Module: Rex::Socket::SslTcpServer

Includes:
TcpServer
Defined in:
lib/rex/socket/ssl_tcp_server.rb

Overview

This class provides methods for interacting with an SSL wrapped TCP server. It implements the StreamServer IO interface.

Constant Summary collapse

@@loaded_openssl = 
false

Constants included from Rex::Socket

MATCH_IPV4, MATCH_IPV4_PRIVATE, MATCH_IPV6

Instance Attribute Summary collapse

Attributes included from IO::StreamServer

#client_waiter, #clients, #clients_thread, #listener_thread, #on_client_close_proc, #on_client_connect_proc, #on_client_data_proc

Attributes included from Rex::Socket

#context, #ipv, #localhost, #localport, #peerhost, #peerport

Class Method Summary collapse

Instance Method Summary collapse

Methods included from IO::StreamServer

#close_client, #on_client_close, #on_client_connect, #on_client_data, #start, #stop, #wait

Methods included from Rex::Socket

addr_atoc, addr_atoi, addr_atoi_list, addr_aton, addr_ctoa, addr_itoa, addr_iton, addr_ntoa, addr_ntoi, bit2netmask, cidr_crack, compress_address, create_ip, create_tcp, create_tcp_server, create_udp, dotted_ip?, eth_aton, eth_ntoa, #fd, from_sockaddr, getaddress, getaddresses, gethostbyname, #getlocalname, #getpeername, #getsockname, ipv6_link_address, ipv6_mac, is_internal?, is_ipv4?, is_ipv6?, net2bitmask, portlist_to_portspec, portspec_crack, portspec_to_portlist, resolv_nbo, resolv_nbo_i, resolv_nbo_i_list, resolv_nbo_list, resolv_to_dotted, source_address, support_ipv6?, tcp_socket_pair, to_sockaddr, #type?, udp_socket_pair

Instance Attribute Details

#sslctxObject

Returns the value of attribute sslctx.



214
215
216
 
# File 'lib/rex/socket/ssl_tcp_server.rb', line 214

def sslctx
  @sslctx
end

Class Method Details

.create(hash = {}) ⇒ Object

Factory



32
33
34
35
36
37
 
# File 'lib/rex/socket/ssl_tcp_server.rb', line 32

def self.create(hash = {})
  hash['Proto']  = 'tcp'
  hash['Server'] = true
  hash['SSL']    = true
  self.create_param(Rex::Socket::Parameters.from_hash(hash))
end

.create_param(param) ⇒ Object

Wrapper around the base class’ creation method that automatically sets the parameter’s protocol to TCP and sets the server flag to true.



43
44
45
46
47
48
 
# File 'lib/rex/socket/ssl_tcp_server.rb', line 43

def self.create_param(param)
  param.proto  = 'tcp'
  param.server = true
  param.ssl    = true
  Rex::Socket.create_param(param)
end

.ssl_generate_certificateString, Array

Generate a realistic-looking but obstensibly fake SSL certificate. This matches a typical “snakeoil” cert.

Returns:

  • (String, String, Array) 


133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
 
# File 'lib/rex/socket/ssl_tcp_server.rb', line 133

def self.ssl_generate_certificate
  yr   = 24*3600*365
  vf   = Time.at(Time.now.to_i - rand(yr * 3) - yr)
  vt   = Time.at(vf.to_i + (10 * yr))
  cn   = Rex::Text.rand_text_alpha_lower(rand(8)+2)
  key  = OpenSSL::PKey::RSA.new(2048){ }
  cert = OpenSSL::X509::Certificate.new
  cert.version    = 2
  cert.serial     = (rand(0xFFFFFFFF) << 32) + rand(0xFFFFFFFF)
  cert.subject    = OpenSSL::X509::Name.new([["CN", cn]])
  cert.issuer     = OpenSSL::X509::Name.new([["CN", cn]])
  cert.not_before = vf
  cert.not_after  = vt
  cert.public_key = key.public_key

  ef = OpenSSL::X509::ExtensionFactory.new(nil,cert)
  cert.extensions = [
    ef.create_extension("basicConstraints","CA:FALSE")
  ]
  ef.issuer_certificate = cert

  cert.sign(key, OpenSSL::Digest::SHA256.new)

  [key, cert, nil]
end

.ssl_parse_pem(ssl_cert) ⇒ String, Array

Parse a certificate in unified PEM format that contains a private key and one or more certificates. The first certificate is the primary, while any additional certificates are treated as intermediary certificates. This emulates the behavior of web servers like nginx.

