Skip to content
Permalink
Browse files

Progress on TLS support

  • Loading branch information
BjarniRunar committed Jun 20, 2011
1 parent b385f1c commit 148eca061c1e866e6f647990594d9c577372eb64
Showing with 34 additions and 4 deletions.
  1. +34 −4 socks.py
@@ -469,14 +469,44 @@ def __negotiatehttp(self, destaddr, destport, proxy):
self.__proxysockname = ("0.0.0.0", 0)
self.__proxypeername = (addr, destport)

def __get_ca_ciphers(self):
return None

def __get_ca_anon_ciphers(self):
return None

def __get_ca_certs(self):
return None

def __negotiatessl(self, destaddr, destport, proxy,
insecure=False, anonymous=False):
weak=False, anonymous=False):
"""__negotiatehttp(self, destaddr, destport, proxy)
Negotiates an SSL session.
"""
self.__sock = ssl.wrap_socket(self.__sock)
ssl_version = ssl.PROTOCOL_SSLv3
want_host = ca_certs = self_cert = None
ciphers = self.__get_ca_ciphers()
if anonymous:
# Insecure and use anon ciphers - this is just camoflage
ciphers = self.__get_ca_anon_ciphers()
elif not weak:
# This is normal, secure mode.
self_cert = proxy[P_USER] or None
ca_certs = proxy[P_PASS] or self.__get_ca_certs() or None
want_host = proxy[P_HOST]

self.__sock = ssl.wrap_socket(self.__sock,
ssl_version=ssl_version,
keyfile=self_cert,
certfile=self_cert,
ca_certs=ca_certs,
ciphers=ciphers)
self.__sock.do_handshake()
if DEBUG: print '*** Wrapped %s:%s in %s' % (destaddr, destport, self.__sock)
if want_host:
pass # FIXME: Check name on cert

if DEBUG: print '*** Wrapped %s:%s in %s' % (destaddr, destport,
self.__sock)

def __default_route(self, dest):
return _proxyroutes.get(str(dest).lower(),
@@ -544,7 +574,7 @@ def connect(self, destpair):
self.__negotiatehttp(nexthop[0], nexthop[1], proxy)
elif proxy[P_TYPE] in PROXY_SSL_TYPES:
self.__negotiatessl(nexthop[0], nexthop[1], proxy,
insecure=(proxy[P_TYPE] == PROXY_TYPE_SSL_WEAK),
weak=(proxy[P_TYPE] == PROXY_TYPE_SSL_WEAK),
anonymous=(proxy[P_TYPE] == PROXY_TYPE_SSL_ANON))
elif proxy[P_TYPE] != PROXY_TYPE_NONE or not first:
raise GeneralProxyError((4, _generalerrors[4]))

0 comments on commit 148eca0

Please sign in to comment.
You can’t perform that action at this time.