Qt C++ SSL/TLS server with Python client -


qt version: 5.8.0

python version: 2.7.13

openssl version: openssl 1.0.1c

operating system: windows 10

i'm trying create ssl/tls server using qt c++ , client written in python. i'm using sslechoserver example project shipped qt. example python client, i'm using 1 got python documentation : https://docs.python.org/2/library/ssl.html. copied cert above-mentioned server example , placed next python script , specified in test scripts tried.

i have tried various python client examples have found on internet (like here: https://carlo-hamalainen.net/blog/2013/1/24/python-ssl-socket-echo-test-with-self-signed-certificate), none able connect qt echo server (it never printed out client connected: when use sslechoclient example shipped qt). client in link above work python server same link, know still works something.

qt c++ server code

sslechoserver.cpp

/**************************************************************************** ** ** copyright (c) 2016 kurt pattyn <pattyn.kurt@gmail.com>. ** contact: https://www.qt.io/licensing/ ** ** file part of qtwebsockets module of qt toolkit. ** ** $qt_begin_license:bsd$ ** commercial license usage ** licensees holding valid commercial qt licenses may use file in ** accordance commercial license agreement provided ** software or, alternatively, in accordance terms contained in ** written agreement between , qt company. licensing terms ** , conditions see https://www.qt.io/terms-conditions. further ** information use contact form @ https://www.qt.io/contact-us. ** ** bsd license usage ** alternatively, may use file under terms of bsd license ** follows: ** ** "redistribution , use in source , binary forms, or without ** modification, permitted provided following conditions ** met: **   * redistributions of source code must retain above copyright **     notice, list of conditions , following disclaimer. **   * redistributions in binary form must reproduce above copyright **     notice, list of conditions , following disclaimer in **     documentation and/or other materials provided **     distribution. **   * neither name of qt company ltd nor names of **     contributors may used endorse or promote products derived **     software without specific prior written permission. ** ** ** software provided copyright holders , contributors ** "as is" , express or implied warranties, including, not ** limited to, implied warranties of merchantability , fitness ** particular purpose disclaimed. in no event shall copyright ** owner or contributors liable direct, indirect, incidental, ** special, exemplary, or consequential damages (including, not ** limited to, procurement of substitute goods or services; loss of use, ** data, or profits; or business interruption) caused , on ** theory of liability, whether in contract, strict liability, or tort ** (including negligence or otherwise) arising in way out of use ** of software, if advised of possibility of such damage." ** ** $qt_end_license$ ** ****************************************************************************/ #include "sslechoserver.h" #include "qtwebsockets/qwebsocketserver" #include "qtwebsockets/qwebsocket" #include <qtcore/qdebug> #include <qtcore/qfile> #include <qtnetwork/qsslcertificate> #include <qtnetwork/qsslkey>  qt_use_namespace  //! [constructor] sslechoserver::sslechoserver(quint16 port, qobject *parent) :     qobject(parent),     m_pwebsocketserver(q_nullptr) {     m_pwebsocketserver = new qwebsocketserver(qstringliteral("ssl echo server"),                                               qwebsocketserver::securemode,                                               this);     qsslconfiguration sslconfiguration;     qfile certfile(qstringliteral(":/localhost.cert"));     qfile keyfile(qstringliteral(":/localhost.key"));     certfile.open(qiodevice::readonly);     keyfile.open(qiodevice::readonly);     qsslcertificate certificate(&certfile, qssl::pem);     qsslkey sslkey(&keyfile, qssl::rsa, qssl::pem);     certfile.close();     keyfile.close();     sslconfiguration.setpeerverifymode(qsslsocket::verifynone);     sslconfiguration.setlocalcertificate(certificate);     sslconfiguration.setprivatekey(sslkey);     sslconfiguration.setprotocol(qssl::tlsv1sslv3); //    sslconfiguration.setprotocol(qssl::tlsv1_2orlater);     m_pwebsocketserver->setsslconfiguration(sslconfiguration);      if (m_pwebsocketserver->listen(qhostaddress::any, port))     {         qdebug() << "ssl echo server listening on port" << port;         connect(m_pwebsocketserver, &qwebsocketserver::newconnection,                 this, &sslechoserver::onnewconnection);         connect(m_pwebsocketserver, &qwebsocketserver::sslerrors,                 this, &sslechoserver::onsslerrors);     } } //! [constructor]  sslechoserver::~sslechoserver() {     m_pwebsocketserver->close();     qdeleteall(m_clients.begin(), m_clients.end()); }  //! [onnewconnection] void sslechoserver::onnewconnection() {     qwebsocket *psocket = m_pwebsocketserver->nextpendingconnection();      qdebug() << "client connected:" << psocket->peername() << psocket->origin();      connect(psocket, &qwebsocket::textmessagereceived, this, &sslechoserver::processtextmessage);     connect(psocket, &qwebsocket::binarymessagereceived,             this, &sslechoserver::processbinarymessage);     connect(psocket, &qwebsocket::disconnected, this, &sslechoserver::socketdisconnected);      m_clients << psocket; } //! [onnewconnection]  //! [processtextmessage] void sslechoserver::processtextmessage(qstring message) {     qwebsocket *pclient = qobject_cast<qwebsocket *>(sender());     if (pclient)     {         pclient->sendtextmessage(message);     } } //! [processtextmessage]  //! [processbinarymessage] void sslechoserver::processbinarymessage(qbytearray message) {     qwebsocket *pclient = qobject_cast<qwebsocket *>(sender());     if (pclient)     {         pclient->sendbinarymessage(message);     } } //! [processbinarymessage]  //! [socketdisconnected] void sslechoserver::socketdisconnected() {     qdebug() << "client disconnected";     qwebsocket *pclient = qobject_cast<qwebsocket *>(sender());     if (pclient)     {         m_clients.removeall(pclient);         pclient->deletelater();     } }  void sslechoserver::onsslerrors(const qlist<qsslerror> &) {     qdebug() << "ssl errors occurred"; } //! [socketdisconnected]

