kommentare eingefügt, fehlerbehandlung geändert

This commit is contained in:
example 2022-04-06 10:39:15 +02:00
parent e79258b8be
commit b6acaa08a8

View file

@ -58,6 +58,7 @@ class SetStatus:
def check_status(self):
"""
checkes, if the self.status variable is a valid value
return: boolean
"""
if self.status in ('0', '1'):
@ -68,6 +69,8 @@ class SetStatus:
def set_config(self):
"""
Tries to read and use the values from the configuration file. If
this failes, we still use the default values.
"""
self.log = logging.getLogger()
# read config file
@ -89,7 +92,8 @@ class SetStatus:
def check_certs(self, certs):
"""
Check if certs readable.
Check if certs are readable.
return: boolean
"""
self.log.debug('Check certificates')
for certfile in certs:
@ -111,25 +115,28 @@ class SetStatus:
def create_ssl_context(self):
"""
Creates SSL context
return: context object or false
"""
context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH,
cafile=self.config['server']['cert'])
if not context:
try:
context = ssl.create_default_context(purpose=ssl.Purpose.SERVER_AUTH)
except Exception as e:
self.log.error('Failed to create SSL Context')
return False
context.set_ciphers('EECDH+AESGCM') # only ciphers for tls 1.2 and 1.3
context.options |= getattr(ssl._ssl, 'OP_NO_COMPRESSION', 0)
try:
context.load_verify_locations(cafile=self.config['server']['cert'])
context.load_cert_chain(certfile=self.config['client']['cert'],
keyfile=self.config['client']['key'])
except Exception as e:
self.log.error('Failed to load cert chain')
return False;
context.set_ciphers('EECDH+AESGCM') # only ciphers for tls 1.2 and 1.3
context.options |= getattr(ssl._ssl, 'OP_NO_COMPRESSION', 0)
self.log.debug('SSL context created')
return context
def create_ssl_socket(self, config, context):
"""
Opens a socket and wrapes the socket into the given ssl context.
param1: dictionary
param2: ssl context
return: ssl-socket or false
"""
bare_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
if not bare_socket:
@ -210,7 +217,7 @@ class SetStatus:
if self.context is False:
exit(3)
# get connection
# get a ssl encrypted connection
self.connection = self.create_ssl_connection()
# send status