def try_handshake(self,
host,
port=443,
attempts=None,
sleep_fnc=None,
**kwargs):
"""
Attempts for handshake
:param host:
:param port:
:param attempts:
:param sleep_fnc:
:param kwargs:
:return:
:rtype TlsHandshakeResult
"""
attempts = util.defval(attempts, self.attempts)
for attempt in range(attempts):
try:
return self.handshake(host=host, port=port, **kwargs)
except Exception as e:
logger.debug('Exception on handshake[%s]: %s' % (attempt, e))
if attempt + 1 >= attempts:
raise
if sleep_fnc is not None:
time.sleep(sleep_fnc(attempt))
else:
time.sleep(0.5)
def handshake(self, host, port=443, **kwargs):
"""
Performs the handshake
:param host:
:param port:
:return:
:rtype TlsHandshakeResult
"""
return_obj = TlsHandshakeResult()
return_obj.connect_target = (host, port)
tls_ver = kwargs.get('tls_version', self.tls_version)
domain_sni = util.defval(kwargs.get('domain', host), host)
timeout = float(kwargs.get('timeout', self.timeout))
return_obj.tls_version = tls_ver
return_obj.host = host
return_obj.port = port
return_obj.domain = domain_sni
return_obj.socket_family = socket.AF_INET
if TlsDomainTools.is_ip(host):
return_obj.ip = host
if TlsDomainTools.is_valid_ipv6_address(host):
return_obj.socket_family = socket.AF_INET6
else:
self._resolve_ip(return_obj)
# create simple tcp socket
s = socket.socket(return_obj.socket_family, socket.SOCK_STREAM)
try:
s.settimeout(timeout)
return_obj.time_start = time.time()
try:
logger.debug('Connecting to: %s, %s, %s' %
(return_obj.connect_target, host, domain_sni))
s.connect(return_obj.connect_target)
return_obj.time_connected = time.time()
return_obj.ip = util.defval(self._try_get_peer_ip(s),
return_obj.ip)
except Exception as e:
logger.debug('Exception during connect %s - %s: %s' %
(return_obj.connect_target, domain_sni, e))
self.trace_logger.log(e)
return_obj.handshake_failure = TlsHandshakeErrors.CONN_ERR
return_obj.time_failed = time.time()
return_obj.ip = util.defval(self._try_get_peer_ip(s),
return_obj.ip)
raise TlsTimeout('Connect timeout on %s - %s' %
(return_obj.connect_target, domain_sni),
e,
scan_result=return_obj)
cl_hello = self._build_client_hello(domain_sni, tls_ver, **kwargs)
return_obj.cl_hello = cl_hello
hello_packet = bytes(cl_hello)
s.sendall(hello_packet)
return_obj.time_sent = time.time()
self._read_while_finished(return_obj, s, timeout)
return_obj.certificates = self._extract_certificates(
return_obj.resp_record)
return return_obj
except TlsTimeout:
raise
except TlsIncomplete:
raise
except Exception as e:
logger.debug('Generic exception on tls scan %s' % e)
self.trace_logger.log(e)
raise TlsException('Generic exception', e, scan_result=return_obj)
finally:
util.silent_close(s)
def init_on_load(self):
self.dns_res = util.defval(util.try_load_json(self.dns), [])
self.dns_status = self.status
def __init__(self, timeout=10, tls_version=None, attempts=None, **kwargs):
self.timeout = timeout
self.tls_version = util.defval(tls_version, self.DEFAULT_TLS)
self.attempts = int(util.defval(attempts, self.DEFAULT_ATTEMPTS))
self.trace_logger = trace_logger.Tracelogger(logger)
def init_on_load(self):
self.trans_result = util.defval(util.try_load_json(self.result), [])