def handle_connection(sock: socket): if not challenge_client(sock): _print('Challenge failed') gevent.sleep(2000) sock.close() return _print('Challenge OK!') sock = wrap_socket(sock, server_side=True, certfile='server.pem') try: code = read_code(sock) stdin_fd, stdout_fd = pipe_socket(sock) _print("Start executing received code in sandbox") with execute_code_in_sandbox(code, stdin=stdin_fd, stdout=stdout_fd, stderr=None, max_cpu_time=2) as p: retval = p.wait() if retval == -24: print("resource_limit_exceeded\n") f.write(b'ERROR resource_limit_exceeded\n') elif retval != 0: print(f"Code execution returned ERROR {retval}\n") else: print(f"Code execution returned OK = {retval}\n") except Exception as ex: _print(traceback.format_exc()) sys.stdout.write(f"Exception: {type(ex).__name__}\n") f.write(b'ERROR exception\n')
def check(self, url, host_info): host_info[self.description()] = None host_ip = socket.getaddrinfo(url, 443)[0][4][0] try: sock = socket.socket() sock.connect((host_ip, 443)) except socket.error: host_info["ssl checked"].set(True) host_info[self.description()] = True return True try: sock = ssl.wrap_socket(sock, ca_certs="/etc/ssl/certs/ca-certificates.crt", cert_reqs=ssl.CERT_NONE, ) cert = sock.getpeercert() except ssl.SSLError: host_info["ssl checked"].set(True) host_info[self.description()] = True return True host_info["ssl checked"].set(False) host_info[self.description()] = False return False
def _create_socket(self): """ Creates a new SSL enabled socket and sets its timeout. """ log.warning('No certificate check is performed for SSL connections') s = super(SSL, self)._create_socket() return wrap_socket(s)
def do_sendrecv(self): buf = '' sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) ssl_sock = ssl.wrap_socket(sock) self.ssl_sock = ssl_sock ssl_sock.connect((self.host, self.port)) print 'conneted' ssl_sock.send("USER abcd abcd abcd :abcd\r\n") ssl_sock.send("NICK " + self.nick +"\r\n") #ssl_sock.send("JOIN #teamnop\r\n") while True: result = ssl_sock.recv(4086) if result.__len__() == 0 : break buf += result.replace('\r','') while True: nextpos = buf.find('\n') if nextpos == -1: break parseinfo = parser.parser(buf[:nextpos]) try: func = getattr( ircservice, 'on_' + parseinfo.get_command().lower()) func(self,*parseinfo.get_all()) except AttributeError: pass print parseinfo.get_command(), parseinfo.get_all() buf = buf[nextpos+1:] ssl_sock.close() print 'closed'
def test_ssl_proxy(self): fix_sslwrap() self.test_input = "Hiya, this is a test".encode("utf-8") keyfile = os.path.join(package_directory, "templates/default/ssl/ssl.key") certfile = os.path.join(package_directory, "templates/default/ssl/ssl.crt") mock_service = StreamServer(("127.0.0.1", 0), self.echo_server, keyfile=keyfile, certfile=certfile) gevent.spawn(mock_service.start) gevent.sleep(1) proxy = Proxy( "proxy", "127.0.0.1", mock_service.server_port, keyfile=keyfile, certfile=certfile, ) server = proxy.get_server("127.0.0.1", 0) gevent.spawn(server.start) gevent.sleep(1) s = wrap_socket(socket(), keyfile=keyfile, certfile=certfile) s.connect(("127.0.0.1", server.server_port)) s.sendall(self.test_input) received = s.recv(len(self.test_input)) self.assertEqual(self.test_input, received) mock_service.stop(1)
def __init__(self, *args, **kwargs): Connection.__init__(self, *args, **kwargs) self.connected_event = Event() self._write_queue = Queue() self._callbacks = {} self._push_watchers = defaultdict(set) sockerr = None addresses = socket.getaddrinfo(self.host, self.port, socket.AF_UNSPEC, socket.SOCK_STREAM) for (af, socktype, proto, canonname, sockaddr) in addresses: try: self._socket = socket.socket(af, socktype, proto) if self.ssl_options: self._socket = ssl.wrap_socket(self._socket, **self.ssl_options) self._socket.settimeout(1.0) self._socket.connect(sockaddr) sockerr = None break except socket.error as err: sockerr = err if sockerr: raise socket.error(sockerr.errno, "Tried connecting to %s. Last error: %s" % ([a[4] for a in addresses], sockerr.strerror)) if self.sockopts: for args in self.sockopts: self._socket.setsockopt(*args) self._read_watcher = gevent.spawn(self.handle_read) self._write_watcher = gevent.spawn(self.handle_write) self._send_options_message()
def childproxy(conn, headers, conn_name='', serv_name=''): if proxy_type == 'http': s = socket.socket() connect_proxy(conn, s, headers, conn_name, serv_name) elif proxy_type == 'https': print('https') sock = ssl.wrap_socket(socket.socket()) connect_proxy(conn, sock, headers, conn_name, serv_name) elif proxy_type == 'socks': method, version, scm, address, path, params, query, fragment = parse_header( headers) s = socket.socket() geventsocks.connect(s, address) print('connect {} success'.format(serv_name)) if headers.startswith('CONNECT'): conn.sendall(b'HTTP/1.1 200 Connection established\r\n\r\n') create_pipe(conn, s, conn_name=conn_name, serv_name=serv_name) else: raw_headers = headers headers = make_headers(headers) s.sendall(headers.encode()) print(conn_name, '[{}]'.format(time.strftime('%Y-%m-%d %H:%M:%S')), raw_headers.split('\r\n')[0]) g = gevent.spawn(from_serv_to_cli, conn, s, conn_name, serv_name) try: from_cli_to_serv(conn, s, conn_name, serv_name) # for buf in iter(lambda:conn.recv(1024*16), b''): # s.sendall(buf) except (BrokenPipeError, ConnectionResetError): print('server: {} client: {} close'.format( serv_name, conn_name)) g.kill() return
def connect(self, hostport): if self.connected: self.disconnect() self.sock = socket.create_connection(hostport) self.conn = ssl.wrap_socket(self.sock) self.connected = True
