Hab schon einiges ausprobiert, hier ein Versuch:
Server:
Code: Alles auswählen
from M2Crypto import SSL
import socket
server_sock = socket.socket(socket.AF_INET)
server_sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
server_sock.bind(("localhost", 5000))
server_sock.listen(1)
(sock, address) = server_sock.accept()
ctx = SSL.Context()
ctx.set_verify(SSL.verify_none, 1)
print ctx.set_cipher_list("aNULL")
conn = SSL.Connection(ctx, sock)
print conn.get_cipher()
print conn.set_cipher_list("aNULL")
print conn.get_cipher()
conn.setup_addr(address)
conn.set_accept_state()
conn.setup_ssl()
conn.accept_ssl()
Code: Alles auswählen
from M2Crypto import SSL
import socket
ctx = SSL.Context()
ctx.set_verify(SSL.verify_none, 1)
print ctx.set_cipher_list("aNULL")
conn = SSL.Connection(ctx)
print conn.get_cipher()
print conn.set_cipher_list("aNULL")
print conn.get_cipher()
conn.connect(("localhost", 5000))
print conn.read()
sock.close()
Die Ausgabe vom Client:
Code: Alles auswählen
1
None
1
None
Traceback (most recent call last):
File "./ssl_client_m2crypto.py", line 14, in ?
conn.connect(("localhost", 5000))
File "/usr/lib/python2.4/site-packages/M2Crypto/SSL/Connection.py", line 154, in connect
ret = self.connect_ssl()
File "/usr/lib/python2.4/site-packages/M2Crypto/SSL/Connection.py", line 147, in connect_ssl
return m2.ssl_connect(self.ssl)
M2Crypto.SSL.SSLError: sslv3 alert handshake failure
Code: Alles auswählen
1
None
1
None
Traceback (most recent call last):
File "./ssl_server_m2crypt.py", line 25, in ?
conn.accept_ssl()
File "/usr/lib/python2.4/site-packages/M2Crypto/SSL/Connection.py", line 125, in accept_ssl
return m2.ssl_accept(self.ssl)
M2Crypto.SSL.SSLError: no shared cipher
Koennte das mein Problem sein? Jemand ne Idee?the default cipher list. This is determined at compile time and is normally ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH
...
If ! is used then the ciphers are permanently deleted from the list. The ciphers deleted can never reappear in the list even if they are explicitly stated.
...
aNULL : the cipher suites offering no authentication. This is currently the ADH algorithms.