3
"""An M2Crypto implementation of OpenSSL's s_client.
5
Copyright (c) 1999-2003 Ng Pheng Siong. All rights reserved."""
12
from M2Crypto import SSL
17
REQ='GET / HTTP/1.0\r\n\r\n'
23
options=['connect=', 'verify=', 'cert=', 'key=', 'CApath=', 'CAfile=', \
24
'reconnect', 'pause', 'showcerts', 'debug', 'nbio_test', 'state', \
25
'nbio', 'crlf', 'sslv2', 'sslv3', 'tlsv1', 'no_sslv2', 'no_sslv3', \
26
'no_tlsv1', 'bugs', 'cipher=', 'Verify=']
27
optlist, optarg=getopt.getopt(args, '', options)
31
setattr(cfg, opt[0][2:], opt[1])
32
for x in (('tlsv1','no_tlsv1'),('sslv3','no_sslv3'),('sslv2','no_sslv2')):
33
if hasattr(cfg, x[0]) and hasattr(cfg, x[1]):
34
raise ValueError, 'mutually exclusive: %s and %s' % x
36
if hasattr(cfg, 'connect'):
37
(host, port)=string.split(cfg.connect, ':')
38
cfg.connect=(host, int(port))
40
cfg.connect=(HOST, PORT)
43
# First protocol found will be used.
44
# Permutate the following tuple for preference.
45
for p in ('tlsv1', 'sslv3', 'sslv2'):
47
cfg.protocol.append(p)
48
cfg.protocol.append('sslv23')
52
def make_context(config):
53
ctx=SSL.Context(config.protocol[0])
54
if hasattr(config, 'cert'):
58
if hasattr(config, 'key'):
62
#ctx.load_cert(cert, key)
64
if hasattr(config, 'verify'):
65
verify=SSL.verify_peer
66
depth=int(config.verify)
67
elif hasattr(config, 'Verify'):
68
verify=SSL.verify_peer | SSL.verify_fail_if_no_peer_cert
69
depth=int(config.Verify)
71
verify=SSL.verify_none
74
config.verify_depth=depth
75
ctx.set_verify(verify, depth)
77
if hasattr(config, 'CAfile'):
81
ctx.load_verify_location(cafile)
86
ctx=make_context(config)
88
s.connect(config.connect)
89
if config.verify != SSL.verify_none and not s.verify_ok():
90
print 'peer verification failed'
91
peer=s.get_peer_cert()
93
print 'unable to get peer certificate'
95
print 'peer.as_text()'
105
if __name__=='__main__':
106
cfg=config(sys.argv[1:])