Module: Ronin::Support::Network::TLS::Mixin

Includes:

SSL::Mixin

Defined in:

lib/ronin/support/network/tls/mixin.rb

Overview

Provides helper methods for communicating with TLS-enabled services.

Since:

• 1.0.0

Instance Method Summary

• #tls_accept(**kwargs) {|client| ... } ⇒ nil

  Creates a new SSL socket listening on a given host and port, accepts only one client and then stops listening.

• #tls_banner(host, port, **kwargs) {|banner| ... } ⇒ String

  Reads the banner from the service running on the given host and port.

• #tls_cert(host, port, **kwargs) ⇒ OpenSSL::X509::Certificate

  Connects to the host and port and returns the server's certificate.

• #tls_connect(host, port, **kwargs) {|tls_socket| ... } ⇒ OpenSSL::SSL::SSLSocket^?

  Establishes a SSL connection.

• #tls_connect_and_send(data, host, port, **kwargs) {|tls_socket| ... } ⇒ Object

  Creates a new SSL connection and sends the given data.

• #tls_context(**kwargs) ⇒ OpenSSL::SSL::SSLContext

  Creates a new TLS Context.

• #tls_open?(host, port, **kwargs) ⇒ Boolean^?

  Tests whether a remote SSLed TCP port is open.

• #tls_send(data, host, port, **kwargs) ⇒ true

  Connects to a specified host and port, sends the given data and then closes the connection.

• #tls_server(**kwargs) {|server| ... } ⇒ OpenSSL::SSL::SSLServer

  Creates a new TLS server listening on a given host and port.

• #tls_server_loop(**kwargs) {|client| ... } ⇒ nil

  Creates a new SSL socket listening on a given host and port, accepting clients in a loop.

• #tls_server_session(**kwargs) {|server| ... } ⇒ OpenSSL::SSL::SSLServer

  Creates a new temporary TLS server listening on a given host and port.

• #tls_server_socket(socket, **kwargs) ⇒ OpenSSL::SSL::SSLSocket

  Accepts an SSL session from an existing TCP socket.

• #tls_socket(socket, **kwargs) ⇒ OpenSSL::SSL::SSLSocket

  Initiates an SSL session with an existing TCP socket.

Methods included from SSL::Mixin

#ssl_accept, #ssl_banner, #ssl_cert, #ssl_connect, #ssl_connect_and_send, #ssl_context, #ssl_open?, #ssl_send, #ssl_server, #ssl_server_loop, #ssl_server_session, #ssl_server_socket, #ssl_socket

Instance Method Details

#tls_accept(**kwargs) {|client| ... } ⇒ nil

Creates a new SSL socket listening on a given host and port, accepts only one client and then stops listening.

Examples:

tls_accept(1337) do |client|
  client.puts 'lol'
end

Using a self-signed certificate:

# $ openssl genrsa -out ssl.key 1024
# $ openssl req -new -key ssl.key -x509 -days 3653 -out ssl.crt
# $ cat ssl.key ssl.crt > ssl.pem
# $ chmod 600 ssl.key ssl.pem
tls_accept(port: 1337, cert: 'ssl.crt', key: 'ssl.key') do |client|
  client.puts 'lol'
end

Parameters:

• kwargs (Hash{Symbol => Object}) —

  Additional keyword arguments for #tls_server_socket.

Options Hash (**kwargs):

• :port (Integer) — default: 0 —

  The local port to listen on.

• :host (String, nil) —

  The host to bind to.

• :backlog (Integer) — default: 5 —

  The maximum backlog of pending connections.

• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) — default: SSL.key —

  The RSA key to use for the TLS context.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) — default: SSL.cert —

  The X509 certificate to use for the TLS context.

• :version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The TLS version to use.

• :min_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The minimum TLS version to use.

• :max_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The maximum TLS version to use.

• :verify (Symbol, Boolean) —

  Specifies whether to verify the SSL certificate. May be one of the following:

  • :none
  • :peer
  • :fail_if_no_peer_cert
  • :client_once
• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) —

  The RSA key to use for the TLS context.

• :key_file (String) —

  The path to the TLS .key file.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) —

  The X509 certificate to use for the TLS context.

• :cert_file (String) —

  The path to the TLS .crt file.

• :ca_bundle (String) —

  Path to the CA certificate file or directory.

Yields:

• (client) —

  The given block will be passed the newly connected client. After the block has finished, both the client and the server will be closed.

Yield Parameters:

• client (OpenSSL::SSL::SSLSocket) —

  The newly connected client.

Returns:

• (nil)

See Also:

• Ronin::Support::Network::TLS.accept

Since:

• 1.0.0

# File 'lib/ronin/support/network/tls/mixin.rb', line 489

def tls_accept(**kwargs, &block)
  TLS.accept(**kwargs, &block)
end

#tls_banner(host, port, **kwargs) {|banner| ... } ⇒ String

Reads the banner from the service running on the given host and port.