def connect(self, host=None, port=None, address_family=None): """ Method that initiates a connection to an EPP host """ host = host or self.host self.sock = socket.socket(address_family or socket.AF_INET, socket.SOCK_STREAM) self.sock.settimeout(self.socket_connect_timeout) # connect timeout self.sock.connect((host, port or self.port)) local_sock_addr = self.sock.getsockname() local_addr, local_port = local_sock_addr[:2] self.log.debug('connected local=%s:%s remote=%s:%s', local_addr, local_port, self.sock.getpeername()[0], port) self.sock.settimeout(self.socket_timeout) # regular timeout if self.ssl_enable: self.sock = ssl.wrap_socket(self.sock, self.keyfile, self.certfile, ssl_version=self.ssl_version, ciphers=self.ssl_ciphers, server_side=False, cert_reqs=self.cert_required, ca_certs=self.cacerts) self.log.debug('%s negotiated with local=%s:%s remote=%s:%s', self.sock.version(), local_addr, local_port, self.sock.getpeername()[0], port) if self.validate_hostname: try: match_hostname(self.sock.getpeercert(), host) except CertificateError as exp: self.log.exception("SSL hostname mismatch") raise EppConnectionError(str(exp)) self.greeting = EppResponse.from_xml(self.read().decode('utf-8'))
def test_ssl_proxy_with_decoder(self): fix_sslwrap() self.test_input = 'Hiya, this is a test'.encode('utf-8') keyfile = os.path.join(package_directory, 'templates/default/ssl/ssl.key') certfile = os.path.join(package_directory, 'templates/default/ssl/ssl.crt') mock_service = StreamServer(('127.0.0.1', 0), self.echo_server, keyfile=keyfile, certfile=certfile) gevent.spawn(mock_service.start) gevent.sleep(1) proxy = Proxy( 'proxy', '127.0.0.1', mock_service.server_port, decoder='conpot.protocols.misc.ascii_decoder.AsciiDecoder', keyfile=keyfile, certfile=certfile) server = proxy.get_server('127.0.0.1', 0) gevent.spawn(server.start) gevent.sleep(1) s = wrap_socket(socket(), keyfile, certfile) s.connect(('127.0.0.1', server.server_port)) s.sendall(self.test_input) received = s.recv(len(self.test_input)) self.assertEqual(self.test_input, received) mock_service.stop(1)
def test_ssl_proxy(self): self.test_input = 'Hiya, this is a test' keyfile = os.path.join(package_directory, 'templates/example_ssl.key') certfile = os.path.join(package_directory, 'templates/example_ssl.crt') mock_service = StreamServer(('127.0.0.1', 0), self.echo_server, keyfile=keyfile, certfile=certfile) gevent.spawn(mock_service.start) gevent.sleep(1) proxy = Proxy('proxy', '127.0.0.1', mock_service.server_port, keyfile=keyfile, certfile=certfile) server = proxy.get_server('127.0.0.1', 0) gevent.spawn(server.start) gevent.sleep(1) s = wrap_socket(socket(), keyfile, certfile) s.connect(('127.0.0.1', server.server_port)) s.sendall(self.test_input) received = s.recv(len(self.test_input)) self.assertEqual(self.test_input, received) mock_service.stop(1)
def starttls(self, keyfile=None, certfile=None): """Puts the connection to the SMTP server into TLS mode. If there has been no previous EHLO or HELO command this session, this method tries ESMTP EHLO first. If the server supports TLS, this will encrypt the rest of the SMTP session. If you provide the keyfile and certfile parameters, the identity of the SMTP server and client can be checked. This, however, depends on whether the socket module really checks the certificates. This method may raise the following exceptions: SMTPHeloError The server didn't reply properly to the helo greeting. """ self.ehlo_or_helo_if_needed() if not self.has_extn("starttls"): raise SMTPException("STARTTLS extension not supported by server.") (resp, reply) = self.docmd("STARTTLS") if resp == 220: if not _have_ssl: raise RuntimeError("No SSL support included in this Python") self.sock = ssl.wrap_socket(self.sock, keyfile, certfile) self.file = SSLFakeFile(self.sock) # RFC 3207: # The client MUST discard any knowledge obtained from # the server, such as the list of SMTP service extensions, # which was not obtained from the TLS negotiation itself. self.helo_resp = None self.ehlo_resp = None self.esmtp_features = {} self.does_esmtp = 0 return (resp, reply)
def connect(self, host, port=None): """ Method that initiates a connection to an EPP host """ self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) self.sock.settimeout(self.socket_connect_timeout) # connect timeout self.sock.connect((host, port or self.port)) local_sock_addr = self.sock.getsockname() local_addr, local_port = local_sock_addr[:2] self.log.debug('connected local=%s:%s remote=%s:%s', local_addr, local_port, self.sock.getpeername()[0], port) self.sock.settimeout(self.socket_timeout) # regular timeout if self.ssl_enable: self.sock = ssl.wrap_socket(self.sock, self.keyfile, self.certfile, ssl_version=self.ssl_version, ciphers=self.ssl_ciphers, server_side=False, cert_reqs=self.cert_required, ca_certs=self.cacerts) self.log.debug('%s negotiated with local=%s:%s remote=%s:%s', self.sock.version(), local_addr, local_port, self.sock.getpeername()[0], port) if self.validate_hostname: try: match_hostname(self.sock.getpeercert(), host) except CertificateError as exp: self.log.exception("SSL hostname mismatch") raise EppConnectionError(str(exp)) self.greeting = EppResponse.from_xml(self.read().decode('utf-8'))
def connect(self, timeout=None): if not self._connected: try: sock = socket.create_connection(self._server, timeout) if not self._ssl_enable: self._socket = sock else: self._socket = ssl.wrap_socket( sock, keyfile=self._keyfile, certfile=self._certfile, ca_certs=self._ca_cert, cert_reqs=ssl.CERT_REQUIRED, ssl_version=ssl.PROTOCOL_SSLv23) except socket.error as err_msg: self._socket = None self._handle_event(self.SESSION_ERROR) return -1 else: self._connected = True self._socket.settimeout(None) self._set_socket_options() self._handle_event(self.SESSION_ESTABLISHED) return 0 return 0
