Error "no hay cifrado compartido" con python y OpenSSL
Servidor:
#!/usr/bin/env python
import SocketServer
import json
from OpenSSL import SSL
import os
import socket
TERMINATION_STRING = "Done"
CERTIFICATE_PATH = os.getcwd() + '/CA/certs/01.pem'
KEY_PATH = os.getcwd() + '/CA/private/key.pem'
CA_PATH = os.getcwd() + '/CA/cacert.pem'
print CA_PATH
def verify_cb(conn, cert, errnum, depth, ok):
print('Got cert: %s' % cert.get_subject())
return ok
class SSLThreadingTCPServer(SocketServer.ThreadingTCPServer):
def __init__(self, address, handler):
SocketServer.ThreadingTCPServer.__init__(self, address, handler)
ctx = SSL.Context(SSL.SSLv23_METHOD)
ctx.set_verify(SSL.VERIFY_PEER | SSL.VERIFY_FAIL_IF_NO_PEER_CERT, verify_cb)
ctx.use_privatekey_file(KEY_PATH)
ctx.use_certificate_file(CERTIFICATE_PATH)
ctx.load_verify_locations(CA_PATH)
self.socket = SSL.Connection(ctx, socket.socket(self.address_family, self.socket_type))
self.socket.set_accept_state()
self.server_bind()
self.server_activate()
print "Serving:", address[0], "on port:", address[1]
class MemberUpdateHandler(SocketServer.StreamRequestHandler):
def setup(self):
self.connection = self.request
self.rfile = socket._fileobject(self.request, "rb", self.rbufsize)
self.wfile = socket._fileobject(self.request, "wb", self.wbufsize)
print self.client_address, "connected"
def handle(self):
data = ""
while True:
data += self.request.recv(1024).encode('utf-8').strip
if data[-4:] == "Done":
print "Done"
break
dataStrings = data.split(' ')
for item in dataStrings:
print item
if __name__ == "__main__":
ADDRESS = 'localhost'
PORT = 42424
HOST = (ADDRESS, PORT)
s = SSLThreadingTCPServer(HOST, MemberUpdateHandler)
s.serve_forever()
Cliente:
#!/usr/bin/env python
from OpenSSL import SSL
import socket
import os
HOST = 'localhost'
PORT = 42424
ADDRESS = (HOST, PORT)
CERTIFICATE_FILE = os.getcwd() + '/CA/certs/02.pem'
KEY_PATH = os.getcwd() + '/CA/clientKey.pem'
CA_PATH = os.getcwd() + '/CA/cacert.pem'
def verify_cb(conn, cert, errnum, depth, ok):
print('Got cert: %s' % cert.get_subject())
return ok
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ctx = SSL.Context(SSL.SSLv23_METHOD)
ctx.set_verify(SSL.VERIFY_PEER, verify_cb)
ctx.use_certificate_file(CERTIFICATE_FILE)
ctx.use_privatekey_file(KEY_PATH)
ctx.load_verify_locations(CA_PATH)
sslSock = SSL.Connection(ctx, sock)
sslSock.connect(ADDRESS)
items = "this is a test Done"
sslSock.sendall(items)
sslSock.close()
Error en el lado del servidor:
Error: [('SSL routines', 'SSL3_GET_CLIENT_HELLO', 'no shared cipher')]
Error en el lado del cliente:
OpenSSL.SSL.Error: [('SSL routines', 'SSL23_GET_SERVER_HELLO', 'sslv3 alert handshake failure')]
Tengo la sensación de que me estoy perdiendo algo simple, pero no he podido precisarlo. He encontrado varias preguntas exactamente como la mía en varios lugares, pero ninguna ha sido respondida. Soy nuevo en la programación en red y agradecería enormemente cualquier ayuda.
Usando Ubuntu 10.04 y Python 2.6