Module: Rex::Socket::SslTcpServer
Overview
This class provides methods for interacting with an SSL wrapped TCP server. It implements the StreamServer IO interface.
Constant Summary
Constants included from Rex::Socket
LogSource, MATCH_IPV4, MATCH_IPV4_PRIVATE, MATCH_IPV6, MATCH_MAC_ADDR, VERSION
Constants included from Ssl
Rex::Socket::Ssl::DEFAULT_SSL_VERSION
Instance Attribute Summary
Attributes included from Rex::Socket
#context, #ipv, #localhost, #localport, #peerhost, #peerhostname, #peerport
Attributes included from Ssl
Class Method Summary collapse
-
.create(hash = {}) ⇒ Object
Factory.
-
.create_param(param) ⇒ Object
Wrapper around the base class' creation method that automatically sets the parameter's protocol to TCP and sets the server flag to true.
Instance Method Summary collapse
-
#accept(opts = {}) ⇒ Object
Accepts a child connection.
- #initsock(params = nil) ⇒ Object
Methods included from Rex::Socket
addr_atoc, addr_atoi, addr_atoi_list, addr_aton, addr_ctoa, addr_itoa, addr_iton, addr_ntoa, addr_ntoi, bit2netmask, cidr_crack, compress_address, create_ip, create_tcp, create_tcp_server, create_udp, dotted_ip?, eth_aton, eth_ntoa, #fd, from_sockaddr, getaddress, getaddresses, gethostbyname, #getlocalname, #getpeername_as_array, #getsockname, ipv6_link_address, ipv6_mac, is_internal?, is_ip_addr?, is_ipv4?, is_ipv6?, is_mac_addr?, #localinfo, net2bitmask, #peerinfo, portlist_to_portspec, portspec_crack, portspec_to_portlist, resolv_nbo, resolv_nbo_i, resolv_nbo_i_list, resolv_nbo_list, resolv_to_dotted, source_address, support_ipv6?, tcp_socket_pair, to_sockaddr, #type?, udp_socket_pair
Methods included from Ssl
#allow_nonblock?, cert_provider=, #makessl, ssl_generate_certificate, #ssl_generate_certificate, ssl_generate_issuer, ssl_generate_subject, ssl_parse_pem, #ssl_parse_pem
Class Method Details
.create(hash = {}) ⇒ Object
Factory
24 25 26 27 28 29 |
# File 'lib/rex/socket/ssl_tcp_server.rb', line 24 def self.create(hash = {}) hash['Proto'] = 'tcp' hash['Server'] = true hash['SSL'] = true self.create_param(Rex::Socket::Parameters.from_hash(hash)) end |
.create_param(param) ⇒ Object
Wrapper around the base class' creation method that automatically sets the parameter's protocol to TCP and sets the server flag to true.
35 36 37 38 39 40 |
# File 'lib/rex/socket/ssl_tcp_server.rb', line 35 def self.create_param(param) param.proto = 'tcp' param.server = true param.ssl = true Rex::Socket.create_param(param) end |
Instance Method Details
#accept(opts = {}) ⇒ Object
Accepts a child connection.
54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 |
# File 'lib/rex/socket/ssl_tcp_server.rb', line 54 def accept(opts = {}) sock = super() return if not sock begin ssl = OpenSSL::SSL::SSLSocket.new(sock, self.sslctx) if not allow_nonblock?(ssl) begin Timeout::timeout(3.5) { ssl.accept } rescue ::Timeout::Error => e sock.close raise ::OpenSSL::SSL::SSLError end else begin ssl.accept_nonblock # Ruby 1.8.7 and 1.9.0/1.9.1 uses a standard Errno rescue ::Errno::EAGAIN, ::Errno::EWOULDBLOCK IO::select(nil, nil, nil, 0.10) retry # Ruby 1.9.2+ uses IO::WaitReadable/IO::WaitWritable rescue ::Exception => e if ::IO.const_defined?('WaitReadable') and e.kind_of?(::IO::WaitReadable) IO::select( [ ssl ], nil, nil, 0.10 ) retry end if ::IO.const_defined?('WaitWritable') and e.kind_of?(::IO::WaitWritable) IO::select( nil, [ ssl ], nil, 0.10 ) retry end raise e end end sock.extend(Rex::Socket::SslTcp) sock.sslsock = ssl sock.sslctx = self.sslctx return sock rescue ::OpenSSL::SSL::SSLError sock.close nil end end |
#initsock(params = nil) ⇒ Object
42 43 44 45 46 47 48 49 50 51 |
# File 'lib/rex/socket/ssl_tcp_server.rb', line 42 def initsock(params = nil) if params && params.sslctx && params.sslctx.kind_of?(OpenSSL::SSL::SSLContext) self.sslctx = params.sslctx else self.sslctx = makessl(params) end super end |