kommentare eingefügt, fehlerbehandlung geändert
This commit is contained in:
parent
e79258b8be
commit
b6acaa08a8
1 changed files with 18 additions and 11 deletions
|
@ -58,6 +58,7 @@ class SetStatus:
|
|||
|
||||
def check_status(self):
|
||||
"""
|
||||
checkes, if the self.status variable is a valid value
|
||||
return: boolean
|
||||
"""
|
||||
if self.status in ('0', '1'):
|
||||
|
@ -68,6 +69,8 @@ class SetStatus:
|
|||
|
||||
def set_config(self):
|
||||
"""
|
||||
Tries to read and use the values from the configuration file. If
|
||||
this failes, we still use the default values.
|
||||
"""
|
||||
self.log = logging.getLogger()
|
||||
# read config file
|
||||
|
@ -89,7 +92,8 @@ class SetStatus:
|
|||
|
||||
def check_certs(self, certs):
|
||||
"""
|
||||
Check if certs readable.
|
||||
Check if certs are readable.
|
||||
return: boolean
|
||||
"""
|
||||
self.log.debug('Check certificates')
|
||||
for certfile in certs:
|
||||
|
@ -111,25 +115,28 @@ class SetStatus:
|
|||
|
||||
def create_ssl_context(self):
|
||||
"""
|
||||
Creates SSL context
|
||||
return: context object or false
|
||||
"""
|
||||
context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH,
|
||||
cafile=self.config['server']['cert'])
|
||||
if not context:
|
||||
try:
|
||||
context = ssl.create_default_context(purpose=ssl.Purpose.SERVER_AUTH)
|
||||
except Exception as e:
|
||||
self.log.error('Failed to create SSL Context')
|
||||
return False
|
||||
context.load_verify_locations(cafile=self.config['server']['cert'])
|
||||
context.load_cert_chain(certfile=self.config['client']['cert'],
|
||||
keyfile=self.config['client']['key'])
|
||||
context.set_ciphers('EECDH+AESGCM') # only ciphers for tls 1.2 and 1.3
|
||||
context.options |= getattr(ssl._ssl, 'OP_NO_COMPRESSION', 0)
|
||||
try:
|
||||
context.load_cert_chain(certfile=self.config['client']['cert'],
|
||||
keyfile=self.config['client']['key'])
|
||||
except Exception as e:
|
||||
self.log.error('Failed to load cert chain')
|
||||
return False;
|
||||
self.log.debug('SSL context created')
|
||||
return context
|
||||
|
||||
def create_ssl_socket(self, config, context):
|
||||
"""
|
||||
Opens a socket and wrapes the socket into the given ssl context.
|
||||
param1: dictionary
|
||||
param2: ssl context
|
||||
return: ssl-socket or false
|
||||
"""
|
||||
bare_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
|
||||
if not bare_socket:
|
||||
|
@ -210,7 +217,7 @@ class SetStatus:
|
|||
if self.context is False:
|
||||
exit(3)
|
||||
|
||||
# get connection
|
||||
# get a ssl encrypted connection
|
||||
self.connection = self.create_ssl_connection()
|
||||
|
||||
# send status
|
||||
|
|
Loading…
Reference in a new issue