kommentare eingefügt, fehlerbehandlung geändert

This commit is contained in:
example 2022-04-06 10:39:15 +02:00
parent e79258b8be
commit b6acaa08a8

View file

@ -58,6 +58,7 @@ class SetStatus:
def check_status(self): def check_status(self):
""" """
checkes, if the self.status variable is a valid value
return: boolean return: boolean
""" """
if self.status in ('0', '1'): if self.status in ('0', '1'):
@ -68,6 +69,8 @@ class SetStatus:
def set_config(self): def set_config(self):
""" """
Tries to read and use the values from the configuration file. If
this failes, we still use the default values.
""" """
self.log = logging.getLogger() self.log = logging.getLogger()
# read config file # read config file
@ -89,7 +92,8 @@ class SetStatus:
def check_certs(self, certs): def check_certs(self, certs):
""" """
Check if certs readable. Check if certs are readable.
return: boolean
""" """
self.log.debug('Check certificates') self.log.debug('Check certificates')
for certfile in certs: for certfile in certs:
@ -111,25 +115,28 @@ class SetStatus:
def create_ssl_context(self): def create_ssl_context(self):
""" """
Creates SSL context
return: context object or false
""" """
context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH, try:
cafile=self.config['server']['cert']) context = ssl.create_default_context(purpose=ssl.Purpose.SERVER_AUTH)
if not context: except Exception as e:
self.log.error('Failed to create SSL Context') self.log.error('Failed to create SSL Context')
return False return False
context.set_ciphers('EECDH+AESGCM') # only ciphers for tls 1.2 and 1.3 context.load_verify_locations(cafile=self.config['server']['cert'])
context.options |= getattr(ssl._ssl, 'OP_NO_COMPRESSION', 0)
try:
context.load_cert_chain(certfile=self.config['client']['cert'], context.load_cert_chain(certfile=self.config['client']['cert'],
keyfile=self.config['client']['key']) keyfile=self.config['client']['key'])
except Exception as e: context.set_ciphers('EECDH+AESGCM') # only ciphers for tls 1.2 and 1.3
self.log.error('Failed to load cert chain') context.options |= getattr(ssl._ssl, 'OP_NO_COMPRESSION', 0)
return False;
self.log.debug('SSL context created') self.log.debug('SSL context created')
return context return context
def create_ssl_socket(self, config, context): def create_ssl_socket(self, config, context):
""" """
Opens a socket and wrapes the socket into the given ssl context.
param1: dictionary
param2: ssl context
return: ssl-socket or false
""" """
bare_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0) bare_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
if not bare_socket: if not bare_socket:
@ -210,7 +217,7 @@ class SetStatus:
if self.context is False: if self.context is False:
exit(3) exit(3)
# get connection # get a ssl encrypted connection
self.connection = self.create_ssl_connection() self.connection = self.create_ssl_connection()
# send status # send status