[英]How do I use TLS with asyncore?
An asyncore-based XMPP client opens a normal TCP connection to an XMPP server. 基于asyncore的XMPP客户端打开与XMPP服务器的正常TCP连接。 The server indicates it requires an encrypted connection.
服务器指示它需要加密连接。 The client is now expected to start a TLS handshake so that subsequent requests can be encrypted.
现在希望客户端启动TLS握手,以便可以加密后续请求。
tlslite integrates with asyncore, but the sample code is for a server (?) and I don't understand what it's doing. tlslite与asyncore集成,但示例代码用于服务器(?),我不明白它在做什么。
I'm on Python 2.5. 我在使用Python 2.5。 How can I get the TLS magic working?
我怎样才能让TLS魔术工作?
Here's what ended up working for me: 以下是最终为我工作的内容:
from tlslite.api import *
def handshakeTls(self):
"""
Encrypt the socket using the tlslite module
"""
self.logger.info("activating TLS encrpytion")
self.socket = TLSConnection(self.socket)
self.socket.handshakeClientCert()
Definitely check out twisted and wokkel. 绝对检查扭曲和wokkel。 I've been building tons of xmpp bots and components with it and it's a dream.
我用它制作了大量的xmpp机器人和组件,这是一个梦想。
I've followed what I believe are all the steps tlslite documents to make an asyncore client work -- I can't actually get it to work since the only asyncore client I have at hand to tweak for the purpose is the example in the Python docs, which is an HTTP 1.0 client, and I believe that because of this I'm trying to set up an HTTPS connection in a very half-baked way. 我遵循了我认为的所有步骤tlslite文档,以使asyncore客户端工作 - 我实际上无法让它工作,因为我唯一的asyncore客户端我手头调整的目的是在Python中的示例docs,这是一个HTTP 1.0客户端,我相信因为这个,我试图以非常半生不熟的方式建立HTTPS连接。 And I have no asyncore XMPP client, nor any XMPP server requesting TLS, to get anywhere close to your situation.
我没有asyncore XMPP客户端,也没有任何XMPP服务器请求TLS,以便能够接近您的情况。 Nevertheless I decided to share the fruits of my work anyway because (even though some step may be missing) it does seem to be a bit better than what you previously had -- I think I'm showing all the needed steps in the
__init__
. 尽管如此,我还是决定分享我的工作成果,因为(尽管可能缺少一些步骤)它似乎比你以前的更好一点 - 我想我在
__init__
显示了所有必要的步骤。 BTW, I copied the pem files from the tlslite/test directory. 顺便说一句,我从tlslite / test目录复制了pem文件。
import asyncore, socket
from tlslite.api import *
s = open("./clientX509Cert.pem").read()
x509 = X509()
x509.parse(s)
certChain = X509CertChain([x509])
s = open("./clientX509Key.pem").read()
privateKey = parsePEMKey(s, private=True)
class http_client(TLSAsyncDispatcherMixIn, asyncore.dispatcher):
ac_in_buffer_size = 16384
def __init__(self, host, path):
asyncore.dispatcher.__init__(self)
self.create_socket(socket.AF_INET, socket.SOCK_STREAM)
self.connect( (host, 80) )
TLSAsyncDispatcherMixIn.__init__(self, self.socket)
self.tlsConnection.ignoreAbruptClose = True
handshaker = self.tlsConnection.handshakeClientCert(
certChain=certChain,
privateKey=privateKey,
async=True)
self.setHandshakeOp(handshaker)
self.buffer = 'GET %s HTTP/1.0\r\n\r\n' % path
def handle_connect(self):
pass
def handle_close(self):
self.close()
def handle_read(self):
print self.recv(8192)
def writable(self):
return (len(self.buffer) > 0)
def handle_write(self):
sent = self.send(self.buffer)
self.buffer = self.buffer[sent:]
c = http_client('www.readyhosting.com', '/')
asyncore.loop()
This is a mix of the asyncore example http client in the Python docs, plus what I've gleaned from the tlslite docs and have been able to reverse engineer from their sources. 这是Python文档中的asyncore示例http客户端的混合,以及我从tlslite文档中收集到的内容,并且能够从其源代码中进行逆向工程。 Hope this (even though incomplete/not working) can at least advance you in your quest...
希望这(尽管不完整/不工作)至少可以帮助你完成任务......
Personally, in your shoes, I'd consider switching from asyncore to twisted -- asyncore is old and rusty, Twisted already integrates a lot of juicy, useful bits (the URL I gave is to a bit in the docs that already does integrate TLS and XMPP for you...). 就个人而言,在你的鞋子里,我会考虑从asyncore切换到扭曲 - asyncore老旧生锈,Twisted已经集成了许多多汁,有用的位(我给出的URL在已经集成TLS的文档中有点)和XMPP为你...)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.