Module: Rex::Socket::SslTcpServer

Includes:
Ssl, TcpServer
Defined in:
lib/rex/socket/ssl_tcp_server.rb

Overview

This class provides methods for interacting with an SSL wrapped TCP server. It implements the StreamServer IO interface.

Constant Summary

Constants included from Rex::Socket

LogSource, MATCH_DNS_NAME, MATCH_IPV4, MATCH_IPV4_PRIVATE, MATCH_IPV6, MATCH_MAC_ADDR, VERSION

Constants included from Ssl

Rex::Socket::Ssl::DEFAULT_SSL_VERSION

Instance Attribute Summary

Attributes included from Rex::Socket

#context, #ipv, #localhost, #localport, #peerhost, #peerhostname, #peerport

Attributes included from Ssl

#sslctx

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Rex::Socket

_install_global_resolver, addr_atoc, addr_atoi, addr_atoi_list, addr_aton, addr_ctoa, addr_itoa, addr_iton, addr_ntoa, addr_ntoi, bit2netmask, cidr_crack, compress_address, create_ip, create_tcp, create_tcp_server, create_udp, dotted_ip?, eth_aton, eth_ntoa, #fd, from_sockaddr, getaddress, getaddresses, gethostbyname, #getlocalname, #getpeername_as_array, getresources, #getsockname, ipv6_link_address, ipv6_mac, is_internal?, is_ip_addr?, is_ipv4?, is_ipv6?, is_mac_addr?, is_name?, #localinfo, net2bitmask, #peerinfo, portlist_to_portspec, portspec_crack, portspec_to_portlist, resolv_nbo, resolv_nbo_i, resolv_nbo_i_list, resolv_nbo_list, resolv_to_dotted, source_address, support_ipv6?, tcp_socket_pair, to_authority, to_sockaddr, #type?, udp_socket_pair

Methods included from Ssl

#allow_nonblock?, cert_provider=, #makessl, ssl_generate_certificate, #ssl_generate_certificate, ssl_generate_issuer, ssl_generate_subject, #ssl_parse_pem, ssl_parse_pem

Class Method Details

.create(hash = {}) ⇒ Object

Factory



24
25
26
27
28
29
# File 'lib/rex/socket/ssl_tcp_server.rb', line 24

def self.create(hash = {})
  hash['Proto']  = 'tcp'
  hash['Server'] = true
  hash['SSL']    = true
  self.create_param(Rex::Socket::Parameters.from_hash(hash))
end

.create_param(param) ⇒ Object

Wrapper around the base class’ creation method that automatically sets the parameter’s protocol to TCP and sets the server flag to true.



35
36
37
38
39
40
# File 'lib/rex/socket/ssl_tcp_server.rb', line 35

def self.create_param(param)
  param.proto  = 'tcp'
  param.server = true
  param.ssl    = true
  Rex::Socket.create_param(param)
end

Instance Method Details

#accept(opts = {}) ⇒ Object

Accepts a child connection.



54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
# File 'lib/rex/socket/ssl_tcp_server.rb', line 54

def accept(opts = {})
  sock = super()
  return if not sock

  begin
    ssl = OpenSSL::SSL::SSLSocket.new(sock, self.sslctx)

    if not allow_nonblock?(ssl)
      begin
        Timeout::timeout(3.5) {
          ssl.accept
        }
      rescue ::Timeout::Error => e
        sock.close
        raise ::OpenSSL::SSL::SSLError
      end
    else
      begin
        ssl.accept_nonblock

      # Ruby 1.8.7 and 1.9.0/1.9.1 uses a standard Errno
      rescue ::Errno::EAGAIN, ::Errno::EWOULDBLOCK
          IO::select(nil, nil, nil, 0.10)
          retry

      # Ruby 1.9.2+ uses IO::WaitReadable/IO::WaitWritable
      rescue ::Exception => e
        if ::IO.const_defined?('WaitReadable') and e.kind_of?(::IO::WaitReadable)
          IO::select( [ ssl ], nil, nil, 0.10 )
          retry
        end

        if ::IO.const_defined?('WaitWritable') and e.kind_of?(::IO::WaitWritable)
          IO::select( nil, [ ssl ], nil, 0.10 )
          retry
        end

        raise e
      end
    end

    sock.extend(Rex::Socket::SslTcp)
    sock.sslsock = ssl
    sock.sslctx  = self.sslctx

    return sock

  rescue ::OpenSSL::SSL::SSLError
    sock.close
    nil
  end
end

#initsock(params = nil) ⇒ Object



42
43
44
45
46
47
48
49
50
51
# File 'lib/rex/socket/ssl_tcp_server.rb', line 42

def initsock(params = nil)

  if params && params.sslctx && params.sslctx.kind_of?(OpenSSL::SSL::SSLContext)
    self.sslctx = params.sslctx
  else
    self.sslctx  = makessl(params)
  end

  super
end