本文整理匯總了Python中ssl.PROTOCOL_SSLv3方法的典型用法代碼示例。如果您正苦於以下問題:Python ssl.PROTOCOL_SSLv3方法的具體用法?Python ssl.PROTOCOL_SSLv3怎麽用?Python ssl.PROTOCOL_SSLv3使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類ssl
的用法示例。
在下文中一共展示了ssl.PROTOCOL_SSLv3方法的12個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: newconnect
# 需要導入模塊: import ssl [as 別名]
# 或者: from ssl import PROTOCOL_SSLv3 [as 別名]
def newconnect(self):
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
remote = ssl.wrap_socket(s,
ca_certs= CA,
cert_reqs=ssl.CERT_REQUIRED,
ssl_version = ssl.PROTOCOL_SSLv3)
remote.connect(self.server.seradd)
if not self.server.seradd[0] == remote.getpeercert()['subjectAltName'][0][1]:
logging.error('Server crt error !! Server Name don\'t mach !!')
logging.error(remote.getpeercert()['subjectAltName'][0][1])
return
if not self.send_PW(remote):
logging.warn('PW error !')
return
except socket.error, e:
logging.warn(e)
return
示例2: convert_version2method
# 需要導入模塊: import ssl [as 別名]
# 或者: from ssl import PROTOCOL_SSLv3 [as 別名]
def convert_version2method(protocol_version):
"""
Convert internal protocol version ID to Python SSL method.
:param Integer protocol_version: Version ID
:return: OpenSSL method or None if not found
:rtype: OpenSSL method or None
"""
if protocol_version == flextls.registry.version.SSLv2:
return ssl.PROTOCOL_SSLv2
if protocol_version == flextls.registry.version.SSLv3:
return ssl.PROTOCOL_SSLv3
if protocol_version == flextls.registry.version.TLSv10:
return ssl.PROTOCOL_TLSv1
if protocol_version == flextls.registry.version.TLSv11:
return ssl.PROTOCOL_TLSv1_1
if protocol_version == flextls.registry.version.TLSv12:
return ssl.PROTOCOL_TLSv1_2
return None
示例3: try_protocol_combo
# 需要導入模塊: import ssl [as 別名]
# 或者: from ssl import PROTOCOL_SSLv3 [as 別名]
def try_protocol_combo(self, server_protocol, client_protocol):
self._setup(ssl_protocol=server_protocol)
self.client.ssl_version = client_protocol
close_client(self.client)
self.client.connect(self.server.host, self.server.port)
try:
self.client.login()
except (ssl.SSLError, socket.error):
self.client.close()
else:
self.client.quit()
# def test_ssl_version(self):
# protos = [ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv23,
# ssl.PROTOCOL_TLSv1]
# if hasattr(ssl, "PROTOCOL_SSLv2"):
# protos.append(ssl.PROTOCOL_SSLv2)
# for proto in protos:
# self.try_protocol_combo(ssl.PROTOCOL_SSLv2, proto)
# for proto in protos:
# self.try_protocol_combo(ssl.PROTOCOL_SSLv3, proto)
# for proto in protos:
# self.try_protocol_combo(ssl.PROTOCOL_SSLv23, proto)
# for proto in protos:
# self.try_protocol_combo(ssl.PROTOCOL_TLSv1, proto)
示例4: ssl_wrap_socket
# 需要導入模塊: import ssl [as 別名]
# 或者: from ssl import PROTOCOL_SSLv3 [as 別名]
def ssl_wrap_socket(self):
