当前位置: 首页>>代码示例>>Python>>正文


Python SSL.VERIFY_PEER属性代码示例

本文整理汇总了Python中OpenSSL.SSL.VERIFY_PEER属性的典型用法代码示例。如果您正苦于以下问题:Python SSL.VERIFY_PEER属性的具体用法?Python SSL.VERIFY_PEER怎么用?Python SSL.VERIFY_PEER使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在OpenSSL.SSL的用法示例。


在下文中一共展示了SSL.VERIFY_PEER属性的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: getContext

# 需要导入模块: from OpenSSL import SSL [as 别名]
# 或者: from OpenSSL.SSL import VERIFY_PEER [as 别名]
def getContext(self):
        default_options = self.control_credential._default_options(
            self.ca_certificate)

        def verify(conn, cert, errno, depth, preverify_ok):
            if depth > 0:
                # Certificate authority chain:
                return preverify_ok
            # Now we're actually verifying certificate we care about:
            if not preverify_ok:
                return preverify_ok
            return cert.get_subject().commonName.startswith(self.prefix)
        context = default_options.getContext()
        context.set_verify(VERIFY_PEER | VERIFY_FAIL_IF_NO_PEER_CERT,
                           verify)
        return context 
开发者ID:ClusterHQ,项目名称:flocker,代码行数:18,代码来源:_validation.py

示例2: testFailedVerify

# 需要导入模块: from OpenSSL import SSL [as 别名]
# 或者: from OpenSSL.SSL import VERIFY_PEER [as 别名]
def testFailedVerify(self):
        org = "twisted.test.test_ssl"
        self.setupServerAndClient(
            (org, org + ", client"), {},
            (org, org + ", server"), {})

        def verify(*a):
            return False
        self.clientCtxFactory.getContext().set_verify(SSL.VERIFY_PEER, verify)

        serverConnLost = defer.Deferred()
        serverProtocol = protocol.Protocol()
        serverProtocol.connectionLost = serverConnLost.callback
        serverProtocolFactory = protocol.ServerFactory()
        serverProtocolFactory.protocol = lambda: serverProtocol
        self.serverPort = serverPort = reactor.listenSSL(0,
            serverProtocolFactory, self.serverCtxFactory)

        clientConnLost = defer.Deferred()
        clientProtocol = protocol.Protocol()
        clientProtocol.connectionLost = clientConnLost.callback
        clientProtocolFactory = protocol.ClientFactory()
        clientProtocolFactory.protocol = lambda: clientProtocol
        reactor.connectSSL('127.0.0.1',
            serverPort.getHost().port, clientProtocolFactory, self.clientCtxFactory)

        dl = defer.DeferredList([serverConnLost, clientConnLost], consumeErrors=True)
        return dl.addCallback(self._cbLostConns) 
开发者ID:proxysh,项目名称:Safejumper-for-Desktop,代码行数:30,代码来源:test_ssl.py

示例3: send_ping

# 需要导入模块: from OpenSSL import SSL [as 别名]
# 或者: from OpenSSL.SSL import VERIFY_PEER [as 别名]
def send_ping(ip, port):
    HOST, PORT = ip, int(port)
    uuid = configmanager.uuid
    hostname = socket.gethostname()

    jsonobj = {'uuid': uuid, 'name': hostname, 
               'type': "ping", 'data': ""}

    data = json.dumps(jsonobj)

    # Initialize context
    ctx = SSL.Context(SSL.TLSv1_METHOD)
    ctx.set_options(SSL.OP_NO_SSLv2|SSL.OP_NO_SSLv3) #TLS1 and up
    ctx.set_verify(SSL.VERIFY_PEER, verify_cb) #Demand a certificate
    ctx.use_privatekey_file(configmanager.privatekeypath)
    ctx.use_certificate_file(configmanager.certificatepath)
    ctx.load_verify_locations(configmanager.cafilepath)                
    sslclientsocket = SSL.Connection(ctx, socket.socket(socket.AF_INET, socket.SOCK_STREAM))

    succ = False
    try:
        sslclientsocket.connect((HOST, PORT))
        sslclientsocket.sendall(data)
        sslclientsocket.recv(2)
        succ = True

    except Exception as e:
        print "Error " + str(e[0])

    finally:
        if (succ):
            sslclientsocket.shutdown()
            sslclientsocket.close() 
开发者ID:screenfreeze,项目名称:deskcon-desktop,代码行数:35,代码来源:ping.py

