removed the scripts/ from global install, added the heartbeat extensi…

…on as a bool for the ClientHello
mothran · Apr 8, 2014 · 593ee8c · 593ee8c
1 parent 82074b2
commit 593ee8c
Show file tree

Hide file tree

Showing 6 changed files with 48 additions and 5 deletions.
diff --git a/scripts/tls.py b/scripts/tls.py
@@ -203,6 +203,7 @@ def clientCmd(argv):
 
     settings = HandshakeSettings()
     settings.useExperimentalTackExtension = True
+    settings.heart_beat = False
 
     try:
         start = time.clock()

diff --git a/setup.py b/setup.py
@@ -12,5 +12,5 @@
       url="http://trevp.net/tlslite/",
       description="tlslite implements SSL and TLS.",
       license="public domain and BSD",
-      scripts=["scripts/tls.py", "scripts/tlsdb.py"],
+      #scripts=["scripts/tls.py", "scripts/tlsdb.py"],
       packages=["tlslite", "tlslite.utils", "tlslite.integration"],)
diff --git a/tlslite/constants.py b/tlslite/constants.py
@@ -45,6 +45,7 @@ class ExtensionType:    # RFC 6066 / 4366
     cert_type = 9       # RFC 6091
     tack = 0xF300
     supports_npn = 13172
+    heart_beat = 0x000f
 
 class NameType:
     host_name = 0

diff --git a/tlslite/handshakesettings.py b/tlslite/handshakesettings.py
@@ -107,6 +107,7 @@ def __init__(self):
         self.minVersion = (3,0)
         self.maxVersion = (3,2)
         self.useExperimentalTackExtension = False
+        self.heart_beat = False
 
     # Validates the min/max fields, and certificateTypes
     # Filters out unsupported cipherNames and cipherImplementations
@@ -120,6 +121,7 @@ def _filter(self):
         other.certificateTypes = self.certificateTypes
         other.minVersion = self.minVersion
         other.maxVersion = self.maxVersion
+        other.heart_beat = self.heart_beat
 
         if not cipherfactory.tripleDESPresent:
             other.cipherNames = [e for e in self.cipherNames if e != "3des"]

diff --git a/tlslite/messages.py b/tlslite/messages.py
@@ -87,6 +87,32 @@ def write(self):
         return w.bytes
 
 
+class HeartBeat(object):
+    def __init__(self):
+        self.contentType = ContentType.heart_beat
+        self.level = 0
+        self.description = 0
+
+    def create(self, description, level=AlertLevel.fatal):
+        self.level = level
+        self.description = description
+        return self
+
+    def parse(self, p):
+        p.setLengthCheck(2)
+        self.level = p.get(1)
+        self.description = p.get(1)
+        p.stopLengthCheck()
+        return self
+
+    def write(self):
+        w = Writer()
+        w.add(self.level, 1)
+        w.add(self.description, 1)
+        return w.bytes
+
+
+
 class HandshakeMsg(object):
     def __init__(self, handshakeType):
         self.contentType = ContentType.handshake
@@ -111,11 +137,12 @@ def __init__(self, ssl2=False):
         self.srp_username = None        # a string
         self.tack = False
         self.supports_npn = False
+        self.heart_beat = False
         self.server_name = bytearray(0)
 
     def create(self, version, random, session_id, cipher_suites,
                certificate_types=None, srpUsername=None,
-               tack=False, supports_npn=False, serverName=None):
+               tack=False, supports_npn=False, serverName=None, heart_beat=False):
         self.client_version = version
         self.random = random
         self.session_id = session_id
@@ -126,6 +153,7 @@ def create(self, version, random, session_id, cipher_suites,
             self.srp_username = bytearray(srpUsername, "utf-8")
         self.tack = tack
         self.supports_npn = supports_npn
+        self.heart_beat = heart_beat
         if serverName:
             self.server_name = bytearray(serverName, "utf-8")
         return self
@@ -167,6 +195,8 @@ def parse(self, p):
                         self.tack = True
                     elif extType == ExtensionType.supports_npn:
                         self.supports_npn = True
+                    elif extType == ExtensionType.heart_beat:
+                        self.heart_beat = True
                     elif extType == ExtensionType.server_name:
                         serverNameListBytes = p.getFixBytes(extLength)
                         p2 = Parser(serverNameListBytes)
@@ -215,7 +245,11 @@ def write(self):
             w2.add(len(self.server_name)+5, 2)
             w2.add(len(self.server_name)+3, 2)            
             w2.add(NameType.host_name, 1)
-            w2.addVarSeq(self.server_name, 1, 2) 
+            w2.addVarSeq(self.server_name, 1, 2)
+        if self.heart_beat:
+            w2.add(ExtensionType.heart_beat, 2)
+            w2.add(1, 2)
+            w2.add(1, 1)         
         if self.tack:
             w2.add(ExtensionType.tack, 2)
             w2.add(0, 2)
@@ -241,6 +275,7 @@ def __init__(self):
         self.certificate_type = CertificateType.x509
         self.compression_method = 0
         self.tackExt = None
+        self.heart_beat = False
         self.next_protos_advertised = None
         self.next_protos = None
 
@@ -277,6 +312,8 @@ def parse(self, p):
                     self.tackExt = TackExtension(p.getFixBytes(extLength))
                 elif extType == ExtensionType.supports_npn:
                     self.next_protos = self.__parse_next_protos(p.getFixBytes(extLength))
+                elif extType == ExtensionType.heart_beat:
+                    self.heart_beat = True
                 else:
                     p.getFixBytes(extLength)
                 soFar += 4 + extLength

diff --git a/tlslite/tlsconnection.py b/tlslite/tlsconnection.py
@@ -522,7 +522,8 @@ def _clientSendClientHello(self, settings, session, srpUsername,
                                    certificateTypes, 
                                    session.srpUsername,
                                    reqTack, nextProtos is not None,
-                                   session.serverName)
+                                   session.serverName,
+                                   heart_beat=settings.heart_beat)
 
         #Or send ClientHello (without)
         else:
@@ -532,7 +533,8 @@ def _clientSendClientHello(self, settings, session, srpUsername,
                                certificateTypes, 
                                srpUsername,
                                reqTack, nextProtos is not None, 
-                               serverName)
+                               serverName,
+                               heart_beat=settings.heart_beat)
         for result in self._sendMsg(clientHello):
             yield result
         yield clientHello