Python 2.7 python SSL连接
我正在用python做一个项目,我需要实现一个客户端,创建一个到我也实现的服务器的ssl连接 我使用了ssl.wrapsocket(),但由于某种原因,当我使用Wireshark嗅探流量时,我只看到TCP握手 这是我的客户端代码:Python 2.7 python SSL连接,python-2.7,ssl,Python 2.7,Ssl,我正在用python做一个项目,我需要实现一个客户端,创建一个到我也实现的服务器的ssl连接 我使用了ssl.wrapsocket(),但由于某种原因,当我使用Wireshark嗅探流量时,我只看到TCP握手 这是我的客户端代码: import socket import ssl import os SERVER_ADDRESS = ('**********', 10000) #open a TCP socket client_sock = socket.socket(socket.AF_I
import socket
import ssl
import os
SERVER_ADDRESS = ('**********', 10000)
#open a TCP socket
client_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
client_sock.settimeout(20000)
#connect to the server
client_sock.connect(SERVER_ADDRESS)
#start ssl handshake with the server
keyfile = os.path.dirname(__file__).replace('/', '\\') + '\\server.key'
certfile = os.path.dirname(__file__).replace('/', '\\') + '\\server.crt'
cli_ssl_sock = ssl.wrap_socket(
sock=client_sock,
certfile=certfile,
keyfile=keyfile,
server_side=False,
ssl_version=ssl.PROTOCOL_SSLv23,
ca_certs=None,
do_handshake_on_connect=False,
suppress_ragged_eofs=True,
)
cli_ssl_sock.do_handshake()
import socket
import ssl
SERVER_ADDRESS = ('**********', 10000)
keyfile = '/root/Desktop/server.key'
certfile = '/root/Desktop/server.crt'
#create TCP socket
server_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#bind the socket
server_sock.bind(SERVER_ADDRESS)
#listen
server_sock.listen(5)
print 'server is listening ...'
#receiving connections
while True:
conn_sock, client_address = server_sock.accept()
print 'new connection from : ' + str(client_address)
ssl_server_sock = ssl.wrap_socket(
sock=conn_sock,
certfile=certfile,
keyfile=keyfile,
server_side=True,
ssl_version=ssl.PROTOCOL_SSLv23,
ca_certs=None,
do_handshake_on_connect=True,
suppress_ragged_eofs=True,
)
这是我的服务器端代码:
import socket
import ssl
import os
SERVER_ADDRESS = ('**********', 10000)
#open a TCP socket
client_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
client_sock.settimeout(20000)
#connect to the server
client_sock.connect(SERVER_ADDRESS)
#start ssl handshake with the server
keyfile = os.path.dirname(__file__).replace('/', '\\') + '\\server.key'
certfile = os.path.dirname(__file__).replace('/', '\\') + '\\server.crt'
cli_ssl_sock = ssl.wrap_socket(
sock=client_sock,
certfile=certfile,
keyfile=keyfile,
server_side=False,
ssl_version=ssl.PROTOCOL_SSLv23,
ca_certs=None,
do_handshake_on_connect=False,
suppress_ragged_eofs=True,
)
cli_ssl_sock.do_handshake()
import socket
import ssl
SERVER_ADDRESS = ('**********', 10000)
keyfile = '/root/Desktop/server.key'
certfile = '/root/Desktop/server.crt'
#create TCP socket
server_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#bind the socket
server_sock.bind(SERVER_ADDRESS)
#listen
server_sock.listen(5)
print 'server is listening ...'
#receiving connections
while True:
conn_sock, client_address = server_sock.accept()
print 'new connection from : ' + str(client_address)
ssl_server_sock = ssl.wrap_socket(
sock=conn_sock,
certfile=certfile,
keyfile=keyfile,
server_side=True,
ssl_version=ssl.PROTOCOL_SSLv23,
ca_certs=None,
do_handshake_on_connect=True,
suppress_ragged_eofs=True,
)
你自己实现所有这些东西对你的项目重要吗?或者您可以使用现有的库来代替吗?我使用现有的库没有问题。http(s)请求可以吗,或者其他一些标准的web请求,或者您需要更自定义的东西吗?(我通常会建议您需要一个很好的理由来做一些标准协议无法做到的事情。您可以自由地在服务器端实现相当多的响应web请求的功能。)我之所以提出这个问题,是因为有更多现有的HTTP工具。对于服务器端的东西,您通常选择一个讲WSGI的web框架,然后它在web服务器后面运行。(例如,您可以使用uWSGI或Gunicorn在Nginx后面运行Flask应用程序。)然后让web服务器(例如Nginx)处理TLS安全性。对于客户端来说,这是非常好的。它通常“只起作用”。