Changeset 131


Ignore:
Timestamp:
09/18/17 18:53:24 (7 years ago)
Author:
tim
Message:

minor annoyances

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/bin/bletchley-http2py

    r118 r131  
    1919
    2020Copyright (C) 2011-2013 Virtual Security Research, LLC
    21 Copyright (C) 2014-2016 Blindspot Security LLC
     21Copyright (C) 2014-2017 Blindspot Security LLC
    2222Author: Timothy D. Morgan
    2323
     
    149149from bletchley import chosenct
    150150from bletchley.CBC import *
     151import urllib3
     152urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
    151153
    152154# TODO: ensure the host, port, and protocol settings are correct.
     
    217219    # These are useful for debugging, but once your response processing is working,
    218220    # remove them so it isn't so verbose.
    219     print(response.status_code)
    220     print(response.headers)
    221     print(repr(response.content))
    222 
     221    print(response.status_code, file=sys.stderr)
     222    print(response.headers, file=sys.stderr)
     223    print(repr(response.content), file=sys.stderr)
     224
     225    # You may need to return either true/false or a string/bytes object here
     226    # (which is derived from the response) depending on your test
    223227    return ret_val
    224228''')
     
    274278    # These are useful for debugging, but once your response processing is working,
    275279    # remove them so it isn't so verbose.
    276     print(response.status)
    277     print(response.getheaders())
    278     print(repr(response.read()))
     280    print(response.status, file=sys.stderr)
     281    print(response.getheaders(), file=sys.stderr)
     282    print(repr(response.read()), file=sys.stderr)
    279283
    280284    connection.close()
     285    # You may need to return either true/false or a string/bytes object here
     286    # (which is derived from the response) depending on your test
    281287    return ret_val
    282288''')
     
    289295# TODO: Use this to verify you get the response you expect. 
    290296#       Once everything is working, use the commented code below to conduct specific attacks.
    291 processResponse(ciphertext)
     297print(processResponse(ciphertext), file=sys.stderr)
    292298
    293299
  • trunk/lib/bletchley/ssltls.py

    r130 r131  
    7575    if mode == 'client':
    7676        conn.set_connect_state()
    77         # This hokey crap is required because OpenSSL wants you to poll rather than just block
    78         # XXX: tie this sleep time into the timeout parameter
    79         for tries in range(0,10):
    80             try:
    81                 conn.do_handshake()
    82                 break
    83             except OpenSSL.SSL.WantReadError as e:
    84                 time.sleep(0.1)
     77        if timeout:
     78            # This polling is needed because the socket timeouts have put the
     79            # socket in non-blocking mode
     80            start = time.time()+timeout
     81            while time.time() < start:
     82                try:
     83                    conn.do_handshake()
     84                    break
     85                except (OpenSSL.SSL.WantReadError,OpenSSL.SSL.WantWriteError) as e:
     86                    time.sleep(0.00001)
     87        else:
     88            conn.do_handshake()
     89
    8590    else:
    8691        conn.set_accept_state()
Note: See TracChangeset for help on using the changeset viewer.