Python套接字ssl连接

2024-04-20 01:01:56 发布

您现在位置:Python中文网/ 问答频道 /正文
6479 3

这是塞纳里奥:

服务器通过主机10.10.10.1监听两个端口9999、9998 客户机端口9999和控制器端口9998 我能够将客户机和控制器连接到服务器,并在没有ssl套接字的情况下从控制器控制客户端。 我想用加密的socket我添加了ssl证书socket连接,客户端不通过ssl_200k作为控制器连接到服务器。 谢谢你的帮助和建议。在

服务器:

    s=socket(AF_INET, SOCK_STREAM)
    s.bind(("10.10.10.1",9999))
    s.listen(5)
    port = 9999
    password = "password"
    bridgeport = 9998

    allConnections = []
    allAddresses = []

    def getConnections():
        for item in allConnections:
            item.close()

        del allConnections[:]
        del allAddresses[:]

        while 1:
            try:
                q,addr=s.accept()
                connstream = ssl.wrap_socket(q, server_side=True, certfile="server.crt", keyfile="server.key", ssl_version=ssl.PROTOCOL_SSLv23) 
                connstream.setblocking(1)
                allConnections.append(connstream)
                allAddresses.append(addr)

            except:
                print "YOU ARE NOT CONNECTED!! TRY AGAIN LATER"
                time.sleep(10.0)
                break
def main():
    bridge=socket(AF_INET, SOCK_STREAM)
    bridge.bind(("10.10.10.1",9998))
    bridge.setsockopt(SOL_SOCKET, SO_REUSEADDR, 1)
    while 1:
        bridge.listen(1)
        q,addr=bridge.accept()
        bridgestream = ssl.wrap_socket(q, server_side=True, certfile="server.crt", keyfile="server.key", ssl_version=ssl.PROTOCOL_SSLv23)

        cpass = bridgestream.recv(4096)
        if (cpass == password):
            print "Controller is connected"
        else:
            print "Controller not conected"
try:        
    main()
except:
    try:

        del allConnections[:]
        del allAddresses[:]
    except:
        pass

控制器:

^{pr2}$

客户:

host = "10.10.10.1"
port = 9999
def main(host, port):
    while 1:
        connected = False
        while 1:
            while (connected == False):
                try:

                    print host
                    print port
                    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
                    print s
                    ssl_sock = ssl.wrap_socket(s, ca_certs="server.crt", cert_reqs=ssl.CERT_REQUIRED)
                    print "ssl_sock"
                    ssl_sock.connect((host,port))
                    print "Connected"
                    connected = True
                except:
                    print "The client not Connected yet"
                    time.sleep(5)
while 1:
    try:
        main(host, port)
    except:
        time.sleep(5)

Tags: 服务器hostsslserverport控制器socketbridge
1条回答
网友
1楼 · 发布于 2024-04-20 01:01:56

我有一个类似的问题,建议两种方法:

  1. 首先尝试原始TCPsocket(不带ssl.wrap_socket())。如果这是可行的,那么使用一个工具,如netstat来诊断使用了哪些端口和IP地址,以防有什么阻塞。在
  2. 尝试在两边创建一个SSLContext,方法如下:
ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS)
ssl_context.verify_mode = ssl.CERT_NONE
stream_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
_socket = ssl_context.wrap_socket(stream_socket, server_hostname=hostname)
_socket.connect((hostname, port))

换句话说,不要首先强制使用证书,然后尝试指定协议。希望这有帮助!在

相关问题 更多 >

    编程相关推荐