I am a beginner of python. I have implemented the one way SSL authentication in python, below is a part of the server side code:
...
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
s.bind(('', 12345))
s.listen(5)
while True:
(connection, address) = s.accept()
connstream = ssl.wrap_socket(connection,
server_side=True,
certfile="ssl/server.crt",
keyfile="ssl/server.key",
)
#print repr(connection.recv(65535));
try:
deal_with_client(connstream)
....
below is the client side code:
import socket, ssl, pprint
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ssl_sock = ssl.wrap_socket(s,
ca_certs="ssl/server.crt",
cert_reqs=ssl.CERT_REQUIRED)
ssl_sock.connect(('localhost', 12345))
print repr(ssl_sock.getpeername())
print ssl_sock.cipher()
print pprint.pformat(ssl_sock.getpeercert())
while 1:
ssl_sock.write("boo!")
s.close()
Actually I want to perform two way SSL authentication, then I generated the certificates of ca and client and private key of client and ca by using openssl tool.
Now I have below six files:
ca.crt
server.crt
client.crt
ca.key
server.key
client.key
So now how can I modify the server side and client side code to perform two way two way SSL authentication?
Sorry for my english, please help.
If you are client and want to connect a server and send request at the same time, you can use the following code
response = requests.post(url, data=your_data, cert=('path_client_certificate_file', 'path_certificate_key_file'), verify='path_rootCA')
You just need to do the same in the client and in the server:
#server
ssl.wrap_socket(connection,
server_side=True,
certfile="ssl/server.crt",
keyfile="ssl/server.key",
ca_certs="ssl/client.crt"
)
#client
ssl_sock = ssl.wrap_socket(s,
ca_certs="ssl/server.crt",
cert_reqs=ssl.CERT_REQUIRED,
certfile="ssl/client.crt",
keyfile="ssl/client.key"
)
I know this is an old one, but I looked for the same thing and didn't find an answer.
Related
guys, I am looking for a way to connect my python socket programms securely.
I imagined something like the following:
from socket import *
server = socket(AF_INET, SOCK_STREAM, cert="cetificate.pem")
server.bind(("192.168.2.100",8080))
server.listen()
while True:
client, addr = socket.accept()
client.sendall(b"Hello, World!")
I have found an alternative solution on github, but it is very complex and i dont understand it.
Please help me guys
I have found a solution:
import socket
import ssl
context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
context.load_cert_chain('/path/to/certchain.pem', '/path/to/private.key')
with socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0) as sock:
sock.bind(('127.0.0.1', 8443))
sock.listen(5)
with context.wrap_socket(sock, server_side=True) as ssock:
conn, addr = ssock.accept()
I have a python network server code.
import socket
HOST, PORT = '', 5000
listen_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
listen_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
listen_socket.bind((HOST, PORT))
listen_socket.listen(1)
print('Serving HTTP on port %s ...' % PORT)
while True:
client_connection, client_address = listen_socket.accept()
request = client_connection.recv(1024)
print(request)
http_response = """\
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
<H1>Hello, World!</H1>
"""
client_connection.sendall(http_response.encode())
client_connection.close()
I have a client code that accesses the server.
import socket
HOST = '127.0.0.1'
PORT = 5000 # The port used by the server
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print "Socket successfully created"
s.connect((HOST, PORT))
s.sendall('GET /')
data = s.recv(1000)
print('Received', repr(data))
s.close
except socket.error as err:
print "socket creation failed with error %s" %(err)
It works fine with the expected output when I executed the server and client.
Socket successfully created
('Received', "'HTTP/1.1 200 OK\\nContent-Type: text/html; charset=utf-8\\n\\n<H1>Hello, World!</H1>\\n'")
Then, I tried to execute the python server using ngrok.
Session Status online
Account ...
Version 2.3.34
Region United States (us)
Web Interface http://127.0.0.1:4040
Forwarding http://d2fccf7f.ngrok.io -> http://localhost:5000
Using curl, I could access the webserver with ngrok.
> curl http://d2fccf7f.ngrok.io
<H1>Hello, World!</H1>
However, when I tried to use the same client code with minor modifications, the server doesn't seem to respond.
import socket
ip = socket.gethostbyname('d2fccf7f.ngrok.io')
print(ip)
HOST = ip
PORT = 5000
# the rest of the code is the same
I changed the PORT to 80 or 8080, but I had same results.
What might be wrong?
Might I suggest trying something like pyngrok to programmatically manage your ngrok tunnel for you? Full disclosure, I am the developer of it. Socket and other TCP examples are here.
From oguz ismail's hint, I made the following REQUEST header to make it work. I see that the Host information and blank line should be required.
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print "Socket successfully created"
s.connect((HOST, PORT))
header = '''GET / HTTP/1.1\r\nHost: d2fccf7f.ngrok.io\r\n\r\n'''
...
I know this was already asked but the previous questions didn't help. I'm trying to send some data using sockets. Specifically I'm using my laptop as server and a Linux emulator (Termux) on my smartphone as a client. Here below you can see the two Python codes. For the server:
import socket
HOST = ''
PORT = 5555
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind((HOST, PORT))
s.listen()
conn, addr = s.accept()
print('Connected by', addr)
while True:
data = conn.recv(1024)
if not data:
break
conn.sendall(data)
s.close()
And for the client:
import socket
HOST = ''
PORT = 5555
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST, PORT))
s.sendall(b'Hello, world')
data = s.recv(1024)
print('Received', repr(data))
s.close()
When I'm connected to the same WiFi and in HOST (in both codes) I put the IP I see from ipconfig (192.168.---.---) everything works. It also works if in the HOST of the server I put 0.0.0.0.
However, when I put the IP of the machine (that I can see on https://whatismyipaddress.com/) and instead of using the WiFi I use the phone connection I get: ConnectionRefusedError: [Errno 111] Connection Refused.
Can someone explain me how can I connect client and server when the networks are different? I have been stuck with this for a while.
I also tried to open a port on the Firewall following this procedure and put it in the code instead of 5555 but still it didn't work.
Thank you in advance for the help.
I want to implement tcp check with Python.
I found a magic way in this article.
It introduce a efficient way to do a tcp-health-check.
Client: SYN
Server: SYN-ACK
Client: RST
I also found a Go implementer https://github.com/tevino/tcp-shaker.
But i hope to implement SYN,SYN-ACK,RST in python.
My code is there:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.setsockopt(socket.SOL_TCP, socket.TCP_QUICKACK, 0)
s.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 0)
s.setsockopt(socket.SOL_SOCKET, socket.SO_LINGER, struct.pack('ii', 1, 0))
s.connect((ip, port))
s.close()
But it didn't work as I expected. The client send a ACK to the server when the SYN-ACK received from server.
How could I disable TCP_QUICKACK in Python?
I am trying to create a client to connect to a server with given url address.
I used this way
host_ip = socket.gethostbyname('HOST_NAME')
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.bind(('127.0.0.1', 0))
sock.connect((host_ip, 8080))
but it printed the following error
OSError: [Errno 22] Invalid argument
Can someone explain me why is wrong and give me a solution?
You don't have to bind your socket, this is done server-side.
Here's the example code from the documentation for socket :
import socket
HOST = 'your-url.net' # The remote host
PORT = 8080 # The same port as used by the server
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((HOST, PORT))
s.sendall(b'Hello, world')
data = s.recv(1024)
print('Received', repr(data))
This is a simple snippet, which connects to the server, sends some data, and prints the response.