def check(self, url, host_info): host_info[self.description()] = None host_ip = socket.getaddrinfo(url, 443)[0][4][0] try: sock = socket.socket() sock.connect((host_ip, 443)) except socket.error: host_info["ssl checked"].set(True) host_info[self.description()] = True return True try: sock = ssl.wrap_socket( sock, ca_certs="/etc/ssl/certs/ca-certificates.crt", cert_reqs=ssl.CERT_NONE, ) cert = sock.getpeercert() except ssl.SSLError: host_info["ssl checked"].set(True) host_info[self.description()] = True return True host_info["ssl checked"].set(False) host_info[self.description()] = False return False
def childproxy(conn, headers, conn_name='', serv_name=''): if proxy_type == 'http': s = socket.socket() connect_proxy(conn, s, headers, conn_name, serv_name) elif proxy_type == 'https': print('https') sock = ssl.wrap_socket(socket.socket()) connect_proxy(conn, sock, headers, conn_name, serv_name) elif proxy_type == 'socks': method, version, scm, address, path, params, query, fragment = parse_header(headers) s = socket.socket() geventsocks.connect(s, address) print('connect {} success'.format(serv_name)) if headers.startswith('CONNECT'): conn.sendall(b'HTTP/1.1 200 Connection established\r\n\r\n') create_pipe(conn, s, conn_name=conn_name, serv_name=serv_name) else: raw_headers = headers headers = make_headers(headers) s.sendall(headers.encode()) print(conn_name, '[{}]'.format(time.strftime('%Y-%m-%d %H:%M:%S')), raw_headers.split('\r\n')[0]) g = gevent.spawn(from_serv_to_cli, conn, s, conn_name, serv_name) try: from_cli_to_serv(conn, s, conn_name, serv_name) # for buf in iter(lambda:conn.recv(1024*16), b''): # s.sendall(buf) except (BrokenPipeError, ConnectionResetError): print('server: {} client: {} close'.format(serv_name, conn_name) ) g.kill() return
def check(self, url, host_info): host_info[self.description()] = None if host_info["ssl checked"].get(): return None else: host_ip = socket.getaddrinfo(url, 443)[0][4][0] try: sock = socket.socket() except socket.error: host_info[self.description()] = False return False try: sock = ssl.wrap_socket(sock, ca_certs="/etc/ssl/certs/ca-certificates.crt", cert_reqs=ssl.CERT_NONE, ssl_version=ssl.PROTOCOL_SSLv3, ) sock.connect((host_ip, 443)) cert = sock.getpeercert() usedcipher = str(sock.cipher()) except ssl.SSLError: host_info[self.description()] = False return False if (re.search(r'SSLv3', usedcipher)): host_info[self.description()] = True return True host_info[self.description()] = False return False
def _get_socket(self, host, port, timeout): if self.debuglevel > 0: print >> stderr, 'connect:', (host, port) new_socket = socket.create_connection((host, port), timeout) new_socket = ssl.wrap_socket(new_socket, self.keyfile, self.certfile) self.file = SSLFakeFile(new_socket) return new_socket
def handle(self, sock, address): session = conpot_core.get_session(self.proxy_id, address[0], address[1]) logger.info('New connection from {0}:{1} on {2} proxy. ({3})'.format( address[0], address[1], self.proxy_id, session.id)) proxy_socket = socket() if self.keyfile and self.certfile: proxy_socket = wrap_socket(proxy_socket, self.keyfile, self.certfile) try: proxy_socket.connect((self.proxy_host, self.proxy_port)) except _socket.error as ex: logger.error( 'Error while connecting to proxied service at ({0}, {1}): {2}'. format(self.proxy_host, self.proxy_port, ex)) self._close([proxy_socket, sock]) return sockets = [proxy_socket, sock] while len(sockets) == 2: gevent.sleep() sockets_read, _, sockets_err = select.select( sockets, [], sockets, 10) if len(sockets_err) > 0: self._close([proxy_socket, sock]) break for s in sockets_read: data = s.recv(1024) if len(data) is 0: self._close([proxy_socket, sock]) if s is proxy_socket: logging.info( 'Closing proxy connection because the proxied socket closed.' ) sockets = [] break elif s is sock: logging.info( 'Closing proxy connection because the remote socket closed' ) sockets = [] break else: assert False if s is proxy_socket: self.handle_out_data(data, sock, session) elif s is sock: self.handle_in_data(data, proxy_socket, session) else: assert False proxy_socket.close() sock.close()
def _check_feedback_connection(self): if self._feedback_connection is None: tcp_socket = socket.socket( socket.AF_INET, socket.SOCK_STREAM, 0) s = ssl.wrap_socket(tcp_socket, ssl_version=ssl.PROTOCOL_SSLv3, **self._sslargs) addr = ["feedback.push.apple.com", 2196] if self._sandbox: addr[0] = "feedback.sandbox.push.apple.com" s.connect_ex(tuple(addr)) self._feedback_connection = s
def accept_let(self): while True: sock, addr = self.sock.accept() try: sock = ssl.wrap_socket(sock, keyfile=self.keyfile, certfile=self.certfile, server_side=True, cert_reqs=ssl.CERT_REQUIRED, ca_certs=self.cacerts) except ssl.SSLError, e: print e continue self.clients.spawn(self.client_let, sock, addr)
def _check_send_connection(self): if self._push_connection is None: tcp_socket = socket.socket( socket.AF_INET, socket.SOCK_STREAM, 0) s = ssl.wrap_socket(tcp_socket, ssl_version=ssl.PROTOCOL_SSLv3, **self._sslargs) addr = ["gateway.push.apple.com", 2195] if self._sandbox: addr[0] = "gateway.sandbox.push.apple.com" s.connect_ex(tuple(addr)) self._push_connection = s self._error_greenlet = gevent.spawn(self.save_err, self._error_loop)
def create_socket(timeout=None, **ssl_args): """客户端创建,返回sock """ sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) if timeout: sock.settimeout(timeout) if ssl_args: from gevent.ssl import wrap_socket sock = wrap_socket(sock, **ssl_args) return sock
def _check_feedback_connection(self): if self._feedback_connection is None: tcp_socket = socket.socket( socket.AF_INET, socket.SOCK_STREAM, 0) s = ssl.wrap_socket(tcp_socket, ssl_version=ssl.PROTOCOL_TLSv1, **self._sslargs) addr = ["feedback.push.apple.com", 2196] if self._sandbox: addr[0] = "feedback.sandbox.push.apple.com" logger.debug('Connecting to %s' % addr[0]) s.connect_ex(tuple(addr)) self._feedback_connection = s
