我想将 ssl 支持添加到基于 SocketServer.TCPServer 类的现有 TCP 服务器。所以我覆盖了 TCPServer 类的默认构造函数并添加了 ssl.wrap_socket(...)-call:
class MyTCPServer(SocketServer.ThreadingMixIn, SocketServer.TCPServer):
def __init__(self, server_address, RequestHandlerClass, bind_and_activate=True):
# See SocketServer.TCPServer.__init__
# (added ssl-support):
SocketServer.BaseServer.__init__(self, server_address,
RequestHandlerClass)
self.socket = ssl.wrap_socket(
socket.socket(self.address_family, self.socket_type),
server_side=True,
certfile='cert.pem'
)
if bind_and_activate:
self.server_bind()
self.server_activate()
启动服务器时,没有发生错误。所以我也修改了我的简单测试客户端以支持 ssl:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock = ssl.wrap_socket(s)
sock.connect(('192.168.1.1', 54321))
再次没有发生错误,但连接调用被阻塞。使用 Ctrl+C 关闭客户端时,会显示以下内容:
Traceback (most recent call last):
File "exampleClient.py", line 10, in <module>
sock.do_handshake()
File "/usr/lib/python2.6/ssl.py", line 293, in do_handshake
self._sslobj.do_handshake()
KeyboardInterrupt
所以 do_handshake 在连接时被阻塞。有谁知道如何解决这个问题?我只是想使用加密的 TCP 连接:)