Examples:

tls_banner('smtp.gmail.com',465)
# => "220 mx.google.com ESMTP c20sm3096959rvf.1"

Parameters:

• host (String) —

  The host to connect to.

• port (Integer) —

  The port to connect to.

• kwargs (Hash{Symbol => Object}) —

  Additional keyword arguments for #tls_connect.

Options Hash (**kwargs):

• :bind_host (String) —

  The local host to bind to.

• :bind_port (Integer) —

  The local port to bind to.

• :version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The TLS version to use.

• :min_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The minimum TLS version to use.

• :max_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The maximum TLS version to use.

• :verify (Symbol, Boolean) —

  Specifies whether to verify the SSL certificate. May be one of the following:

  • :none
  • :peer
  • :fail_if_no_peer_cert
  • :client_once
• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) —

  The RSA key to use for the TLS context.

• :key_file (String) —

  The path to the TLS .key file.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) —

  The X509 certificate to use for the TLS context.

• :cert_file (String) —

  The path to the TLS .crt file.

• :ca_bundle (String) —

  Path to the CA certificate file or directory.

Yields:

• (banner) —

  If a block is given, it will be passed the grabbed banner.

Yield Parameters:

• banner (String) —

  The grabbed banner.

Returns:

• (String) —

  The grabbed banner.

See Also:

• Ronin::Support::Network::TLS.banner

Since:

• 1.0.0

# File 'lib/ronin/support/network/tls/mixin.rb', line 280

def tls_banner(host,port,**kwargs, &block)
  TLS.banner(host,port,**kwargs, &block)
end

#tls_cert(host, port, **kwargs) ⇒ OpenSSL::X509::Certificate

Connects to the host and port and returns the server's certificate.

Parameters:

• host (String) —

  The host to connect to.

• port (Integer) —

  The port to connect to.

• kwargs (Hash{Symbol => Object}) —

  Additional keyword arguments for #tls_connect.

Options Hash (**kwargs):

• :bind_host (String) —

  The local host to bind to.

• :bind_port (Integer) —

  The local port to bind to.

• :version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The TLS version to use.

• :min_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The minimum TLS version to use.

• :max_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The maximum TLS version to use.

• :verify (Symbol, Boolean) —

  Specifies whether to verify the SSL certificate. May be one of the following:

  • :none
  • :peer
  • :fail_if_no_peer_cert
  • :client_once
• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) —

  The RSA key to use for the TLS context.

• :key_file (String) —

  The path to the TLS .key file.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) —

  The X509 certificate to use for the TLS context.

• :cert_file (String) —

  The path to the TLS .crt file.

• :ca_bundle (String) —

  Path to the CA certificate file or directory.

Returns:

• (OpenSSL::X509::Certificate) —

  The server's certificate.

See Also:

• Ronin::Support::Network::TLS.get_cert

Since:

• 1.0.0

# File 'lib/ronin/support/network/tls/mixin.rb', line 244

def tls_cert(host,port,**kwargs)
  TLS.get_cert(host,port,**kwargs)
end

#tls_connect(host, port, **kwargs) {|tls_socket| ... } ⇒ OpenSSL::SSL::SSLSocket^?

Establishes a SSL connection.

Examples:

socket = tls_connect('twitter.com',443)

tls_connect('twitter.com',443) do |sock|
  sock.write("GET / HTTP/1.1\n\r\n\r")

  sock.each_line { |line| puts line }
end

Parameters:

• host (String) —

  The host to connect to.

• port (Integer) —

  The port to connect to.

• kwargs (Hash{Symbol => Object}) —

  Additional keyword arguments for #tls_socket.

Options Hash (**kwargs):

• :bind_host (String) —

  The local host to bind to.

• :bind_port (Integer) —

  The local port to bind to.

• :version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The TLS version to use.

• :min_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The minimum TLS version to use.

• :max_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The maximum TLS version to use.

• :verify (Symbol, Boolean) —

  Specifies whether to verify the SSL certificate. May be one of the following:

  • :none
  • :peer
  • :fail_if_no_peer_cert
  • :client_once
• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) —

  The RSA key to use for the TLS context.

• :key_file (String) —

  The path to the TLS .key file.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) —

  The X509 certificate to use for the TLS context.

• :cert_file (String) —

  The path to the TLS .crt file.

• :ca_bundle (String) —

  Path to the CA certificate file or directory.

Yields:

• (tls_socket) —

  The given block will be passed the new SSL socket. Once the block returns the SSL socket will be closed.

Yield Parameters:

• tls_socket (OpenSSL::SSL::SSLSocket) —

  The new SSL Socket.

Returns:

• (OpenSSL::SSL::SSLSocket, nil) —

  The new SSL Socket. If a block is given, then nil will be returned.

See Also:

• http://rubydoc.info/stdlib/openssl/OpenSSL/SSL/SSLSocket
• Ronin::Support::Network::TLS.connect

Since:

• 1.0.0

# File 'lib/ronin/support/network/tls/mixin.rb', line 190

def tls_connect(host,port,**kwargs, &block)
  TLS.connect(host,port,**kwargs, &block)
end

#tls_connect_and_send(data, host, port, **kwargs) {|tls_socket| ... } ⇒ Object

Creates a new SSL connection and sends the given data.