def _check_send_connection(self): if self._push_connection is None: tcp_socket = socket.socket( socket.AF_INET, socket.SOCK_STREAM, 0) s = ssl.wrap_socket(tcp_socket, ssl_version=ssl.PROTOCOL_TLSv1, **self._sslargs) addr = ["gateway.push.apple.com", 2195] if self._sandbox: addr[0] = "gateway.sandbox.push.apple.com" logger.debug('Connecting to %s' % addr[0]) s.connect_ex(tuple(addr)) self._push_connection = s self._error_greenlet = gevent.spawn(self.save_err, self._error_loop)
def connect(self): logging.debug('Connect to apns start') self._socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) self._socket.settimeout(10) logging.debug('Connect to apns step 1') self._socket.connect((self.server, self.port)) logging.debug('Connect to apns step 2') self._ssl = ssl.wrap_socket( self._socket, self.key_file, self.cert_file) logging.debug('Connect to apns step 3') self.connection_alive = True logging.debug('Connect to apns end')
def handle(self, sock, address): session = conpot_core.get_session(self.proxy_id, address[0], address[1]) logger.info('New connection from {0}:{1} on {2} proxy. ({3})'.format(address[0], address[1], self.proxy_id, session.id)) proxy_socket = socket() if self.keyfile and self.certfile: proxy_socket = wrap_socket(proxy_socket, self.keyfile, self.certfile) try: proxy_socket.connect((self.proxy_host, self.proxy_port)) except _socket.error as ex: logger.error('Error while connecting to proxied service at ({0}, {1}): {2}' .format(self.proxy_host, self.proxy_port, ex)) self._close([proxy_socket, sock]) return sockets = [proxy_socket, sock] while len(sockets) == 2: gevent.sleep() sockets_read, _, sockets_err = select.select(sockets, [], sockets, 10) if len(sockets_err) > 0: self._close([proxy_socket, sock]) break for s in sockets_read: data = s.recv(1024) if len(data) is 0: self._close([proxy_socket, sock]) if s is proxy_socket: logging.info('Closing proxy connection because the proxied socket closed.') sockets = [] break elif s is sock: logging.info('Closing proxy connection because the remote socket closed') sockets = [] break else: assert False if s is proxy_socket: self.handle_out_data(data, sock, session) elif s is sock: self.handle_in_data(data, proxy_socket, session) else: assert False proxy_socket.close() sock.close()
def create_connection(address, timeout=None, **ssl_args): sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 0) if timeout: sock.settimeout(timeout) if ssl_args: from gevent.ssl import wrap_socket sock = wrap_socket(sock, **ssl_args) host = address[0] port = int(address[1]) sock.connect((host, port)) return sock
def check_connection(self): if self._connection == None: print "Connecting to server[%s]" % (self._addr) sock = ssl.wrap_socket(socket(AF_INET, SOCK_STREAM, 0), self._key_file, self._cert_file, ssl_version=ssl.PROTOCOL_SSLv3) host, port = self._addr.split(':') ret = sock.connect_ex((host, int(port))) if ret == 0: print "Connection established to addr[%s]" % (self._addr) self._connection = sock return True print "Connecting failed to addr[%s]" % (self._addr) return False return True
def connect(self, host, port=None): self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) self.sock.settimeout(self.socket_connect_timeout) # connect timeout self.sock.connect((host, port or self.port)) self.sock.settimeout(self.socket_timeout) # regular timeout if self.ssl_enable: self.sock = ssl.wrap_socket(self.sock, self.keyfile, self.certfile, ssl_version=self.ssl_version, ciphers=self.ssl_ciphers, server_side=False, cert_reqs=self.cert_required, ca_certs=self.cacerts) if self.validate_hostname: try: match_hostname(self.sock.getpeercert(), host) except CertificateError, e: self.log.exception("SSL hostname mismatch") raise EppConnectionError(str(e))
def create_connection(address, timeout=None, **ssl_args): """客户端创建连接,返回sock :自带有一个 from gevent.socket import create_connection, 不过没有ssl参数 """ sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 0) if timeout: sock.settimeout(timeout) if ssl_args: from gevent.ssl import wrap_socket sock = wrap_socket(sock, **ssl_args) host = address[0] port = int(address[1]) sock.connect((host, port)) return sock
def getUserStatus(conn, userName): if not auth(conn): return DENIED validate_name(userName) splt = userName.split('@') rMsg = [RM.USER_STATUS_RESP,] if splt[1] == conn.domain: user_exists(userName) if userName in conn.connTbl: addr = conn.connTbl[userName].address rMsg.append((authList[addr], addr[0], addr[1])) else: rMsg.append(((userName, status.OFFLINE), 0, 0)) else: # if the user is not from this domain, send a message to the appropriate server address = (bSock.gethostbyname(splt[1]), 8888) sock = socket.socket() sock = ssl.wrap_socket(sock) sock.connect(address) sock.sendall(msgpack.packb([RM.AUTHENTICATE_SERVER, conn.domain])) rVal = sock.recv(4096) rVal = msgpack.unpackb(rVal) if rVal[0] != RM.AUTHENTICATED: raise RPCError sock.sendall(msgpack.packb([RM.GET_USER_STATUS, userName])) rVal = sock.recv(4096) rVal = msgpack.unpackb(rVal) if rVal[0] == RM.USER_NOT_FOUND: raise UserNotFound elif rVal[0] == RM.USER_STATUS_RESP: rMsg.append(rVal[1]) else: raise RPCError sock.close() return rMsg
def _fetch_socket(self): if self.using_ssl: if 'ssl_version' in self.config and self.config['ssl_version']: if self.config['ssl_version'] == 2: ssl_version = ssl.PROTOCOL_SSLv2 elif self.config['ssl_version'] == 3: ssl_version = ssl.PROTOCOL_SSLv3 else: ssl_version = ssl.PROTOCOL_SSLv23 else: # SSLv23 is the default for python ssl and gevent ssl ssl_version = ssl.PROTOCOL_SSLv23 return ssl.wrap_socket( socket.socket(), cert_reqs=ssl.CERT_REQUIRED, ca_certs=get_certs_bundle(), ssl_version=ssl_version) else: return socket.socket()
