author | Edouard Tisserant <edouard@beremiz.fr> |
Tue, 17 Sep 2024 11:17:24 +0200 | |
changeset 4014 | da52eabd0e6d |
parent 3908 | 32eb6e05008a |
permissions | -rw-r--r-- |
3884
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
1 |
#!/usr/bin/env python |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
2 |
# -*- coding: utf-8 -*- |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
3 |
|
3908
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
4 |
# Written by Edouard TISSERANT (C) 2024 |
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
5 |
# This file is part of Beremiz IDE |
3884
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
6 |
# See COPYING file for copyrights details. |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
7 |
|
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
8 |
|
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
9 |
""" |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
10 |
The TLS-PSK adapter that handles SSL connections instead of regular sockets, |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
11 |
but using Pre Shared Keys instead of Certificates |
3908
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
12 |
|
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
13 |
Corresponding stunnel.conf on PLC side: |
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
14 |
|
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
15 |
[ERPCPSK] |
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
16 |
accept = 4000 |
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
17 |
connect = 127.0.0.1:3000 |
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
18 |
ciphers = PSK |
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
19 |
sslVersion = TLSv1.2 |
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
20 |
PSKsecrets = psk.txt |
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
21 |
|
3884
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
22 |
""" |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
23 |
|
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
24 |
import socket |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
25 |
import ssl |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
26 |
|
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
27 |
try: |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
28 |
import sslpsk |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
29 |
except ImportError as e: |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
30 |
sslpsk = None |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
31 |
|
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
32 |
from erpc.transport import TCPTransport |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
33 |
|
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
34 |
class SSLPSKClientTransport(TCPTransport): |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
35 |
def __init__(self, host, port, psk): |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
36 |
""" overrides TCPTransport's __init__ to wrap socket in SSl wrapper """ |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
37 |
super(TCPTransport, self).__init__() |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
38 |
self._host = host |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
39 |
self._port = port |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
40 |
self._sock = None |
3908
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
41 |
self._isServer = False |
3884
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
42 |
|
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
43 |
if sslpsk is None: |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
44 |
raise ImportError("sslpsk module is not available") |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
45 |
|
3908
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
46 |
self.sslpskctx = sslpsk.SSLPSKContext(ssl.PROTOCOL_TLSv1_2) |
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
47 |
self.sslpskctx.set_ciphers('PSK') |
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
48 |
self.sslpskctx.psk = psk |
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
49 |
|
3884
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
50 |
raw_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
51 |
raw_sock.setsockopt(socket.SOL_TCP, socket.TCP_NODELAY, 1) |
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
52 |
raw_sock.connect((self._host, self._port)) |
3908
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
53 |
|
32eb6e05008a
IDE: Fix encrypted ERPC: newer TLS, better error handling, re-add explicit ERPCS scheme, use sslpsk better.
Edouard Tisserant <edouard@beremiz.fr>
parents:
3884
diff
changeset
|
54 |
self._sock = self.sslpskctx.wrap_socket(raw_sock, server_side=False) |
3884
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
55 |
|
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
diff
changeset
|
56 |