# Allow sending of keep-alive messages - seems to prevent some servers
# from closing SSL, leading to deadlocks.
self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
try:
import ssl
if self.ca_certs is not None:
cert_reqs = ssl.CERT_REQUIRED
else:
cert_reqs = ssl.CERT_NONE
if self.ssl_version == "tls1":
ssl_version = ssl.PROTOCOL_TLSv1
elif self.ssl_version == "ssl2":
ssl_version = ssl.PROTOCOL_SSLv2
elif self.ssl_version == "ssl3":
ssl_version = ssl.PROTOCOL_SSLv3
elif self.ssl_version == "ssl23" or self.ssl_version is None:
ssl_version = ssl.PROTOCOL_SSLv23
else:
raise socket.sslerror("Invalid SSL version requested: %s", self.ssl_version)
self.sock = ssl.wrap_socket(self.sock, self.keyfile, self.certfile, ca_certs=self.ca_certs, cert_reqs=cert_reqs, ssl_version=ssl_version)
ssl_exc = ssl.SSLError
self.read_fd = self.sock.fileno()
except ImportError:
# No ssl module, and socket.ssl has no fileno(), and does not allow certificate verification
raise socket.sslerror("imaplib2 SSL mode does not work without ssl module")
if self.cert_verify_cb is not None:
cert_err = self.cert_verify_cb(self.sock.getpeercert(), self.host)
if cert_err:
raise ssl_exc(cert_err)
示例5: test_auth_ssl
# 需要導入模塊: import ssl [as 別名]
# 或者: from ssl import PROTOCOL_SSLv3 [as 別名]
def test_auth_ssl(self):
try:
self.client.ssl_version = ssl.PROTOCOL_SSLv3
self.client.auth()
self.assertRaises(ValueError, self.client.auth)
finally:
self.client.ssl_version = ssl.PROTOCOL_TLSv1
示例6: test_ssl_version
# 需要導入模塊: import ssl [as 別名]
# 或者: from ssl import PROTOCOL_SSLv3 [as 別名]
def test_ssl_version(self):
protos = [ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1]
if hasattr(ssl, "PROTOCOL_SSLv2"):
protos.append(ssl.PROTOCOL_SSLv2)
for proto in protos:
self.try_protocol_combo(ssl.PROTOCOL_SSLv2, proto)
for proto in protos:
self.try_protocol_combo(ssl.PROTOCOL_SSLv3, proto)
for proto in protos:
self.try_protocol_combo(ssl.PROTOCOL_SSLv23, proto)
for proto in protos:
self.try_protocol_combo(ssl.PROTOCOL_TLSv1, proto)
示例7: trigger
# 需要導入模塊: import ssl [as 別名]
# 或者: from ssl import PROTOCOL_SSLv3 [as 別名]
def trigger(self, prefix, suffix=''):
s = socket.create_connection((MITM_HOST, MITM_PORT))
s = ssl.wrap_socket(s, server_side=False, ssl_version=ssl.PROTOCOL_SSLv3, cert_reqs=ssl.CERT_NONE, ciphers="SHA1+DES")
self.message = None
try:
s.send('%s|secret=%s|%s' % (prefix, secret, suffix))
s.recv(2)
except ssl.SSLError as e:
#print 'ssl error: %s' % str(e)
pass
s.close()
return self.message
示例8: handle
# 需要導入模塊: import ssl [as 別名]
# 或者: from ssl import PROTOCOL_SSLv3 [as 別名]
def handle(self):
self.request = ssl.wrap_socket(self.request, keyfile="cert.pem", certfile="cert.pem", server_side=True, ssl_version=ssl.PROTOCOL_SSLv3, cert_reqs=ssl.CERT_NONE, ciphers="SHA1+DES")
while True:
try:
data = self.request.recv(1024)
if data == '':
break
#print 'securely received: %s' % repr(data)
self.request.send('ok')
except ssl.SSLError as e:
#print 'ssl error: %s' % str(e)
break
return
示例9: __init__
# 需要導入模塊: import ssl [as 別名]
# 或者: from ssl import PROTOCOL_SSLv3 [as 別名]
def __init__(self, configuration_file, defaults=None):
defaults = defaults or {}
RawConfigParser.__init__(self)
f = codecs.open(configuration_file, 'r', encoding='utf-8')
self.read_file(f)
f.close()
''' set defaults '''
self.hostname = 'localhost'
self.port = 1883
self.username = None
self.password = None
self.clientid = None
self.lwt = None
self.skipretained = False
self.cleansession = False
self.protocol = 3
self.logformat = '%(asctime)-15s %(levelname)-8s [%(name)-25s] %(message)s'
self.logfile = None
self.loglevel = 'DEBUG'
self.functions = None
self.num_workers = 1
self.directory = '.'
