bityob · November 12, 2022 19:49
diff --git a/client.py b/client.py
 import socket
 import ssl

 SERVER_PORT = 60000
 HOST = "127.0.0.1"

 tls_client_cert = "client.crt"
 tls_client_key = "client-private-key.key"
 tls_key_password = None
 tls_ca_bundle = "ca_bundle.pem"

 client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
 client.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

 context = ssl.create_default_context(
    purpose=ssl.Purpose.SERVER_AUTH,
    cafile=tls_ca_bundle,
 )
 context.check_hostname = False
 context.verify_mode = ssl.CERT_REQUIRED
 context.load_cert_chain(
    tls_client_cert, tls_client_key, tls_key_password
 )
 client = context.wrap_socket(client, server_hostname=HOST)


 if __name__ == "__main__":
    client.connect((HOST, SERVER_PORT))
    i = 1

    while True:
        from time import sleep
        msg = "[%s] Hello World!" % i
        client.send(msg.encode("utf8"))
        i+=1
        sleep(1)
diff --git a/server.py b/server.py
 from __future__ import print_function

 import socket
 import ssl

 HOST = "0.0.0.0"
 PORT = 60000

 server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
 server.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

 server = ssl.wrap_socket(
    server,
    server_side=True,
    keyfile="server-private-key.key",
    certfile="server.crt",
    ca_certs="ca_bundle.pem",
    cert_reqs=ssl.CERT_REQUIRED,
 )

 if __name__ == "__main__":
    server.bind((HOST, PORT))
    server.listen(0)

    while True:
        try:
            connection, client_address = server.accept()
            while True:
                data = connection.recv(1024)
                if not data:
                    break
                print("Received: %s" % data.decode('utf-8'))
        except Exception as ex:
            print("Failed: %s" % ex)
diff --git a/setup.sh b/setup.sh
 # Create certificate (public key included) and private key for the server and the client
 openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout server-private-key.key -out server.crt
 openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout client-private-key.key -out client.crt

 # Add both certificates to ca_bundle.pem, to be use as ca_bundle for the server and the client
 cat server.crt >> ca_bundle.pem
 cat client.crt >> ca_bundle.pem

 # Run server and client 
 python server.py &
 python client.py
	import socket
	import ssl

	SERVER_PORT = 60000
	HOST = "127.0.0.1"

	tls_client_cert = "client.crt"
	tls_client_key = "client-private-key.key"
	tls_key_password = None
	tls_ca_bundle = "ca_bundle.pem"

	client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	client.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

	context = ssl.create_default_context(
	purpose=ssl.Purpose.SERVER_AUTH,
	cafile=tls_ca_bundle,
	)
	context.check_hostname = False
	context.verify_mode = ssl.CERT_REQUIRED
	context.load_cert_chain(
	tls_client_cert, tls_client_key, tls_key_password
	)
	client = context.wrap_socket(client, server_hostname=HOST)


	if __name__ == "__main__":
	client.connect((HOST, SERVER_PORT))
	i = 1

	while True:
	from time import sleep
	msg = "[%s] Hello World!" % i
	client.send(msg.encode("utf8"))
	i+=1
	sleep(1)
	from __future__ import print_function

	import socket
	import ssl

	HOST = "0.0.0.0"
	PORT = 60000

	server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	server.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

	server = ssl.wrap_socket(
	server,
	server_side=True,
	keyfile="server-private-key.key",
	certfile="server.crt",
	ca_certs="ca_bundle.pem",
	cert_reqs=ssl.CERT_REQUIRED,
	)

	if __name__ == "__main__":
	server.bind((HOST, PORT))
	server.listen(0)

	while True:
	try:
	connection, client_address = server.accept()
	while True:
	data = connection.recv(1024)
	if not data:
	break
	print("Received: %s" % data.decode('utf-8'))
	except Exception as ex:
	print("Failed: %s" % ex)
	# Create certificate (public key included) and private key for the server and the client
	openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout server-private-key.key -out server.crt
	openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout client-private-key.key -out client.crt

	# Add both certificates to ca_bundle.pem, to be use as ca_bundle for the server and the client
	cat server.crt >> ca_bundle.pem
	cat client.crt >> ca_bundle.pem

	# Run server and client
	python server.py &
	python client.py