示例4: send_sms

# 需要导入模块: from OpenSSL import SSL [as 别名]
# 或者: from OpenSSL.SSL import VERIFY_PEER [as 别名]
def send_sms(recver, msg, ip, port, errordialog):
    HOST, PORT = ip, int(port)
    uuid = configmanager.uuid
    hostname = socket.gethostname()

    jsonobj = {'uuid': uuid, 'name': hostname, 
               'type': "sms", 'data': {'number': recver, 'message': msg}}

    data = json.dumps(jsonobj)

    # Initialize context
    ctx = SSL.Context(SSL.TLSv1_METHOD)
    ctx.set_options(SSL.OP_NO_SSLv2|SSL.OP_NO_SSLv3) #TLS1 and up
    ctx.set_verify(SSL.VERIFY_PEER, verify_cb) #Demand a certificate
    ctx.use_privatekey_file(configmanager.privatekeypath)
    ctx.use_certificate_file(configmanager.certificatepath)
    ctx.load_verify_locations(configmanager.cafilepath)                
    sslclientsocket = SSL.Connection(ctx, socket.socket(socket.AF_INET, socket.SOCK_STREAM))

    succ = False
    try:
        sslclientsocket.connect((HOST, PORT))
        sslclientsocket.sendall(data)
        sslclientsocket.recv(2)
        succ = True

    except Exception as e:
        errnum = e[0]
        print "Error " + str(e[0])
        if (errnum == -5):
            errordialog.format_secondary_text("The Device is not reachable. Maybe it's not on your Network")
        else:
            errordialog.format_secondary_text("Errornumber "+str(errnum))
        errordialog.run()
        errordialog.hide()

    finally:
        if (succ):
            sslclientsocket.shutdown()
            sslclientsocket.close()
            Gtk.main_quit() 
开发者ID:screenfreeze,项目名称:deskcon-desktop,代码行数:43,代码来源:sms.py

示例5: cacheContext

# 需要导入模块: from OpenSSL import SSL [as 别名]
# 或者: from OpenSSL.SSL import VERIFY_PEER [as 别名]
def cacheContext(self):
        """Setup the main context factory with custom SSL settings"""
        if self._context is None:
            ctx = self._contextFactory(self.sslmethod)

            ctx.set_cipher_list(MOZILLA_INTERMEDIATE_CIPHERS)
            ctx.set_options(SSL.OP_CIPHER_SERVER_PREFERENCE)
            ctx.set_options(SSL.OP_NO_SSLv2)
            ctx.set_options(SSL.OP_NO_SSLv3)
            ctx.set_options(SSL.OP_NO_COMPRESSION)
            ctx.set_mode(SSL.MODE_RELEASE_BUFFERS)
            ctx.set_options(SSL.OP_ALL & ~SSL.OP_MICROSOFT_BIG_SSLV3_BUFFER)

            ctx.use_certificate_chain_file(self.certificateFileName)
            ctx.use_privatekey_file(self.privateKeyFileName)

            if self.dh_file:
                ctx.load_tmp_dh(self.dh_file)

            if self.require_peer_certs:
                # Require peer certs but only for use by
                # RequestHandlers
                ctx.set_verify(
                    SSL.VERIFY_PEER |
                    SSL.VERIFY_CLIENT_ONCE,
                    self._allow_peer)