sslechoserver.h

/**************************************************************************** ** ** copyright (c) 2016 kurt pattyn <pattyn.kurt@gmail.com>. ** contact: https://www.qt.io/licensing/ ** ** file part of qtwebsockets module of qt toolkit. ** ** $qt_begin_license:bsd$ ** commercial license usage ** licensees holding valid commercial qt licenses may use file in ** accordance commercial license agreement provided ** software or, alternatively, in accordance terms contained in ** written agreement between , qt company. licensing terms ** , conditions see https://www.qt.io/terms-conditions. further ** information use contact form @ https://www.qt.io/contact-us. ** ** bsd license usage ** alternatively, may use file under terms of bsd license ** follows: ** ** "redistribution , use in source , binary forms, or without ** modification, permitted provided following conditions ** met: **   * redistributions of source code must retain above copyright **     notice, list of conditions , following disclaimer. **   * redistributions in binary form must reproduce above copyright **     notice, list of conditions , following disclaimer in **     documentation and/or other materials provided **     distribution. **   * neither name of qt company ltd nor names of **     contributors may used endorse or promote products derived **     software without specific prior written permission. ** ** ** software provided copyright holders , contributors ** "as is" , express or implied warranties, including, not ** limited to, implied warranties of merchantability , fitness ** particular purpose disclaimed. in no event shall copyright ** owner or contributors liable direct, indirect, incidental, ** special, exemplary, or consequential damages (including, not ** limited to, procurement of substitute goods or services; loss of use, ** data, or profits; or business interruption) caused , on ** theory of liability, whether in contract, strict liability, or tort ** (including negligence or otherwise) arising in way out of use ** of software, if advised of possibility of such damage." ** ** $qt_end_license$ ** ****************************************************************************/ #ifndef sslechoserver_h #define sslechoserver_h  #include <qtcore/qobject> #include <qtcore/qlist> #include <qtcore/qbytearray> #include <qtnetwork/qsslerror>  qt_forward_declare_class(qwebsocketserver) qt_forward_declare_class(qwebsocket)  class sslechoserver : public qobject {     q_object public:     explicit sslechoserver(quint16 port, qobject *parent = q_nullptr);     virtual ~sslechoserver();  private q_slots:     void onnewconnection();     void processtextmessage(qstring message);     void processbinarymessage(qbytearray message);     void socketdisconnected();     void onsslerrors(const qlist<qsslerror> &errors);  private:     qwebsocketserver *m_pwebsocketserver;     qlist<qwebsocket *> m_clients; };  #endif //sslechoserver_h

