'),
            '')
        if not issuer_commonname.startswith('Google'):
            raise socket.error(' certficate is issued by %r, not Google' %
                               (issuer_commonname))

    connct_time = int((time_connected - time_begin) * 1000)
    handshake_time = int((time_handshaked - time_connected) * 1000)

    # sometimes, we want to use raw tcp socket directly(select/epoll), so setattr it to ssl socket.
    ssl_sock._sock = sock
    ssl_sock.connct_time = connct_time
    ssl_sock.handshake_time = handshake_time

    ssl_sock.fd = sock.fileno()
    ssl_sock.create_time = time_begin
    ssl_sock.last_use_time = time_begin
    ssl_sock.received_size = 0
    ssl_sock.load = 0
    ssl_sock.sni = sni
    ssl_sock.host = ""

    return ssl_sock
示例#9
0
    def request_task(self, task):
        start_time = time.time()
        task.set_state("h1_req")

        self.ssl_sock.last_use_time = time.time()

        task.headers['Host'] = self.ssl_sock.host
        request_data = 'POST /_gh/ HTTP/1.1\r\n'
        request_data += ''.join('%s: %s\r\n' % (k, v) for k, v in task.headers.items())
        request_data += '\r\n'

        try:
            self.ssl_sock.send(request_data.encode())
            payload_len = len(task.body)
            start = 0
            while start < payload_len:
                send_size = min(payload_len - start, 65535)
                sended = self.ssl_sock.send(task.body[start:start+send_size])
                start += sended

            response = simple_http_client.Response(self.ssl_sock)
            response.begin(timeout=task.timeout)

        except Exception as e:
            xlog.warn("%s h1_request:%s %r time_cost:%d inactive:%d", self.ip, task.url, e,
                      (time.time()-start_time)*1000, (time.time() - self.last_active_time)*1000)
            google_ip.report_connect_closed(self.ssl_sock.ip, "request_fail")
            self.task = task
            self.close("request fail")
            return

        task.set_state("h1_get_head")
        body_length = int(response.getheader("Content-Length", "0"))
        task.content_length = body_length

        task.responsed = True
        response.worker = self
        response.task = task
        response.ssl_sock = self.ssl_sock
        task.queue.put(response)

        if body_length == 0:
            self.accept_task = True
            self.processed_tasks += 1
            return

        # read response body,
        try:
            start = 0
            end = body_length
            time_response = last_read_time = time.time()
            while True:
                if start >= end:
                    self.ssl_sock.received_size += body_length
                    time_cost = (time.time() - time_response)
                    if time_cost != 0:
                        speed = body_length / time_cost
                        task.set_state("h1_finish[SP:%d]" % speed)
                        self.report_speed(speed, body_length)
                        self.transfered_size += body_length
                    task.finish()
                    self.task = None
                    self.accept_task = True
                    self.idle_cb()
                    self.processed_tasks += 1
                    self.last_active_time = time.time()
                    check_local_network.report_ok(self.ssl_sock.ip)
                    return

                data = response.read()
                # task.set_state("read body:%d" % len(data))
                if not data:
                    if time.time() - last_read_time > 20:
                        xlog.warn("%s read timeout t:%d expect:%d left:%d ",
                                  self.ip, (time.time()-time_response)*1000, body_length, (end-start))
                        break
                    else:
                        time.sleep(0.1)
                        continue

                last_read_time = time.time()
                data_len = len(data)
                start += data_len
                task.put_data(data)

        except Exception as e:
            xlog.warn("%s h1 get data:%r", self.ip, e)

        task.finish()
        google_ip.report_connect_closed(self.ssl_sock.ip, "down fail")
        self.close("request body fail")
示例#10
0
def connect_ssl(ip, port=443, timeout=5, check_cert=True, close_cb=None):
    if check_local_network.is_ok(ip):
        with network_fail_lock:
           time.sleep(0.1)

    ip_port = (ip, port)

    sni = sni_generater.get()

    if config.PROXY_ENABLE:
        sock = socks.socksocket(socket.AF_INET if ':' not in ip else socket.AF_INET6)
    else:
        sock = socket.socket(socket.AF_INET if ':' not in ip else socket.AF_INET6)
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
    # set struct linger{l_onoff=1,l_linger=0} to avoid 10048 socket error
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_LINGER, struct.pack('ii', 1, 0))
    # resize socket recv buffer 8K->32K to improve browser releated application performance
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF, 32*1024)
    sock.setsockopt(socket.SOL_TCP, socket.TCP_NODELAY, True)
    sock.settimeout(timeout)

    ssl_sock = openssl_wrap.SSLConnection(openssl_context, sock, ip, close_cb)
    ssl_sock.set_connect_state()
    ssl_sock.set_tlsext_host_name(sni)

    time_begin = time.time()
    ssl_sock.connect(ip_port)
    time_connected = time.time()
    ssl_sock.do_handshake()

    try:
        h2 = ssl_sock.get_alpn_proto_negotiated()
        if h2 == "h2":
            ssl_sock.h2 = True
        else:
            ssl_sock.h2 = False
    except Exception as e:
        if hasattr(ssl_sock._connection, "protos") and ssl_sock._connection.protos == "h2":
            ssl_sock.h2 = True
        else:
            ssl_sock.h2 = False
    time_handshaked = time.time()

    # report network ok
    check_local_network.report_ok(ip)

    cert = ssl_sock.get_peer_certificate()
    if not cert:
        raise socket.error(' certficate is none')

    if check_cert:
        issuer_commonname = next((v for k, v in cert.get_issuer().get_components() if k == 'CN'), '')
        if not issuer_commonname.startswith('Google'):
            raise socket.error(' certficate is issued by %r, not Google' % ( issuer_commonname))

    connct_time = int((time_connected - time_begin) * 1000)
    handshake_time = int((time_handshaked - time_connected) * 1000)

    # sometimes, we want to use raw tcp socket directly(select/epoll), so setattr it to ssl socket.
    ssl_sock._sock = sock
    ssl_sock.connct_time = connct_time
    ssl_sock.handshake_time = handshake_time

    ssl_sock.fd = sock.fileno()
    ssl_sock.create_time = time_begin
    ssl_sock.last_use_time = time_begin
    ssl_sock.received_size = 0
    ssl_sock.load = 0
    ssl_sock.sni = sni
    ssl_sock.host = ""

    return ssl_sock