def unregisterFriend(conn, friend, un=None): if not auth(conn): return DENIED if conn.domain in friend: user_exists(friend) userName = un if un == None: userName = authList[conn.address][0] del_q = "DELETE FROM friends WHERE userName=? AND friend=?;" execute_query(del_q, (userName, friend)) execute_query(del_q, (friend, userName)) splt = friend.split("@") if splt[1] != conn.domain: if authList[conn.address][1] != status.SERVER: address = (bSock.gethostbyname(splt[1]), 8888) sock = socket.socket() sock = ssl.wrap_socket(sock) sock.connect(address) # authenicate sock.sendall(msgpack.packb([RM.AUTHENTICATE_SERVER, conn.domain])) rVal = sock.recv(4096) rVal = msgpack.unpackb(rVal) if rVal[0] != RM.AUTHENTICATED: raise RPCError # send the request sock.sendall(msgpack.packb([RM.SERVER_SEND_UNFRIEND, userName, friend])) rVal = sock.recv(4096) rVal = msgpack.unpackb(rVal) if rVal[0] != RM.SUCCESS: raise RPCError sock.close() return [RM.SUCCESS, "Friend Unregistered"]
def acceptFriend(conn, friend): if not auth(conn): return DENIED if conn.domain in friend: user_exists(friend) acceptor = authList[conn.address] # flip the accept bit for the user that accepted the request upd_q = "UPDATE friends SET accepted='true' WHERE userName=? AND friend=?;" execute_query(upd_q, (acceptor[0],friend)) splt = friend.split("@") # if other user is on this domain, set their accept bit as well if splt[1] == conn.domain: execute_query(upd_q, (friend, acceptor[0])) # if the friend is online, push a notification # to them that their friend request has been accepted if friend in conn.connTbl: conn.connTbl[friend].send([RM.PUSH_FRIEND_ACCEPT, acceptor[0], acceptor[1]]) else: # if the user is not from this domain, send a message to the appropriate server address = (bSock.gethostbyname(splt[1]), 8888) sock = socket.socket() sock = ssl.wrap_socket(sock) sock.connect(address) sock.sendall(msgpack.packb([RM.AUTHENTICATE_SERVER, conn.domain])) rVal = sock.recv(4096) rVal = msgpack.unpackb(rVal) if rVal[0] != RM.AUTHENTICATED: raise RPCError sock.sendall(msgpack.packb([RM.SERVER_SEND_ACCEPT, friend, acceptor[0], acceptor[1]])) rVal = sock.recv(4096) rVal = msgpack.unpackb(rVal) if rVal[0] != RM.SUCCESS: raise RPCError sock.close() return [RM.SUCCESS, "Friend Request Accepted"]
def test_ssl_proxy(self): fix_sslwrap() self.test_input = "Hiya, this is a test" keyfile = os.path.join(package_directory, "templates/default/ssl/ssl.key") certfile = os.path.join(package_directory, "templates/default/ssl/ssl.crt") mock_service = StreamServer(("127.0.0.1", 0), self.echo_server, keyfile=keyfile, certfile=certfile) gevent.spawn(mock_service.start) gevent.sleep(1) proxy = Proxy("proxy", "127.0.0.1", mock_service.server_port, keyfile=keyfile, certfile=certfile) server = proxy.get_server("127.0.0.1", 0) gevent.spawn(server.start) gevent.sleep(1) s = wrap_socket(socket(), keyfile, certfile) s.connect(("127.0.0.1", server.server_port)) s.sendall(self.test_input) received = s.recv(len(self.test_input)) self.assertEqual(self.test_input, received) mock_service.stop(1)
def connect(self, use_ssl=False): msg = '%s' % 'SSL: ' if use_ssl else '' logger.debug('%s Initial connection' % msg) try: if use_ssl: msg += 'Connection: Warp with SSL' self.socket = ssl.wrap_socket(self.socket) else: msg += 'Connection: Start connecting' self.socket = socket.create_connection((self.ip, self.port), timeout=self._timeout) self.socket.settimeout(self._timeout) except socket.timeout: raise ConnectTimeout except Exception as e: raise else: msg += 'Connection: success' self._closed = False finally: logger.debug(msg)
def run(self): tcp_ip_delay = 0 http_delay = 0 notify_on_exit = True while True: try: raw_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) if self.secure: self.sock = ssl.wrap_socket(raw_sock) else: self.sock = raw_sock self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1) self.sock.settimeout(self.timeout) self.sock.connect((self.host, self.port)) self.sock.send(self.headers) self.sock.send(self.body) status = self._get_status_and_consume_headers() if status == 200: self._notify('connect', self.id) tcp_ip_delay = 0 http_delay = 0 self._consume_stream() else: self.sock.close() if status > 500: http_delay = self._incr_http_delay(http_delay) sleep(http_delay) else: # we're doing something wrong logging.warning(status) notify_on_exit = False break except (socket.timeout, socket.error), err: logging.info(err, exc_info=True) self.sock.close() tcp_ip_delay = self._incr_tcp_ip_delay(tcp_ip_delay) sleep(tcp_ip_delay) except gevent.GreenletExit: self.sock.close() notify_on_exit = False break
def test_ssl_proxy_with_decoder(self): fix_sslwrap() self.test_input = 'Hiya, this is a test'.encode('utf-8') keyfile = os.path.join(package_directory, 'templates/default/ssl/ssl.key') certfile = os.path.join(package_directory, 'templates/default/ssl/ssl.crt') mock_service = StreamServer(('127.0.0.1', 0), self.echo_server, keyfile=keyfile, certfile=certfile) gevent.spawn(mock_service.start) gevent.sleep(1) proxy = Proxy('proxy', '127.0.0.1', mock_service.server_port, decoder='conpot.protocols.misc.ascii_decoder.AsciiDecoder', keyfile=keyfile, certfile=certfile) server = proxy.get_server('127.0.0.1', 0) gevent.spawn(server.start) gevent.sleep(1) s = wrap_socket(socket(), keyfile, certfile) s.connect(('127.0.0.1', server.server_port)) s.sendall(self.test_input) received = s.recv(len(self.test_input)) self.assertEqual(self.test_input, received) mock_service.stop(1)
def connect(self, timeout=None): if not self._connected: try: sock = socket.create_connection(self._server, timeout) if not self._ssl_enable: self._socket = sock else: self._socket = ssl.wrap_socket(sock, keyfile=self._keyfile, certfile=self._certfile, ca_certs=self._ca_cert, cert_reqs=ssl.CERT_REQUIRED, ssl_version=ssl.PROTOCOL_TLSv1) except socket.error as err_msg: self._socket = None self._handle_event(self.SESSION_ERROR) return -1 else: self._connected = True self._socket.settimeout(None) self._set_socket_options() self._handle_event(self.SESSION_ESTABLISHED) return 0 return 0
