我正在设计一个ssl服务器,我在其中使用twisted for它和ssl,它需要客户端证书身份验证才能继续程序,当我验证客户端的ssl证书时,它返回True,但是我想在客户端证书中传递commanname和emailaddress,以便我可以在中获取特定客户端的设置处理程序类,你能帮我吗?在
from OpenSSL import SSL
from twisted.internet import ssl, reactor
from twisted.internet.protocol import Factory, Protocol
from twisted.web import server, resource, static, twcgi
class Handler(Protocol):
def dataReceived(self, data):
self.transport.write(data)
def connectionMade(self):
self.transport.write('hello world')
def verifyCallback(connection, x509, errnum, errdepth, ok):
global client_username
if not ok:
return False
else:
return True
if __name__ == '__main__':
#setting up ssl json server
factory = Factory()
factory.protocol = Handler
myContextFactory = ssl.DefaultOpenSSLContextFactory('server.key', 'server.crt',SSL.TLSv1_METHOD)
ctx = myContextFactory.getContext()
ctx.load_verify_locations("ca.crt")
ctx.set_verify(SSL.VERIFY_PEER | SSL.VERIFY_FAIL_IF_NO_PEER_CERT,verifyCallback)
reactor.listenSSL(8080, factory,myContextFactory)
reactor.run()
调用
Protocol.dataReceived
中的transport.getPeerCertificate
或其他协议方法(仅在收到一些数据之后)。在相关问题 更多 >
编程相关推荐