Module: Arachni::Reactor::Connection::TLS
- Defined in:
- lib/arachni/reactor/connection/tls.rb
Overview
Instance Method Summary collapse
-
#start_tls(options = {}) ⇒ Object
Converts the #socket to an SSL one.
Instance Method Details
#start_tls(options = {}) ⇒ Object
Converts the Arachni::Reactor::Connection#socket to an SSL one.
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 |
# File 'lib/arachni/reactor/connection/tls.rb', line 25 def start_tls( = {} ) if @socket.is_a? OpenSSL::SSL::SSLSocket @ssl_context = @socket.context return end @ssl_context = OpenSSL::SSL::SSLContext.new @ssl_context.verify_mode = OpenSSL::SSL::VERIFY_NONE if [:certificate] && [:private_key] @ssl_context.cert = OpenSSL::X509::Certificate.new( File.open( [:certificate] ) ) @ssl_context.key = OpenSSL::PKey::RSA.new( File.open( [:private_key] ) ) @ssl_context.ca_file = [:ca] @ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER | OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT elsif @role == :server @ssl_context.key = OpenSSL::PKey::RSA.new( 2048 ) @ssl_context.cert = OpenSSL::X509::Certificate.new @ssl_context.cert.subject = OpenSSL::X509::Name.new( [['CN', 'localhost']] ) @ssl_context.cert.issuer = @ssl_context.cert.subject @ssl_context.cert.public_key = @ssl_context.key @ssl_context.cert.not_before = Time.now @ssl_context.cert.not_after = Time.now + 60 * 60 * 24 @ssl_context.cert.version = 2 @ssl_context.cert.serial = 1 @ssl_context.cert.sign( @ssl_context.key, OpenSSL::Digest::SHA1.new ) end if @role == :server @socket = OpenSSL::SSL::SSLServer.new( @socket, @ssl_context ) else @socket = OpenSSL::SSL::SSLSocket.new( @socket, @ssl_context ) @socket.sync_close = true # We've switched to SSL, a connection needs to be re-established # via the SSL handshake. @connected = false _connect if unix? end @socket end |