def smtp_STARTTLS(self, arg): if arg: self.push('501 Syntax: STARTTLS') return self.push('220 Ready to start TLS') if self.data: self.push('500 Too late to changed') return try: self.conn = ssl.wrap_socket(self.conn, **self.server.ssl) self.state = self.COMMAND self.seen_greeting = 0 self.rcpttos = [] self.mailfrom = None self.tls = True except Exception as err: logger.error(err, exc_info=True) self.push('503 certificate is FAILED') self.close_when_done()
def smtp_STARTTLS(self, arg): if arg: self.push("501 Syntax: STARTTLS") return self.push("220 Ready to start TLS") if self.data: self.push("500 Too late to changed") return try: self.conn = ssl.wrap_socket(self.conn, **self.server.ssl) self.state = self.COMMAND self.seen_greeting = 0 self.rcpttos = [] self.mailfrom = None self.tls = True except Exception as err: logger.error(err, exc_info=True) self.push("503 certificate is FAILED") self.close_when_done()
def get_resp(req, https=False): url = '{host}{path}'.format(host=req.split('\r\n')[1].split(' ')[1], path=req.split('\r\n')[0].split(' ')[1]) info = '{method} {url}'.format(method=req.split(' ')[0], url=url) # print(info) host, port = get_host_port(req, https) if https: s = ssl.wrap_socket(socket.socket(), ssl_version=ssl.PROTOCOL_TLSv1) s.settimeout(5) else: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) try: s.connect((host, port)) # print('connect ok') except socket.timeout as e: print(e) return s.sendall(req.encode('utf-8')) # print('send ok') resp = b'' while 1: # buf and not buf.startswith(b'WebSocket')\ # and not buf.endswith(b'\r\n\r\n'): try: buf = s.recv(1024 * 8) except socket.timeout as e: print(e) break # print('{}......{}'.format(buf[:50],buf[-50:])) resp += buf if not buf or\ buf.startswith(b'WebSocket') and buf.endswith(b'\r\n\r\n'): break # print('RECV {}'.format(url)) return resp, info
def _sslwrapper(family, socktype, proto): sock = socket.socket(family, socktype, proto) return ssl.wrap_socket(sock, cert_reqs=self.cert_reqs, ca_certs=self.ca_certs)
def handle(self, sock, address): session = conpot_core.get_session(self.proxy_id, address[0], address[1], sock.getsockname()[0], sock.getsockname()[1]) logger.info( 'New connection from %s:%s on %s proxy. (%s)', address[0], address[1], self.proxy_id, session.id) proxy_socket = socket() if self.keyfile and self.certfile: proxy_socket = wrap_socket(proxy_socket, self.keyfile, self.certfile) try: proxy_socket.connect((self.proxy_host, self.proxy_port)) except _socket.error: logger.exception('Error while connecting to proxied service at ({}, {})'.format(self.proxy_host, self.proxy_port)) self._close([proxy_socket, sock]) return sockets = [proxy_socket, sock] while len(sockets) == 2: if Proxy.stop_servers: self._close([proxy_socket, sock]) break gevent.sleep(0) ProxyAddresses.put(proxy_socket, [address[0], address[1]]) sockets_read, _, sockets_err = select.select(sockets, [], sockets, 10) if len(sockets_err) > 0: self._close([proxy_socket, sock]) break for s in sockets_read: socket_close_reason = 'socket closed' try: data = s.recv(1024) except _socket.error as socket_err: data = [] socket_close_reason = str(socket_err) if len(data) is 0: ProxyAddresses.clear_unused(proxy_socket) self._close([proxy_socket, sock]) if s is proxy_socket: logging.warning( 'Closing proxied socket while receiving (%s, %s): %s.', self.proxy_host, self.proxy_port, socket_close_reason) sockets = [] break elif s is sock: logging.warning( 'Closing connection to remote while receiving from remote (%s, %s): %s', socket_close_reason, address[0], address[1]) sockets = [] break else: assert False try: if s is proxy_socket: self.handle_out_data(data, sock, session) elif s is sock: self.handle_in_data(data, proxy_socket, session) else: assert False except _socket.error as socket_err: if s is proxy_socket: destination = 'proxied socket' else: destination = 'remote connection' logger.warning('Error while sending data to %s: %s.', destination, str(socket_err)) sockets = [] break session.set_ended() proxy_socket.close() sock.close()
'unfriend': test_unfriend, 'accept': test_accept, 'listener': test_listener, 'getAllStat': test_getAllStatus, 'getStatus': test_getUserStatus, 'cert': test_cert, 'ms_send': test_multiServer_sender, 'ms_listen': test_multiServer_listen, } if __name__ == '__main__': address = (bSock.gethostbyname(bSock.gethostbyname(sys.argv[3])), 8888) sock = socket.socket() sock = ssl.wrap_socket(sock) sock.connect(address) if sys.argv[1] in testMap: func = testMap[sys.argv[1]] func(sys.argv[2]) #sendQ.put([RM.AUTHENTICATE_USER,"*****@*****.**","12345"]) #sendQ.put([RM.UNREGISTER_FRIEND, "*****@*****.**"]) #sendQ.put([RM.REGISTER_STATUS, motmot.status.AWAY]) #sendQ.put([RM.ACCEPT_FRIEND, "*****@*****.**"]) #sendQ.put([RM.REGISTER_FRIEND, "*****@*****.**"]) #sendQ.put([RM.GET_ALL_STATUSES]) #cert = open('cert/motmot.crt').read() #sendQ.put([RM.SIGN_CERT_REQUEST, cert]) recv = recvGreenlet(sock) recv.start()
def ssl_connect(cls,host,port,ssl_kwargs,**kwargs): if kwargs.pop('ipv6',False): kwargs['family'] = socket.AF_INET6 s = cls._connect(host,port,**kwargs) s2 = ssl.wrap_socket(s,**ssl_kwargs) return cls(s2)
