我正在尝试准备原型并且无法获得连接。我正在为客户端和服务器使用OpenSSL。
#!/usr/bin/env python
import SocketServer
import json
from OpenSSL import SSL
import os
import socket
TERMINATION_STRING = "Done"
CERTIFICATE_PATH = os.getcwd() + '/CA/certs/01.pem'
KEY_PATH = os.getcwd() + '/CA/private/key.pem'
class SSLThreadingTCPServer(SocketServer.ThreadingTCPServer):
def __init__(self, address, handler):
SocketServer.ThreadingTCPServer.__init__(self, address, handler)
ctx = SSL.Context(SSL.SSLv23_METHOD)
#ctx.use_privatekey_file(KEY_PATH)
#ctx.use_certificate_file(CERTIFICATE_PATH)
self.socket = SSL.Connection(ctx, socket.socket(self.address_family, self.socket_type))
print "Serving:", address[0], "on port:", address[1]
class MemberUpdateHandler(SocketServer.BaseRequestHandler):
def setup(self):
print self.client_address, "connected"
def handle(self):
data = ""
while True:
data += self.request.recv(1024).encode('utf-8').strip
if data[-4:] == "Done":
print "Done"
break
dataStrings = data.split(' ')
for item in dataStrings:
print item
if __name__ == "__main__":
ADDRESS = 'localhost'
PORT = 42424
HOST = (ADDRESS, PORT)
s = SSLThreadingTCPServer(HOST, MemberUpdateHandler)
s.serve_forever()
客户:
#!/usr/bin/env python
from OpenSSL import SSL
import socket
import os
HOST = 'localhost'
PORT = 42424
ADDRESS = (HOST, PORT)
CERTIFICATE_FILE = os.getcwd() + '/CA/certs/02.pem'
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ctx = SSL.Context(SSL.SSLv23_METHOD)
sslSock = SSL.Connection(ctx, sock)
sslSock.connect(ADDRESS) #THIS IS WHERE IT FAILS
items = "this is a test Done"
sslSock.sendall(items)
sslSock.close()
最后,错误:
File "SSLClient.py", line 19, in <module> sslSock.connect(ADDRESS)
File "<string>", line 1, in connect
socket.error: [Errno 111] Connection refused
任何帮助将不胜感激。我觉得我错过了一些简单的东西,但我不熟悉网络编程。
服务器运行时输出 netstat -tpn
:
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 198.183.6.199:59724 74.125.227.0:80 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:49758 74.125.227.16:80 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:39299 69.30.156.16:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:44128 23.0.38.218:80 TIME_WAIT -
tcp 0 0 198.183.6.199:41272 64.34.119.101:80 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:39420 69.30.156.26:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:39418 69.30.156.26:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:41218 64.34.119.101:80 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:56224 198.183.6.22:22 ESTABLISHED 3156/ssh
tcp 0 0 198.183.6.199:54281 74.125.227.10:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:46349 69.30.156.11:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:54380 74.125.227.62:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:42252 75.126.125.212:80 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:39300 69.30.156.16:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:53321 74.125.227.15:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:60669 74.125.227.0:80 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:54285 74.125.227.10:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:37783 74.125.137.125:5222 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:897 198.183.6.22:2049 ESTABLISHED -
tcp 0 0 198.183.6.199:45040 69.171.248.16:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:54286 74.125.227.10:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:54284 74.125.227.10:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:38499 74.125.227.21:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:54157 173.194.33.47:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:44312 70.84.101.150:6667 ESTABLISHED 5776/xchat
tcp 0 0 198.183.6.199:46074 69.30.156.32:80 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:39298 69.30.156.16:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:58444 74.125.227.16:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:39056 198.183.6.100:993 ESTABLISHED 3180/thunderbird-bi
tcp 0 0 198.183.6.199:54283 74.125.227.10:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:54910 173.194.64.116:80 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:10050 198.183.6.231:34955 TIME_WAIT -
tcp 0 0 198.183.6.199:56503 72.247.172.20:80 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:52454 173.194.64.95:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:968 198.183.6.11:2049 ESTABLISHED -
tcp 0 0 198.183.6.199:39419 69.30.156.26:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:52088 74.125.227.0:443 ESTABLISHED 2128/google-chrome
tcp 0 0 198.183.6.199:33184 198.183.6.1:6667 ESTABLISHED 5776/xchat
tcp 0 0 198.183.6.199:39417 69.30.156.26:443 ESTABLISHED 2128/google-chrome
答案 0 :(得分:2)
致电时
SocketServer.ThreadingTCPServer.__init__(self, address, handler)
在您的子类中,ThreadingTCPServer将创建一个套接字并执行bind / listen。在那行之后你做
self.socket = SSL.Connection(ctx, socket.socket(self.address_family, self.socket_type))
创建SSL套接字。虽然这个套接字没有绑定。你需要做的是以不同的方式调用超类的构造函数:
SocketServer.ThreadingTCPServer.__init__(self, address, handler, bind_and_activate=False)
注意最后一个参数。这将阻止超类绑定它创建的套接字。然后,在创建套接字后,请调用self.server_bind()
和self.server_activate()
,以便正确设置您创建的套接字。
总之,请尝试将服务器更改为:
class SSLThreadingTCPServer(SocketServer.ThreadingTCPServer):
def __init__(self, address, handler):
SocketServer.ThreadingTCPServer.__init__(self, address, handler, bind_and_activate=False)
ctx = SSL.Context(SSL.SSLv23_METHOD)
#ctx.use_privatekey_file(KEY_PATH)
#ctx.use_certificate_file(CERTIFICATE_PATH)
self.socket = SSL.Connection(ctx, socket.socket(self.address_family, self.socket_type))
self.server_bind()
self.server_activate()
print "Serving:", address[0], "on port:", address[1]