citizenaspirant
/
PyBitmessage
1
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

SSL fixes

This commit is contained in:
mailchuck 2015-11-22 22:44:58 +01:00 committed by Peter Surda
parent 281630757e
commit e4a7e71790
2 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/class_receiveDataThread.py
View File

@ -253,8 +253,9 @@ class receiveDataThread(threading.Thread):
self.connectionIsOrWasFullyEstablished = True self.connectionIsOrWasFullyEstablished = True
self.sslSock = self.sock self.sslSock = self.sock
if (self.services & shared.NODE_SSL == shared.NODE_SSL and if ((self.services & shared.NODE_SSL == shared.NODE_SSL) and
shared.haveSSL(not self.initiatedConnection)): shared.haveSSL(not self.initiatedConnection)):
logger.debug("Initialising TLS")
self.sslSock = ssl.wrap_socket(self.sock, keyfile = os.path.join(shared.codePath(), 'sslkeys', 'key.pem'), certfile = os.path.join(shared.codePath(), 'sslkeys', 'cert.pem'), server_side = not self.initiatedConnection, ssl_version=ssl.PROTOCOL_TLSv1, do_handshake_on_connect=False, ciphers='AECDH-AES256-SHA') self.sslSock = ssl.wrap_socket(self.sock, keyfile = os.path.join(shared.codePath(), 'sslkeys', 'key.pem'), certfile = os.path.join(shared.codePath(), 'sslkeys', 'cert.pem'), server_side = not self.initiatedConnection, ssl_version=ssl.PROTOCOL_TLSv1, do_handshake_on_connect=False, ciphers='AECDH-AES256-SHA')
if hasattr(self.sslSock, "context"): if hasattr(self.sslSock, "context"):
self.sslSock.context.set_ecdh_curve("secp256k1") self.sslSock.context.set_ecdh_curve("secp256k1")
@ -270,7 +271,7 @@ class receiveDataThread(threading.Thread):
except: except:
break break
# Command the corresponding sendDataThread to set its own connectionIsOrWasFullyEstablished variable to True also # Command the corresponding sendDataThread to set its own connectionIsOrWasFullyEstablished variable to True also
self.sendDataThreadQueue.put((0, 'connectionIsOrWasFullyEstablished', (self.services, self.sslSock, self.initiatedConnection))) self.sendDataThreadQueue.put((0, 'connectionIsOrWasFullyEstablished', (self.services, self.sslSock)))
if not self.initiatedConnection: if not self.initiatedConnection:
shared.clientHasReceivedIncomingConnections = True shared.clientHasReceivedIncomingConnections = True

6
src/class_sendDataThread.py
View File

@ -45,6 +45,10 @@ class sendDataThread(threading.Thread):
self.lastTimeISentData = int( self.lastTimeISentData = int(
time.time()) # If this value increases beyond five minutes ago, we'll send a pong message to keep the connection alive. time.time()) # If this value increases beyond five minutes ago, we'll send a pong message to keep the connection alive.
self.someObjectsOfWhichThisRemoteNodeIsAlreadyAware = someObjectsOfWhichThisRemoteNodeIsAlreadyAware self.someObjectsOfWhichThisRemoteNodeIsAlreadyAware = someObjectsOfWhichThisRemoteNodeIsAlreadyAware
if self.streamNumber == -1: # This was an incoming connection.
self.initiatedConnection = False
else:
self.initiatedConnection = True
logger.debug('The streamNumber of this sendDataThread (ID: ' + str(id(self)) + ') at setup() is' + str(self.streamNumber)) logger.debug('The streamNumber of this sendDataThread (ID: ' + str(id(self)) + ') at setup() is' + str(self.streamNumber))
@ -175,7 +179,7 @@ class sendDataThread(threading.Thread):
break break
elif command == 'connectionIsOrWasFullyEstablished': elif command == 'connectionIsOrWasFullyEstablished':
self.connectionIsOrWasFullyEstablished = True self.connectionIsOrWasFullyEstablished = True
self.services, self.sslSock, self.initiatedConnection = data self.services, self.sslSock = data
else: else:
logger.error('sendDataThread ID: ' + str(id(self)) + ' ignoring command ' + command + ' because the thread is not in stream' + str(deststream)) logger.error('sendDataThread ID: ' + str(id(self)) + ' ignoring command ' + command + ' because the thread is not in stream' + str(deststream))