self.ca_certs = None
self.tls_version = None
self.certfile = None
self.keyfile = None
self.tls_insecure = False
self.tls = False
self.__dict__.update(defaults)
self.__dict__.update(self.config('defaults'))
if HAVE_TLS == False:
logger.error("TLS parameters set but no TLS available (SSL)")
sys.exit(2)
if self.ca_certs is not None:
self.tls = True
if self.tls_version is not None:
if self.tls_version == 'tlsv1_2':
self.tls_version = ssl.PROTOCOL_TLSv1_2
if self.tls_version == 'tlsv1_1':
self.tls_version = ssl.PROTOCOL_TLSv1_1
if self.tls_version == 'tlsv1':
self.tls_version = ssl.PROTOCOL_TLSv1
if self.tls_version == 'sslv3':
self.tls_version = ssl.PROTOCOL_SSLv3
self.loglevelnumber = self.level2number(self.loglevel)
self.functions = load_functions(self.functions)
示例10: _create_stream
# 需要導入模塊: import ssl [as 別名]
# 或者: from ssl import PROTOCOL_SSLv3 [as 別名]
def _create_stream(self, addrinfo):
af = addrinfo[0][0]
if self.parsed.scheme == "https":
ssl_options = {}
if self.request.validate_cert:
ssl_options["cert_reqs"] = ssl.CERT_REQUIRED
if self.request.ca_certs is not None:
ssl_options["ca_certs"] = self.request.ca_certs
else:
ssl_options["ca_certs"] = _DEFAULT_CA_CERTS
if self.request.client_key is not None:
ssl_options["keyfile"] = self.request.client_key
if self.request.client_cert is not None:
ssl_options["certfile"] = self.request.client_cert
# SSL interoperability is tricky. We want to disable
# SSLv2 for security reasons; it wasn't disabled by default
# until openssl 1.0. The best way to do this is to use
# the SSL_OP_NO_SSLv2, but that wasn't exposed to python
# until 3.2. Python 2.7 adds the ciphers argument, which
# can also be used to disable SSLv2. As a last resort
# on python 2.6, we set ssl_version to SSLv3. This is
# more narrow than we'd like since it also breaks
# compatibility with servers configured for TLSv1 only,
# but nearly all servers support SSLv3:
# http://blog.ivanristic.com/2011/09/ssl-survey-protocol-support.html
if sys.version_info >= (2, 7):
ssl_options["ciphers"] = "DEFAULT:!SSLv2"
else:
# This is really only necessary for pre-1.0 versions
# of openssl, but python 2.6 doesn't expose version
# information.
ssl_options["ssl_version"] = ssl.PROTOCOL_SSLv3
return SSLIOStream(socket.socket(af),
io_loop=self.io_loop,
ssl_options=ssl_options,
max_buffer_size=self.max_buffer_size)
else:
return IOStream(socket.socket(af),
io_loop=self.io_loop,
max_buffer_size=self.max_buffer_size)
示例11: ssl_wrap_socket
# 需要導入模塊: import ssl [as 別名]
# 或者: from ssl import PROTOCOL_SSLv3 [as 別名]
def ssl_wrap_socket(self):
try:
import ssl
TLS_MAP = {}
if hasattr(ssl, "PROTOCOL_TLSv1_2"): # py3
TLS_MAP[TLS_SECURE] = {
"tls1_2": ssl.PROTOCOL_TLSv1_2,
"tls1_1": ssl.PROTOCOL_TLSv1_1,
}
else:
TLS_MAP[TLS_SECURE] = {}
TLS_MAP[TLS_NO_SSL] = TLS_MAP[TLS_SECURE].copy()
TLS_MAP[TLS_NO_SSL].update({
"tls1": ssl.PROTOCOL_TLSv1,
})
TLS_MAP[TLS_COMPAT] = TLS_MAP[TLS_NO_SSL].copy()
TLS_MAP[TLS_COMPAT].update({
"ssl23": ssl.PROTOCOL_SSLv23,
None: ssl.PROTOCOL_SSLv23,
})
if hasattr(ssl, "PROTOCOL_SSLv3"): # Might not be available.
