bityob/client.py

## client.py
import socket
import ssl

SERVER_PORT = 60000
HOST = "127.0.0.1"

tls_client_cert = "client.crt"
tls_client_key = "client-private-key.key"
tls_key_password = None
tls_ca_bundle = "ca_bundle.pem"

client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
client.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

context = ssl.create_default_context(
    purpose=ssl.Purpose.SERVER_AUTH,
    cafile=tls_ca_bundle,
)
context.check_hostname = False
context.verify_mode = ssl.CERT_REQUIRED
context.load_cert_chain(
    tls_client_cert, tls_client_key, tls_key_password
)
client = context.wrap_socket(client, server_hostname=HOST)


if __name__ == "__main__":
    client.connect((HOST, SERVER_PORT))
    i = 1

    while True:
        from time import sleep
        msg = "[%s] Hello World!" % i
        client.send(msg.encode("utf8"))
        i+=1
        sleep(1)

## server.py
from __future__ import print_function

import socket
import ssl

HOST = "0.0.0.0"
PORT = 60000

server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

server = ssl.wrap_socket(
    server,
    server_side=True,
    keyfile="server-private-key.key",
    certfile="server.crt",
    ca_certs="ca_bundle.pem",
    cert_reqs=ssl.CERT_REQUIRED,
)

if __name__ == "__main__":
    server.bind((HOST, PORT))
    server.listen(0)

    while True:
        try:
            connection, client_address = server.accept()
            while True:
                data = connection.recv(1024)
                if not data:
                    break
                print("Received: %s" % data.decode('utf-8'))
        except Exception as ex:
            print("Failed: %s" % ex)

## setup.sh
# Create certificate (public key included) and private key for the server and the client
openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout server-private-key.key -out server.crt
openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout client-private-key.key -out client.crt

# Add both certificates to ca_bundle.pem, to be use as ca_bundle for the server and the client
cat server.crt >> ca_bundle.pem
cat client.crt >> ca_bundle.pem

# Run server and client
python server.py &
python client.py
	import socket
	import ssl

	SERVER_PORT = 60000
	HOST = "127.0.0.1"

	tls_client_cert = "client.crt"
	tls_client_key = "client-private-key.key"
	tls_key_password = None
	tls_ca_bundle = "ca_bundle.pem"

	client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	client.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

	context = ssl.create_default_context(
	purpose=ssl.Purpose.SERVER_AUTH,
	cafile=tls_ca_bundle,
	)
	context.check_hostname = False
	context.verify_mode = ssl.CERT_REQUIRED
	context.load_cert_chain(
	tls_client_cert, tls_client_key, tls_key_password
	)
	client = context.wrap_socket(client, server_hostname=HOST)


	if __name__ == "__main__":
	client.connect((HOST, SERVER_PORT))
	i = 1

	while True:
	from time import sleep
	msg = "[%s] Hello World!" % i
	client.send(msg.encode("utf8"))
	i+=1
	sleep(1)
	from __future__ import print_function

	import socket
	import ssl

	HOST = "0.0.0.0"
	PORT = 60000

	server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	server.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

	server = ssl.wrap_socket(
	server,
	server_side=True,
	keyfile="server-private-key.key",
	certfile="server.crt",
	ca_certs="ca_bundle.pem",
	cert_reqs=ssl.CERT_REQUIRED,
	)

	if __name__ == "__main__":
	server.bind((HOST, PORT))
	server.listen(0)

	while True:
	try:
	connection, client_address = server.accept()
	while True:
	data = connection.recv(1024)
	if not data:
	break
	print("Received: %s" % data.decode('utf-8'))
	except Exception as ex:
	print("Failed: %s" % ex)
	# Create certificate (public key included) and private key for the server and the client
	openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout server-private-key.key -out server.crt
	openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout client-private-key.key -out client.crt

	# Add both certificates to ca_bundle.pem, to be use as ca_bundle for the server and the client
	cat server.crt >> ca_bundle.pem
	cat client.crt >> ca_bundle.pem

	# Run server and client
	python server.py &
	python client.py