Class: PacketThief::Handlers::SSLClient

Inherits:

AbstractSSLHandler

• Object
• EM::Connection
• AbstractSSLHandler
• PacketThief::Handlers::SSLClient

Defined in:

lib/packetthief/handlers/ssl_client.rb

Overview

Basic SSL/TLS Client built on Ruby’s OpenSSL objects instead of on EventMachine’s start_tls. This allows you to manipulate the SSLContext and other details of the connection that EM normally doesn’t let you touch.

Subclass it and override any of the methods in the following example to use the the functionality.

You can #send_data to send encrypted data to the other side, and #receive_data will be called when there is data for the handler.

EM.run {
  SSLClient.connect "www.isecpartners.com", 443 do |p|

    # Note: this code block is actually too late to set up a new
    # #post_init since it runs just after post_init. You can use
    # #post_init on a subclass though.
    def p.post_init
      # modify p.ctx to configure your certificates, key, etc.
    end

    # The following makes more sense for the initialization block.
    h.ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE

    def p.tls_successful_handshake
      # the handshake succeeded
    end

    def p.tls_failed_handshake(e)
      # the ssl handshake failed, probably due to the client rejecting
      # your certificate. =)
    end

    def p.unbind
      # unbind handler, called regardless of handshake success
    end

    def p.receive_data(data)
      # do something with the unencrypted stream
      p.send_data("some message") # data to be encrypted then sent to the client
    end

  end
}

Note: During #initialize and #post_init, this class does not have access to its socket yet. Instead, use #tls_pre_start or the code block you pass to .start to initialize the SSLContext, and use #tls_successful_handshake to do anything once the SSL handshake has completed.

Direct Known Subclasses

PacketThief::Handlers::SSLTransparentProxy::SSLProxyConnection

Instance Attribute Summary

Attributes inherited from AbstractSSLHandler

#ctx, #sni_hostname, #sslsocket, #tcpsocket

Class Method Summary

• .connect(host, port, *args, &block) ⇒ Object

Instance Method Summary

• #tls_begin ⇒ Object

Methods inherited from AbstractSSLHandler

#close_connection, #close_connection_after_writing, #initialize, #notify_readable, #notify_writable, #post_init, #receive_data, #send_data, #tls_failed_handshake, #tls_successful_handshake, #unbind, #write_buffer, #write_buffer=

Methods included from Logging

log

Constructor Details

This class inherits a constructor from PacketThief::Handlers::AbstractSSLHandler

Class Method Details

.connect(host, port, *args, &block) ⇒ Object

# File 'lib/packetthief/handlers/ssl_client.rb', line 56

def self.connect(host, port, *args, &block)
  ssl_class = self

  sock = TCPSocket.new host, port

  ::EM.watch sock, ssl_class, sock, *args do |h|
    h.notify_readable = true
#          h.notify_writable = true
    block.call(h) if block
    h.tls_begin
  end
end

Instance Method Details

#tls_begin ⇒ Object

# File 'lib/packetthief/handlers/ssl_client.rb', line 80

def tls_begin
  super
  attempt_connection
end