            self._context = ctx 
开发者ID:mozilla-services,项目名称:autopush,代码行数:30,代码来源:ssl.py

示例6: testFailedVerify

# 需要导入模块: from OpenSSL import SSL [as 别名]
# 或者: from OpenSSL.SSL import VERIFY_PEER [as 别名]
def testFailedVerify(self):
        org = "twisted.test.test_ssl"
        self.setupServerAndClient(
            (org, org + ", client"), {},
            (org, org + ", server"), {})

        def verify(*a):
            return False
        self.clientCtxFactory.getContext().set_verify(SSL.VERIFY_PEER, verify)

        serverConnLost = defer.Deferred()
        serverProtocol = protocol.Protocol()
        serverProtocol.connectionLost = serverConnLost.callback
        serverProtocolFactory = protocol.ServerFactory()
        serverProtocolFactory.protocol = lambda: serverProtocol
        self.serverPort = serverPort = reactor.listenSSL(0,
            serverProtocolFactory, self.serverCtxFactory)

        clientConnLost = defer.Deferred()
        clientProtocol = protocol.Protocol()
        clientProtocol.connectionLost = clientConnLost.callback
        clientProtocolFactory = protocol.ClientFactory()
        clientProtocolFactory.protocol = lambda: clientProtocol
        clientConnector = reactor.connectSSL('127.0.0.1',
            serverPort.getHost().port, clientProtocolFactory, self.clientCtxFactory)

        dl = defer.DeferredList([serverConnLost, clientConnLost], consumeErrors=True)
        return dl.addCallback(self._cbLostConns) 
开发者ID:kuri65536,项目名称:python-for-android,代码行数:30,代码来源:test_ssl.py

示例7: go

# 需要导入模块: from OpenSSL import SSL [as 别名]
# 或者: from OpenSSL.SSL import VERIFY_PEER [as 别名]
def go():
    port = socket()
    port.bind(('', 0))
    port.listen(1)

    called = []
    def info(*args):
        print count.next()
        called.append(None)
        return 1
    context = Context(TLSv1_METHOD)
    context.set_verify(VERIFY_PEER, info)
    context.use_certificate(
        load_certificate(FILETYPE_PEM, cleartextCertificatePEM))
    context.use_privatekey(
        load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM))

    while 1:
        client = socket()
        client.setblocking(False)
        client.connect_ex(port.getsockname())

        clientSSL = Connection(context, client)
        clientSSL.set_connect_state()

        server, ignored = port.accept()
        server.setblocking(False)

        serverSSL = Connection(context, server)
        serverSSL.set_accept_state()

        del called[:]
        while not called:
            for ssl in clientSSL, serverSSL:
                try:
                    ssl.send('foo')
                except WantReadError, e:
                    pass 
开发者ID:pyca,项目名称:pyopenssl,代码行数:40,代码来源:context-verify-callback.py

示例8: _makeContext

# 需要导入模块: from OpenSSL import SSL [as 别名]
# 或者: from OpenSSL.SSL import VERIFY_PEER [as 别名]
def _makeContext(self):
        ctx = self._contextFactory(self.method)
        ctx.set_options(self._options)
        ctx.set_mode(self._mode)

        if self.certificate is not None and self.privateKey is not None:
            ctx.use_certificate(self.certificate)
            ctx.use_privatekey(self.privateKey)
            for extraCert in self.extraCertChain:
                ctx.add_extra_chain_cert(extraCert)
            # Sanity check
            ctx.check_privatekey()

        verifyFlags = SSL.VERIFY_NONE
        if self.verify:
            verifyFlags = SSL.VERIFY_PEER
            if self.requireCertificate:
                verifyFlags |= SSL.VERIFY_FAIL_IF_NO_PEER_CERT
            if self.verifyOnce:
                verifyFlags |= SSL.VERIFY_CLIENT_ONCE
            self.trustRoot._addCACertsToContext(ctx)