def handle(self, source, address): log.debug("New remote client connected from %s", address) # ssl negotiation if not self.unix_socket_used: ssl_req_data = source.recv(1024) if self.local_ssl_opt: log.debug("SSL Negotiation.") source.send("S") source = wrap_socket(source, keyfile=self.local_ssl_key, certfile=self.local_ssl_cert, server_side=True) source.settimeout(60) else: source.send("N") response, auth_response = None, None # Receive client data (used for create peer key) log.debug("Waiting for client data...") client_data = source.recv(2024) # create or get from pool one socket from_pool, dst_sock, response, auth_response = self.create_dst_connection( client_data) remote_ssl_opt = settings.get_remote_ssl() if not from_pool: # send ssl negotiation with remote server if remote_ssl_opt and not self.remote_unix_socket_used: dst_sock.send(utils.make_ssl_request()) rsp = dst_sock.recv(1024) if rsp[0] == "S": dst_sock = wrap_socket(dst_sock) else: raise Exception("Server does not support ssl connections") dst_sock.send(client_data) auth_error, response, auth_response = self.handle_authentication( source, dst_sock) else: auth_code = struct.unpack("!i", response[5:][:4])[0] if auth_code == 5: log.debug("Authenticating client...") source.send(auth_response) else: source.send(response) error_generator, auth_error, error = None, False, False source.setblocking(0) dst_sock.setblocking(0) log.debug("Entering on recv/send loop...") while not error: _r, _w, _e = select.select([source, dst_sock], [], []) for _in in _r: _data = read_until_fail(_in) if not _data or _data[0] == b'X': error, error_generator = True, _in break if _data[0] == 'E': self.send(source, _data) error, auth_error = True, True if _in == dst_sock: ok = self.send(source, _data) if not ok: error, error_generator = True, _in break else: self.send(dst_sock, _data) log.debug("Connection is closed in any socket.") # if error found on database or authentication error, close all connections if error_generator != source or auth_error: log.debug("Server connection is break. Closing all connections.") dst_sock.close() source.close() return log.debug("Client connection is break.") # send reset query send_data = [ utils.create_query_data("DISCARD ALL;"), utils.create_statement_description(), utils.create_flush_stetement(), ] ok = False if _data: ok = self.send(dst_sock, b"".join(send_data)) if ok: log.debug("Reset database connection state.") response_data = read_until_fail(dst_sock) if client_data not in self.queues: self.queues[client_data] = Queue() if self.queues[client_data].qsize() < 30: self.queues[client_data].put( (dst_sock, response, auth_response)) log.debug("Returning connection to pool.") log.debug("Current pool size: %s", self.queues[client_data].qsize()) else: dst_sock.close()
def handle(self, sock, address): session = conpot_core.get_session(self.proxy_id, address[0], address[1]) logger.info('New connection from {0}:{1} on {2} proxy. ({3})'.format( address[0], address[1], self.proxy_id, session.id)) proxy_socket = socket() if self.keyfile and self.certfile: proxy_socket = wrap_socket(proxy_socket, self.keyfile, self.certfile) try: proxy_socket.connect((self.proxy_host, self.proxy_port)) except _socket.error as ex: logger.error( 'Error while connecting to proxied service at ({0}, {1}): {2}'. format(self.proxy_host, self.proxy_port, ex)) self._close([proxy_socket, sock]) return sockets = [proxy_socket, sock] while len(sockets) == 2: gevent.sleep() sockets_read, _, sockets_err = select.select( sockets, [], sockets, 10) if len(sockets_err) > 0: self._close([proxy_socket, sock]) break for s in sockets_read: socket_close_reason = 'socket closed' try: data = s.recv(1024) except _socket.error as socket_err: data = [] socket_close_reason = str(socket_err) if len(data) is 0: self._close([proxy_socket, sock]) if s is proxy_socket: logging.warning( 'Closing proxied socket while receiving ({0}, {1}): {2}.' .format(self.proxy_host, self.proxy_port, socket_close_reason)) sockets = [] break elif s is sock: logging.warning( 'Closing connection to remote while receiving from remote ({0}, {1}): {2}' .format(socket_close_reason, address[0], address[1])) sockets = [] break else: assert False try: if s is proxy_socket: self.handle_out_data(data, sock, session) elif s is sock: self.handle_in_data(data, proxy_socket, session) else: assert False except _socket.error as socket_err: if s is proxy_socket: destination = 'proxied socket' else: destination = 'remote connection' logger.warning( 'Error while sending data to {0}: {1}.'.format( destination, str(socket_err))) sockets = [] break session.set_ended() proxy_socket.close() sock.close()
def main(): """Run the daemon from the command line""" opts = parse_arguments(sys.argv[1:]) # Initialize logger lvl = logging.DEBUG if opts.debug else logging.INFO global logger logger = logging.getLogger("vncauthproxy") logger.setLevel(lvl) formatter = logging.Formatter(("%(asctime)s %(module)s[%(process)d] " " %(levelname)s: %(message)s"), "%Y-%m-%d %H:%M:%S") handler = logging.FileHandler(opts.log_file) handler.setFormatter(formatter) logger.addHandler(handler) try: # Create pidfile pidf = pidlockfile.TimeoutPIDLockFile(opts.pid_file, 10) # Init ephemeral port pool ports = range(opts.min_port, opts.max_port + 1) # Init VncAuthProxy class attributes VncAuthProxy.server_timeout = opts.server_timeout VncAuthProxy.connect_retries = opts.connect_retries VncAuthProxy.retry_wait = opts.retry_wait VncAuthProxy.connect_timeout = opts.connect_timeout VncAuthProxy.ports = ports VncAuthProxy.authdb = parse_auth_file(opts.auth_file) VncAuthProxy.keyfile = opts.key_file VncAuthProxy.certfile = opts.cert_file VncAuthProxy.proxy_address = opts.proxy_listen_address VncAuthProxy.fqdn = socket.getfqdn() sockets = get_listening_sockets(opts.listen_port, opts.listen_address, reuse_addr=True) wrap_ssl = lambda sock: sock if opts.enable_ssl: ssl_prot = ssl.PROTOCOL_TLSv1 wrap_ssl = lambda sock: ssl.wrap_socket(sock, server_side=True, keyfile=opts.key_file, certfile=opts.cert_file, ssl_version=ssl_prot) # Become a daemon: # Redirect stdout and stderr to handler.stream to catch # early errors in the daemonization process [e.g., pidfile creation] # which will otherwise go to /dev/null. daemon_context = AllFilesDaemonContext(pidfile=pidf, umask=0022, stdout=handler.stream, stderr=handler.stream, files_preserve=[handler.stream]) # Remove any stale PID files, left behind by previous invocations if daemon.runner.is_pidfile_stale(pidf): logger.warning("Removing stale PID lock file %s", pidf.path) pidf.break_lock() try: