[jdev] sniffing
Alexey Nezhdanov
snake at penza-gsm.ru
Wed Oct 27 04:08:08 CDT 2004
В сообщении от Среда 27 Октябрь 2004 12:18 Alex Kogan написал(a):
> > You should really consider using TLS.
>
> This is what I cannot understand to the bottom of things. Which
> definite steps are involved in this usage? How do I start and go on
> with encryption?
My client and server doing exactly this:
both entities have agreed upon starting TLS - server starts SSL in server mode
and client starts SSL in client mode.
After SSL negotiation stream is restarted in both directions to ensure that
channel is working.
Real code:
======= server =====================
x509 = X509()
x509.parse(cert)
certChain = X509CertChain([x509])
privateKey = parsePEMKey(key, private=True)
connection = TLSConnection(session._sock)
connection.handshakeServer(certChain, privateKey, reqCert=False)
session._sslObj = connection
session._recv = connection.read
session._send = connection.send
session.StartStream()
======== client =====================
session._sslObj = socket.ssl(session._sock, None, None)
session._recv = session._sslObj.read
session._send = session._sslObj.write
session.StartStream()
==================================
--
Respectfully
Alexey Nezhdanov
More information about the JDev
mailing list