        # It'd be nice if pyOpenSSL let us pass None here for this behavior (as
        # the underlying OpenSSL API call allows NULL to be passed).  It
        # doesn't, so we'll supply a function which does the same thing.
        def _verifyCallback(conn, cert, errno, depth, preverify_ok):
            return preverify_ok
        ctx.set_verify(verifyFlags, _verifyCallback)
        if self.verifyDepth is not None:
            ctx.set_verify_depth(self.verifyDepth)

        if self.enableSessions:
            name = "%s-%d" % (reflect.qual(self.__class__), _sessionCounter())
            sessionName = md5(networkString(name)).hexdigest()

            ctx.set_session_id(sessionName.encode('ascii'))

        if self.dhParameters:
            ctx.load_tmp_dh(self.dhParameters._dhFile.path)
        ctx.set_cipher_list(self._cipherString.encode('ascii'))

        if self._ecCurve is not None:
            try:
                self._ecCurve.addECKeyToContext(ctx)
            except BaseException:
                pass  # ECDHE support is best effort only.

        if self._acceptableProtocols:
            # Try to set NPN and ALPN. _acceptableProtocols cannot be set by
            # the constructor unless at least one mechanism is supported.
            _setAcceptableProtocols(ctx, self._acceptableProtocols)

        return ctx 
开发者ID:proxysh,项目名称:Safejumper-for-Desktop,代码行数:55,代码来源:_sslverify.py

示例9: send_data

# 需要导入模块: from OpenSSL import SSL [as 别名]
# 或者: from OpenSSL.SSL import VERIFY_PEER [as 别名]
def send_data(dialog, files, ip, port, pd):
    HOST, PORT = ip, int(port)
    uuid = configmanager.uuid
    hostname = socket.gethostname()

    filenames = []
    for filepath in files:
        head, name = os.path.split(filepath)
        filenames.append(name)

    jsonobj = {'uuid': uuid, 'name': hostname, 
               'type': "fileup", 'data': json.dumps(filenames)}

    data = json.dumps(jsonobj)

    # Initialize context
    ctx = SSL.Context(SSL.TLSv1_METHOD)
    ctx.set_options(SSL.OP_NO_SSLv2|SSL.OP_NO_SSLv3) #TLS1 and up
    ctx.set_verify(SSL.VERIFY_PEER, verify_cb) #Demand a certificate
    ctx.use_privatekey_file(configmanager.privatekeypath)
    ctx.use_certificate_file(configmanager.certificatepath)
    ctx.load_verify_locations(configmanager.cafilepath)                
    sslclientsocket = SSL.Connection(ctx, socket.socket(socket.AF_INET, socket.SOCK_STREAM))

    succ = False
    try:
        sslclientsocket.connect((HOST, PORT))
        sslclientsocket.sendall(data)
        print "wait for ack"
        response = sslclientsocket.recv(2) #wait for Ack
        if (response == "OK"):
            # Get total transfer size
            global total_size
            for filepath in files: #send files
                total_size = total_size + os.path.getsize(filepath)

            print "send files"
            for filepath in files: #send files
                send_file(filepath, sslclientsocket, pd)
            print "succesfully send Files"

        succ = True

    except Exception as e:
        print "Error " + str(e)

    finally:
        if (succ):
            sslclientsocket.shutdown()
            sslclientsocket.close()
            dialog.destroy() 
开发者ID:screenfreeze,项目名称:deskcon-desktop,代码行数:53,代码来源:filechooser.py

示例10: _makeContext

# 需要导入模块: from OpenSSL import SSL [as 别名]
# 或者: from OpenSSL.SSL import VERIFY_PEER [as 别名]
def _makeContext(self):
        ctx = self._contextFactory(self.method)
        ctx.set_options(self._options)
        ctx.set_mode(self._mode)

        if self.certificate is not None and self.privateKey is not None:
            ctx.use_certificate(self.certificate)
            ctx.use_privatekey(self.privateKey)
            for extraCert in self.extraCertChain:
                ctx.add_extra_chain_cert(extraCert)
            # Sanity check
            ctx.check_privatekey()

        verifyFlags = SSL.VERIFY_NONE
        if self.verify:
            verifyFlags = SSL.VERIFY_PEER
            if self.requireCertificate:
                verifyFlags |= SSL.VERIFY_FAIL_IF_NO_PEER_CERT
            if self.verifyOnce:
                verifyFlags |= SSL.VERIFY_CLIENT_ONCE
            self.trustRoot._addCACertsToContext(ctx)