Parameters:

  • ssl_cert (String)

Returns:

  • (String, String, Array) 


117
118
119
 
# File 'lib/rex/socket/ssl_tcp_server.rb', line 117

def self.ssl_parse_pem(ssl_cert)
  Rex::Parser::X509Certificate.parse_pem(ssl_cert)
end

Instance Method Details

#accept(opts = {}) ⇒ Object

Accepts a child connection.



63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
 
# File 'lib/rex/socket/ssl_tcp_server.rb', line 63

def accept(opts = {})
  sock = super()
  return if not sock

  begin
    ssl = OpenSSL::SSL::SSLSocket.new(sock, self.sslctx)

    if not allow_nonblock?(ssl)
      ssl.accept
    else
      begin
        ssl.accept_nonblock

      # Ruby 1.8.7 and 1.9.0/1.9.1 uses a standard Errno
      rescue ::Errno::EAGAIN, ::Errno::EWOULDBLOCK
          IO::select(nil, nil, nil, 0.10)
          retry

      # Ruby 1.9.2+ uses IO::WaitReadable/IO::WaitWritable
      rescue ::Exception => e
        if ::IO.const_defined?('WaitReadable') and e.kind_of?(::IO::WaitReadable)
          IO::select( [ ssl ], nil, nil, 0.10 )
          retry
        end

        if ::IO.const_defined?('WaitWritable') and e.kind_of?(::IO::WaitWritable)
          IO::select( nil, [ ssl ], nil, 0.10 )
          retry
        end

        raise e
      end
    end

    sock.extend(Rex::Socket::SslTcp)
    sock.sslsock = ssl
    sock.sslctx  = self.sslctx

    return sock

  rescue ::OpenSSL::SSL::SSLError
    sock.close
    nil
  end
end

#allow_nonblock?(sock = self.sock) ⇒ Boolean

This flag determines whether to use the non-blocking openssl API calls when they are available. This is still buggy on Linux/Mac OS X, but is required on Windows

Returns:

  • (Boolean) 


206
207
208
209
210
211
212
 
# File 'lib/rex/socket/ssl_tcp_server.rb', line 206

def allow_nonblock?(sock=self.sock)
  avail = sock.respond_to?(:accept_nonblock)
  if avail and Rex::Compat.is_windows
    return true
  end
  false
end

#initsock(params = nil) ⇒ Object

Raises:



50
51
52
53
54
55
56
57
58
59
60
 
# File 'lib/rex/socket/ssl_tcp_server.rb', line 50

def initsock(params = nil)
  raise RuntimeError, 'No OpenSSL support' unless @@loaded_openssl

  if params && params.sslctx && params.sslctx.kind_of?(OpenSSL::SSL::SSLContext)
    self.sslctx = params.sslctx
  else
    self.sslctx  = makessl(params)
  end

  super
end

#makessl(params) ⇒ ::OpenSSL::SSL::SSLContext

Create a new ssl context. If ssl_cert is not given, generates a new key and a leaf certificate with random values.

Parameters:

Returns:

  • (::OpenSSL::SSL::SSLContext) 


172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
 
# File 'lib/rex/socket/ssl_tcp_server.rb', line 172

def makessl(params)

  if params.ssl_cert
    key, cert, chain = ssl_parse_pem(params.ssl_cert)
  else
    key, cert, chain = ssl_generate_certificate
  end

  ctx = OpenSSL::SSL::SSLContext.new()
  ctx.key = key
  ctx.cert = cert
  ctx.extra_chain_cert = chain
  ctx.options = 0

  # Older versions of OpenSSL do not export the OP_NO_COMPRESSION symbol
  if defined?(OpenSSL::SSL::OP_NO_COMPRESSION)
    # enable/disable the SSL/TLS-level compression
    if params.ssl_compression
      ctx.options &= ~OpenSSL::SSL::OP_NO_COMPRESSION
    else
      ctx.options |= OpenSSL::SSL::OP_NO_COMPRESSION
    end
  end

  ctx.session_id_context = Rex::Text.rand_text(16)

  return ctx
end

#ssl_generate_certificateObject

Shim for the ssl_generate_certificate module method



162
163
164
 
# File 'lib/rex/socket/ssl_tcp_server.rb', line 162

def ssl_generate_certificate
  Rex::Socket::SslTcpServer.ssl_generate_certificate
end

#ssl_parse_pem(ssl_cert) ⇒ Object

Shim for the ssl_parse_pem module method



124
125
126
 
# File 'lib/rex/socket/ssl_tcp_server.rb', line 124

def ssl_parse_pem(ssl_cert)
  Rex::Socket::SslTcpServer.ssl_parse_pem(ssl_cert)
end