daemon_context.open() except (AlreadyLocked, LockTimeout): raise InternalError(("Failed to lock PID file %s, another " "instance running?"), pidf.path) logger.info("Became a daemon") # A fork() has occured while daemonizing, # we *must* reinit gevent gevent.reinit() # Catch signals to ensure graceful shutdown, # # Uses gevent.signal so the handler fires even during # gevent.socket.accept() gevent.signal(SIGINT, fatal_signal_handler, "SIGINT") gevent.signal(SIGTERM, fatal_signal_handler, "SIGTERM") except InternalError as err: logger.critical(err) sys.exit(1) except Exception as err: logger.critical("Unexpected error:") logger.exception(err) sys.exit(1) while True: try: client = None rlist, _, _ = select(sockets, [], []) for ctrl in rlist: client, _ = ctrl.accept() client = wrap_ssl(client) logger.info("New control connection") VncAuthProxy.spawn(logger, client) continue except Exception as err: logger.error("Unexpected error:") logger.exception(err) if client: client.close() continue except SystemExit: break try: logger.info("Closing control sockets") while sockets: sock = sockets.pop() sock.close() daemon_context.close() sys.exit(0) except Exception as err: logger.critical("Unexpected error:") logger.exception(err) sys.exit(1)
def __init__(self, address): sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.connect(address) sock = ssl.wrap_socket(sock) super(SocketClient, self).__init__(sock)
def handle(self, sock, address): session = conpot_core.get_session( self.proxy_id, address[0], address[1], sock.getsockname()[0], sock.getsockname()[1], ) logger.info( "New connection from %s:%s on %s proxy. (%s)", address[0], address[1], self.proxy_id, session.id, ) proxy_socket = socket() if self.keyfile and self.certfile: proxy_socket = wrap_socket( proxy_socket, keyfile=self.keyfile, certfile=self.certfile ) try: proxy_socket.connect((self.proxy_host, self.proxy_port)) except _socket.error: logger.exception( "Error while connecting to proxied service at ({}, {})".format( self.proxy_host, self.proxy_port ) ) self._close([proxy_socket, sock]) return sockets = [proxy_socket, sock] while len(sockets) == 2: gevent.sleep(0) sockets_read, _, sockets_err = select.select(sockets, [], sockets, 10) if len(sockets_err) > 0: self._close([proxy_socket, sock]) break for s in sockets_read: socket_close_reason = "socket closed" try: data = s.recv(1024) except _socket.error as socket_err: data = [] socket_close_reason = str(socket_err) if len(data) is 0: self._close([proxy_socket, sock]) if s is proxy_socket: logging.warning( "Closing proxied socket while receiving (%s, %s): %s.", self.proxy_host, self.proxy_port, socket_close_reason, ) sockets = [] break elif s is sock: logging.warning( "Closing connection to remote while receiving from remote (%s, %s): %s", socket_close_reason, address[0], address[1], ) sockets = [] break else: assert False try: if s is proxy_socket: self.handle_out_data(data, sock, session) elif s is sock: self.handle_in_data(data, proxy_socket, session) else: assert False except _socket.error as socket_err: if s is proxy_socket: destination = "proxied socket" else: destination = "remote connection" logger.warning( "Error while sending data to %s: %s.", destination, str(socket_err), ) sockets = [] break session.set_ended() proxy_socket.close() sock.close()
def handle(self, sock, address): session = conpot_core.get_session(self.proxy_id, address[0], address[1]) logger.info('New connection from {0}:{1} on {2} proxy. ({3})'.format(address[0], address[1], self.proxy_id, session.id)) proxy_socket = socket() if self.keyfile and self.certfile: proxy_socket = wrap_socket(proxy_socket, self.keyfile, self.certfile) try: proxy_socket.connect((self.proxy_host, self.proxy_port)) except _socket.error as ex: logger.error('Error while connecting to proxied service at ({0}, {1}): {2}' .format(self.proxy_host, self.proxy_port, ex)) self._close([proxy_socket, sock]) return sockets = [proxy_socket, sock] while len(sockets) == 2: gevent.sleep() sockets_read, _, sockets_err = select.select(sockets, [], sockets, 10) if len(sockets_err) > 0: self._close([proxy_socket, sock]) break for s in sockets_read: socket_close_reason = 'socket closed' try: data = s.recv(1024) except _socket.error as socket_err: data = [] socket_close_reason = str(socket_err) if len(data) is 0: self._close([proxy_socket, sock]) if s is proxy_socket: logging.warning('Closing proxied socket while receiving ({0}, {1}): {2}.' .format(self.proxy_host, self.proxy_port, socket_close_reason)) sockets = [] break elif s is sock: logging.warning('Closing connection to remote while receiving from remote ({0}, {1}): {2}' .format(socket_close_reason, address[0], address[1])) sockets = [] break else: assert False try: if s is proxy_socket: self.handle_out_data(data, sock, session) elif s is sock: self.handle_in_data(data, proxy_socket, session) else: assert False except _socket.error as socket_err: if s is proxy_socket: destination = 'proxied socket' else: destination = 'remote connection' logger.warning('Error while sending data to {0}: {1}.'.format(destination, str(socket_err))) sockets = [] break session.set_ended() proxy_socket.close() sock.close()
import time from gevent import ssl, socket s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # Require a certificate from the server. We used a self-signed certificate # so here ca_certs must be the server certificate itself. ssl_sock = ssl.wrap_socket(s, ca_certs="server.crt", cert_reqs=ssl.CERT_REQUIRED) ssl_sock.connect(('localhost', 5500)) # ssl_sock.connect(('localhost', 9092)) ssl_sock.sendall(b'login superadmin password\n') while True: time.sleep(5) ssl_sock.sendall(b'ping null\n') print(ssl_sock.recv(4096)) ssl_sock.close()
def _create_socket(self): return wrap_socket(Tcp._create_socket(self), server_side=False)