setstatus.py: add support for ssl

client now connect to server via tls.
This commit is contained in:
berhsi 2019-07-29 18:27:53 +02:00
parent 84865a37bf
commit 60fccc57d4

View file

@ -10,6 +10,7 @@
# input is 0 or 1. # input is 0 or 1.
import socket import socket
import ssl
from sys import exit, argv, byteorder from sys import exit, argv, byteorder
@ -51,8 +52,12 @@ def read_argument():
def main(*status): def main(*status):
HOST = 'nr18.space' HOST = 'localhost'
PORT = 10001 PORT = 10001
SERVER_NAME = 'server.status.kraut.space'
CLIENT_CERT = './certs/client.crt'
CLIENT_KEY = './certs/client.key'
SERVER_CERT = './certs/server.crt'
BOM = byteorder BOM = byteorder
STATUS = None STATUS = None
RESPONSE = None RESPONSE = None
@ -69,21 +74,35 @@ def main(*status):
if STATUS == None: if STATUS == None:
STATUS = read_argument() STATUS = read_argument()
context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH, cafile = SERVER_CERT)
context.options &= ~ssl.PROTOCOL_TLS
context.verify_mode = ssl.CERT_OPTIONAL
# context.set_ciphers('HIGHT:!aNULL:!RC4:!DSS')
context.load_cert_chain(certfile = CLIENT_CERT, keyfile = CLIENT_KEY)
print('SSL context created')
with socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0) as mySocket: with socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0) as mySocket:
print('Socket created') print('Socket created')
try: try:
mySocket.connect((HOST, PORT)) conn = context.wrap_socket(mySocket, server_side = False, \
server_hostname = SERVER_NAME)
print('Connection wrapped with ssl.context')
except Exception as e: except Exception as e:
print('{}'.format(e)) print('Context wrapper failed: [}'.format(e))
try:
conn.connect((HOST, PORT))
print('SSL established: {}'.format(conn.getpeercert()))
except Exception as e:
print('SSL handshake failed: {}'.format(e))
exit(1) exit(1)
try: try:
print('Send new status: {}'.format(STATUS)) print('Send new status: {}'.format(STATUS))
mySocket.send(STATUS) conn.send(STATUS)
except Exception as e: except Exception as e:
print('Error: {}'.format(e)) print('Error: {}'.format(e))
exit(2) exit(2)
try: try:
RESPONSE = mySocket.recv(1) RESPONSE = conn.recv(1)
print('Server returns: {}'.format(RESPONSE)) print('Server returns: {}'.format(RESPONSE))
if RESPONSE == STATUS: if RESPONSE == STATUS:
print('Status sucessfull updated') print('Status sucessfull updated')