TLS_MAP[TLS_COMPAT].update({
"ssl3": ssl.PROTOCOL_SSLv3
})
if self.ca_certs is not None:
cert_reqs = ssl.CERT_REQUIRED
else:
cert_reqs = ssl.CERT_NONE
if self.tls_level not in TLS_MAP:
raise RuntimeError("unknown tls_level: %s" % self.tls_level)
if self.ssl_version not in TLS_MAP[self.tls_level]:
raise socket.sslerror("Invalid SSL version '%s' requested for tls_version '%s'" % (self.ssl_version, self.tls_level))
ssl_version = TLS_MAP[self.tls_level][self.ssl_version]
self.sock = ssl.wrap_socket(self.sock, self.keyfile, self.certfile, ca_certs=self.ca_certs, cert_reqs=cert_reqs, ssl_version=ssl_version)
ssl_exc = ssl.SSLError
self.read_fd = self.sock.fileno()
except ImportError:
# No ssl module, and socket.ssl has no fileno(), and does not allow certificate verification
raise socket.sslerror("imaplib SSL mode does not work without ssl module")
if self.cert_verify_cb is not None:
cert_err = self.cert_verify_cb(self.sock.getpeercert(), self.host)
if cert_err:
raise ssl_exc(cert_err)
# Allow sending of keep-alive messages - seems to prevent some servers
# from closing SSL, leading to deadlocks.
self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
示例12: __init__
# 需要導入模塊: import ssl [as 別名]
# 或者: from ssl import PROTOCOL_SSLv3 [as 別名]
def __init__(self,
raw_socket, tls_module, tls_version, disable_tls_compression):
self._logger = util.get_class_logger(self)
if tls_module == _TLS_BY_STANDARD_MODULE:
if tls_version == _TLS_VERSION_SSL23:
version = ssl.PROTOCOL_SSLv23
elif tls_version == _TLS_VERSION_SSL3:
version = ssl.PROTOCOL_SSLv3
elif tls_version == _TLS_VERSION_TLS1:
version = ssl.PROTOCOL_TLSv1
else:
raise ValueError(
'Invalid --tls-version flag: %r' % tls_version)
if disable_tls_compression:
raise ValueError(
'--disable-tls-compression is not available for ssl '
'module')
self._tls_socket = ssl.wrap_socket(raw_socket, ssl_version=version)
# Print cipher in use. Handshake is done on wrap_socket call.
self._logger.info("Cipher: %s", self._tls_socket.cipher())
elif tls_module == _TLS_BY_PYOPENSSL:
if tls_version == _TLS_VERSION_SSL23:
version = OpenSSL.SSL.SSLv23_METHOD
elif tls_version == _TLS_VERSION_SSL3:
version = OpenSSL.SSL.SSLv3_METHOD
elif tls_version == _TLS_VERSION_TLS1:
version = OpenSSL.SSL.TLSv1_METHOD
else:
raise ValueError(
'Invalid --tls-version flag: %r' % tls_version)
context = OpenSSL.SSL.Context(version)
if disable_tls_compression:
# OP_NO_COMPRESSION is not defined in OpenSSL module.
context.set_options(0x00020000)
self._tls_socket = OpenSSL.SSL.Connection(context, raw_socket)
# Client mode.
self._tls_socket.set_connect_state()
self._tls_socket.setblocking(True)
# Do handshake now (not necessary).
self._tls_socket.do_handshake()
else:
raise ValueError('No TLS support module is available')