        # It'd be nice if pyOpenSSL let us pass None here for this behavior (as
        # the underlying OpenSSL API call allows NULL to be passed).  It
        # doesn't, so we'll supply a function which does the same thing.
        def _verifyCallback(conn, cert, errno, depth, preverify_ok):
            return preverify_ok
        ctx.set_verify(verifyFlags, _verifyCallback)
        if self.verifyDepth is not None:
            ctx.set_verify_depth(self.verifyDepth)

        if self.enableSessions:
            # 32 bytes is the maximum length supported
            # Unfortunately pyOpenSSL doesn't provide SSL_MAX_SESSION_ID_LENGTH
            sessionName = secureRandom(32)
            ctx.set_session_id(sessionName)

        if self.dhParameters:
            ctx.load_tmp_dh(self.dhParameters._dhFile.path)
        ctx.set_cipher_list(self._cipherString.encode('ascii'))

        self._ecChooser.configureECDHCurve(ctx)

        if self._acceptableProtocols:
            # Try to set NPN and ALPN. _acceptableProtocols cannot be set by
            # the constructor unless at least one mechanism is supported.
            _setAcceptableProtocols(ctx, self._acceptableProtocols)

        return ctx 
开发者ID:wistbean,项目名称:learn_python3_spider,代码行数:51,代码来源:_sslverify.py

示例11: _makeContext

# 需要导入模块: from OpenSSL import SSL [as 别名]
# 或者: from OpenSSL.SSL import VERIFY_PEER [as 别名]
def _makeContext(self):
        ctx = SSL.Context(self.method)

        if self.certificate is not None and self.privateKey is not None:
            ctx.use_certificate(self.certificate)
            ctx.use_privatekey(self.privateKey)
            # Sanity check
            ctx.check_privatekey()

        verifyFlags = SSL.VERIFY_NONE
        if self.verify:
            verifyFlags = SSL.VERIFY_PEER
            if self.requireCertificate:
                verifyFlags |= SSL.VERIFY_FAIL_IF_NO_PEER_CERT
            if self.verifyOnce:
                verifyFlags |= SSL.VERIFY_CLIENT_ONCE
            if self.caCerts:
                store = ctx.get_cert_store()
                for cert in self.caCerts:
                    store.add_cert(cert)

        # It'd be nice if pyOpenSSL let us pass None here for this behavior (as
        # the underlying OpenSSL API call allows NULL to be passed).  It
        # doesn't, so we'll supply a function which does the same thing.
        def _verifyCallback(conn, cert, errno, depth, preverify_ok):
            return preverify_ok
        ctx.set_verify(verifyFlags, _verifyCallback)

        if self.verifyDepth is not None:
            ctx.set_verify_depth(self.verifyDepth)

        if self.enableSingleUseKeys:
            ctx.set_options(SSL.OP_SINGLE_DH_USE)

        if self.fixBrokenPeers:
            ctx.set_options(self._OP_ALL)

        if self.enableSessions:
            sessionName = md5("%s-%d" % (reflect.qual(self.__class__), _sessionCounter())).hexdigest()
            ctx.set_session_id(sessionName)

        if not self.enableSessionTickets:
            ctx.set_options(self._OP_NO_TICKET)

        return ctx 
开发者ID:kuri65536,项目名称:python-for-android,代码行数:47,代码来源:_sslverify.py


注:本文中的OpenSSL.SSL.VERIFY_PEER属性示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。