[TP06] Fix e QOL
This commit is contained in:
parent
eacfa5363f
commit
287ae0e466
SSH key fingerprint:
SHA256:aiLbdlPwXKJS5wMnghdtod0SPy8imZjlVvCyUX9DJNk
3 changed files with 29 additions and 47 deletions
|
|
@ -9,18 +9,22 @@ ip = "127.0.0.1"
|
||||||
port = 8443
|
port = 8443
|
||||||
|
|
||||||
client_cert = "client/client.crt"
|
client_cert = "client/client.crt"
|
||||||
server_cert = "server/server.crt"
|
|
||||||
client_key = "client/client.key"
|
client_key = "client/client.key"
|
||||||
|
server_cert = "server/server.crt"
|
||||||
|
|
||||||
context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH, cafile=server_cert)
|
context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
|
||||||
context.load_cert_chain(certfile=client_cert, keyfile=client_key)
|
|
||||||
|
context.minimum_version = ssl.TLSVersion.TLSv1_3
|
||||||
|
context.maximum_version = ssl.TLSVersion.TLSv1_3
|
||||||
|
|
||||||
# A biblioteca ssl não suporta editar as ciphers de TLS1.3
|
# A biblioteca ssl não suporta editar as ciphers de TLS1.3
|
||||||
# context.set_ciphers("TLS_CHACHA20_POLY1305_SHA256")
|
# context.set_ciphers("TLS_CHACHA20_POLY1305_SHA256")
|
||||||
context.minimum_version = ssl.TLSVersion.TLSv1_3
|
|
||||||
|
context.load_cert_chain(certfile=client_cert, keyfile=client_key)
|
||||||
context.load_verify_locations(cafile="./CA/CA.pem")
|
context.load_verify_locations(cafile="./CA/CA.pem")
|
||||||
context.verify_mode = CERT_REQUIRED
|
context.verify_mode = CERT_REQUIRED
|
||||||
|
|
||||||
|
|
||||||
def receive_messages(tls: ssl.SSLSocket):
|
def receive_messages(tls: ssl.SSLSocket):
|
||||||
try:
|
try:
|
||||||
while True:
|
while True:
|
||||||
|
|
@ -32,8 +36,11 @@ def receive_messages(tls: ssl.SSLSocket):
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
return
|
return
|
||||||
|
|
||||||
|
|
||||||
with create_connection((ip, port)) as client:
|
with create_connection((ip, port)) as client:
|
||||||
with context.wrap_socket(client, server_side=False, server_hostname=hostname) as tls:
|
with context.wrap_socket(
|
||||||
|
client, server_side=False, server_hostname=hostname
|
||||||
|
) as tls:
|
||||||
print(f"Using the following TLS1.3 cipher: ", str(tls.cipher()))
|
print(f"Using the following TLS1.3 cipher: ", str(tls.cipher()))
|
||||||
|
|
||||||
threading.Thread(target=receive_messages, args=(tls,)).start()
|
threading.Thread(target=receive_messages, args=(tls,)).start()
|
||||||
|
|
@ -45,6 +52,7 @@ with create_connection((ip, port)) as client:
|
||||||
print(f"Client: {message}\n", end="")
|
print(f"Client: {message}\n", end="")
|
||||||
tls.sendall(message.encode())
|
tls.sendall(message.encode())
|
||||||
if message.lower() == "exit":
|
if message.lower() == "exit":
|
||||||
|
tls.close()
|
||||||
break
|
break
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
tls.close()
|
tls.close()
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,6 @@ server_key = "server/server.key"
|
||||||
|
|
||||||
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
|
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
|
||||||
|
|
||||||
|
|
||||||
context.minimum_version = ssl.TLSVersion.TLSv1_3
|
context.minimum_version = ssl.TLSVersion.TLSv1_3
|
||||||
context.maximum_version = ssl.TLSVersion.TLSv1_3
|
context.maximum_version = ssl.TLSVersion.TLSv1_3
|
||||||
|
|
||||||
|
|
@ -25,38 +24,50 @@ context.load_cert_chain(certfile=server_cert, keyfile=server_key)
|
||||||
context.load_verify_locations(cafile="./CA/CA.pem")
|
context.load_verify_locations(cafile="./CA/CA.pem")
|
||||||
context.verify_mode = CERT_REQUIRED
|
context.verify_mode = CERT_REQUIRED
|
||||||
|
|
||||||
|
|
||||||
def handle_client(connection: ssl.SSLSocket, address):
|
def handle_client(connection: ssl.SSLSocket, address):
|
||||||
try:
|
try:
|
||||||
print(f"Client Connected: {address}\n")
|