main.cpp

/**************************************************************************** ** ** copyright (c) 2016 kurt pattyn <pattyn.kurt@gmail.com>. ** contact: https://www.qt.io/licensing/ ** ** file part of qtwebsockets module of qt toolkit. ** ** $qt_begin_license:bsd$ ** commercial license usage ** licensees holding valid commercial qt licenses may use file in ** accordance commercial license agreement provided ** software or, alternatively, in accordance terms contained in ** written agreement between , qt company. licensing terms ** , conditions see https://www.qt.io/terms-conditions. further ** information use contact form @ https://www.qt.io/contact-us. ** ** bsd license usage ** alternatively, may use file under terms of bsd license ** follows: ** ** "redistribution , use in source , binary forms, or without ** modification, permitted provided following conditions ** met: **   * redistributions of source code must retain above copyright **     notice, list of conditions , following disclaimer. **   * redistributions in binary form must reproduce above copyright **     notice, list of conditions , following disclaimer in **     documentation and/or other materials provided **     distribution. **   * neither name of qt company ltd nor names of **     contributors may used endorse or promote products derived **     software without specific prior written permission. ** ** ** software provided copyright holders , contributors ** "as is" , express or implied warranties, including, not ** limited to, implied warranties of merchantability , fitness ** particular purpose disclaimed. in no event shall copyright ** owner or contributors liable direct, indirect, incidental, ** special, exemplary, or consequential damages (including, not ** limited to, procurement of substitute goods or services; loss of use, ** data, or profits; or business interruption) caused , on ** theory of liability, whether in contract, strict liability, or tort ** (including negligence or otherwise) arising in way out of use ** of software, if advised of possibility of such damage." ** ** $qt_end_license$ ** ****************************************************************************/ #include <qtcore/qcoreapplication> #include "sslechoserver.h"  int main(int argc, char *argv[]) {     qcoreapplication a(argc, argv);     sslechoserver server(1234);      q_unused(server);      return a.exec(); }

python client code (just 1 of ones tried)

import socket, ssl  context = ssl.sslcontext(ssl.protocol_tlsv1) context.verify_mode = ssl.cert_required context.check_hostname = true context.load_verify_locations("localhost.cert") # context.load_default_certs()  s = socket.socket(socket.af_inet, socket.sock_stream) ssl_sock = context.wrap_socket(s, server_hostname='localhost') ssl_sock.connect(('localhost', 1234))

turns out had make python client connect use wss. installed websocket (version 0.40) https://pypi.python.org/pypi/websocket-client , used example script below. used python 3.6.1, think 2.7.x might work well.

import websocket import time import ssl  if __name__ == "__main__":     websocket.enabletrace(true)     ws = websocket.websocket(sslopt={"ca_certs": "localhost.cert",                                       "cert_reqs": ssl.cert_required})     ws.connect("wss://localhost:1234")     print ("sending 'hello, world'...")     ws.send("hello, world")     print ("sent")     print ("receiving...")     result =  ws.recv()     print ("received '%s'" % result)     ws.close()

Comments

Post a Comment

Popular posts from this blog

Command prompt result in label. Python 2.7 -

i want put result(output) of shell command label. command works, label shows "0", however, in command prompt, result shown correctly, need showed in label. doing ubuntu. myg1 = button(root, text="rodyti informacija", command=lambda: gauti()) myg1.pack(side=bottom) def gauti(): imti = tekstas.get("1.0", "end-1c") info = subprocess.call("id '{imti}' ".format(imti=imti), shell=true) w = label(root, text= info) w.pack(side = bottom) subprocess.call() returns exit code of process created (in case 0 success). if want text output of process, should instead call subprocess.check_output() .
Read more

javascript - How do I use URL parameters to change link href on page? -

i change href value of link using url parameters. example: default <a id="dlink" href="link-1">link</a> but, when user goes https://url.com/?dlink=link-2 it swaps out link new link <a id="dlink" href="link-2">link</a> first need value url. if you're not using javascript framework can create function using jquery. please check get url parameter jquery or how query string values in js it. after that, element "a" id , set value there. $("#dlink").attr("href", hreffromparam);
Read more

amazon web services - AWS Route53 Trying To Get Site To Resolve To www -

so have domain nameservers pointed aws route 53. site hosted on ec2 instance , reachable resolves site.com, if input www.site.com. i'm curious how site resolve www.site.com. have under route53 domains hosted zone 2 additional record sets outside of ns , soa: a site.com ec2 elastic ip cname www.site.com ec2 public dns i can reach site using both site.com , www.site.com, resolve site.com. there way make if enter either, resolves www.site.com? at first, both should record set. a site.com ec2 elastic ip www.site.com ec2 elastic ip and need redirect setting in web server (nginx, apache, ..) following. (source: how redirect www non-www nginx on centos 7 ) redirect non-www www if want redirect users plain, non-www domain www domain, add server block: server { server_name example.com; return 301 $scheme://www.example.com$request_uri; } save , exit. configures nginx redirect requests "example.com" "www.example.com". not
Read more