print("\033[92mClient connected\033[0m: ", address)
|
||||||
print(f"Using the following TLS1.3 cipher: ", str(connection.cipher()))
|
print(f"Using the following TLS1.3 cipher: ", str(connection.cipher()))
|
||||||
|
|
||||||
while True:
|
while True:
|
||||||
message = connection.recv(1024)
|
message = connection.recv(1024)
|
||||||
if not message:
|
if not message:
|
||||||
break
|
break
|
||||||
|
if message.decode().lower() == "exit":
|
||||||
|
connection.close()
|
||||||
|
return
|
||||||
print(f"\rClient: {message.decode()}\n> ", end="")
|
print(f"\rClient: {message.decode()}\n> ", end="")
|
||||||
sys.stdout.flush()
|
sys.stdout.flush()
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
connection.close()
|
connection.close()
|
||||||
return
|
return
|
||||||
|
|
||||||
|
|
||||||
with socket(AF_INET, SOCK_STREAM) as server:
|
with socket(AF_INET, SOCK_STREAM) as server:
|
||||||
server.bind((ip, port))
|
server.bind((ip, port))
|
||||||
server.listen(5)
|
server.listen(5)
|
||||||
while True:
|
while True:
|
||||||
client_socket, client_address = server.accept()
|
client_socket, client_address = server.accept()
|
||||||
ssl_socket = context.wrap_socket(client_socket, server_side=True)
|
ssl_socket = context.wrap_socket(client_socket, server_side=True)
|
||||||
threading.Thread(target=handle_client, args=(ssl_socket, client_address)).start()
|
threading.Thread(
|
||||||
|
target=handle_client, args=(ssl_socket, client_address)
|
||||||
|
).start()
|
||||||
|
|
||||||
try:
|
try:
|
||||||
while True:
|
while True:
|
||||||
server_message = input("> ")
|
server_message = input("> ")
|
||||||
print("\033[A \033[A")
|
print("\033[A \033[A")
|
||||||
print(f"Server: {server_message}\n", end="")
|
|
||||||
ssl_socket.sendall(server_message.encode())
|
ssl_socket.sendall(server_message.encode())
|
||||||
|
print(f"Server: {server_message}\n", end="")
|
||||||
if server_message.lower() == "exit":
|
if server_message.lower() == "exit":
|
||||||
|
ssl_socket.close()
|
||||||
|
client_socket.close()
|
||||||
break
|
break
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
ssl_socket.close()
|
ssl_socket.close()
|
||||||
client_socket.close()
|
client_socket.close()
|
||||||
pass
|
pass
|
||||||
|
except Exception:
|
||||||
|
print("\033[91mClient disconnected\033[0m")
|
||||||
|
pass
|
||||||
|
|
|
||||||
|
|
@ -1,37 +0,0 @@
|
||||||
from socket import socket, AF_INET, SOCK_STREAM
|
|
||||||
from ssl import SSLContext, PROTOCOL_TLS_SERVER, CERT_REQUIRED
|
|
||||||
import ssl
|
|
||||||
|
|
||||||
|
|
||||||
ip = "127.0.0.1"
|
|
||||||
port = 8443
|
|
||||||
|
|
||||||
client_cert = "client.crt"
|
|
||||||
server_cert = "server.crt"
|
|
||||||
server_key = "server.key"
|
|
||||||
|
|
||||||
context = SSLContext(PROTOCOL_TLS_SERVER)
|
|
||||||
context.set_ciphers("TLS_CHACHA20_POLY1305_SHA256")
|
|
||||||
print("Using Cipher: ", context.get_ciphers())
|
|
||||||
context.minimum_version = ssl.TLSVersion.TLSv1_3
|
|
||||||
print("Minimum TLS Version: ", context.minimum_version)
|
|
||||||
context.load_cert_chain("server_cert.pem", "server_key.pem")
|
|
||||||
context.verify_mode = CERT_REQUIRED
|
|
||||||
|
|
||||||
with socket(AF_INET, SOCK_STREAM) as server:
|
|
||||||
server.bind((ip, port))
|
|
||||||
server.listen(1)
|
|
||||||
with context.wrap_socket(server, server_side=True) as tls:
|
|
||||||
connection, address = tls.accept()
|
|
||||||
print(f"Connected by {address}\n")
|
|
||||||
data = connection.recv(1024)
|
|
||||||
print(f"Client Says: {data.decode()}")
|
|
||||||
|
|
||||||
while True:
|
|
||||||
message = input("Server: ")
|
|
||||||
connection.sendall(message.encode())
|
|
||||||
if message.lower() == "exit":
|
|
||||||
break
|
|
||||||
|
|
||||||
data = connection.recv(1024)
|
|
||||||
print(f"Client says: {data.decode()}")
|
|
||||||
Loading…
Reference in a new issue