Parameters:

• data (String) —

  The data to send through the connection.

• host (String) —

  The host to connect to.

• port (Integer) —

  The port to connect to.

• kwargs (Hash{Symbol => Object}) —

  Additional keyword arguments for #tls_connect.

Options Hash (**kwargs):

• :bind_host (String) —

  The local host to bind to.

• :bind_port (Integer) —

  The local port to bind to.

• :version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The TLS version to use.

• :min_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The minimum TLS version to use.

• :max_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The maximum TLS version to use.

• :verify (Symbol, Boolean) —

  Specifies whether to verify the SSL certificate. May be one of the following:

  • :none
  • :peer
  • :fail_if_no_peer_cert
  • :client_once
• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) —

  The RSA key to use for the TLS context.

• :key_file (String) —

  The path to the TLS .key file.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) —

  The X509 certificate to use for the TLS context.

• :cert_file (String) —

  The path to the TLS .crt file.

• :ca_bundle (String) —

  Path to the CA certificate file or directory.

Yields:

• (tls_socket) —

  The given block will be passed the newly created TLS Socket.

Yield Parameters:

• tls_socket (OpenSSL::SSL::SSLSocket) —

  The newly created SSL Socket.

See Also:

• Ronin::Support::Network::TLS.connect_and_send

Since:

• 1.0.0

# File 'lib/ronin/support/network/tls/mixin.rb', line 221

def tls_connect_and_send(data,host,port,**kwargs, &block)
  TLS.connect_and_send(data,host,port,**kwargs, &block)
end

#tls_context(**kwargs) ⇒ OpenSSL::SSL::SSLContext

Creates a new TLS Context.

Parameters:

• kwargs (Hash{Symbol => Object}) —

  Additional keyword arguments for Ronin::Support::Network::TLS.context.

Options Hash (**kwargs):

• :version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The TLS version to use.

• :min_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The minimum TLS version to use.

• :max_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The maximum TLS version to use.

• :verify (Symbol, Boolean) —

  Specifies whether to verify the SSL certificate. May be one of the following:

  • :none
  • :peer
  • :fail_if_no_peer_cert
  • :client_once
• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) —

  The RSA key to use for the TLS context.

• :key_file (String) —

  The path to the TLS .key file.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) —

  The X509 certificate to use for the TLS context.

• :cert_file (String) —

  The path to the TLS .crt file.

• :ca_bundle (String) —

  Path to the CA certificate file or directory.

Returns:

• (OpenSSL::SSL::SSLContext) —

  The newly created SSL Context.

Since:

• 1.0.0

# File 'lib/ronin/support/network/tls/mixin.rb', line 81

def tls_context(**kwargs)
  TLS.context(**kwargs)
end

#tls_open?(host, port, **kwargs) ⇒ Boolean^?

Tests whether a remote SSLed TCP port is open.

Examples:

tls_open?('www.bankofamerica.com',443)

Using a timeout:

tls_open?('example.com',80, timeout: 5)
# => nil

Parameters:

• host (String) —

  The host to connect to.

• port (Integer) —

  The port to connect to.

• kwargs (Hash{Symbol => Object}) —

  Additional keyword arguments for #tls_connect.

Options Hash (**kwargs):

• :bind_host (String) —

  The local host to bind to.

• :bind_port (Integer) —

  The local port to bind to.

• :version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The TLS version to use.

• :min_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The minimum TLS version to use.

• :max_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The maximum TLS version to use.

• :verify (Symbol, Boolean) —

  Specifies whether to verify the SSL certificate. May be one of the following:

  • :none
  • :peer
  • :fail_if_no_peer_cert
  • :client_once
• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) —

  The RSA key to use for the TLS context.

• :key_file (String) —

  The path to the TLS .key file.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) —

  The X509 certificate to use for the TLS context.

• :cert_file (String) —

  The path to the TLS .crt file.

• :ca_bundle (String) —

  Path to the CA certificate file or directory.

Returns:

• (Boolean, nil) —

  Specifies whether the remote SSLed TCP port is open. If the connection was not accepted, nil will be returned.

See Also:

• Ronin::Support::Network::TLS.open?

Since:

• 1.0.0

# File 'lib/ronin/support/network/tls/mixin.rb', line 145

def tls_open?(host,port,**kwargs)
  TLS.open?(host,port,**kwargs)
end

#tls_send(data, host, port, **kwargs) ⇒ true

Connects to a specified host and port, sends the given data and then closes the connection.

Examples:

buffer = "GET /#{'A' * 4096}\n\r"
tls_send(buffer,'victim.com',443)
# => true

Parameters:

• data (String) —

  The data to send through the connection.

• host (String) —

  The host to connect to.

• port (Integer) —

  The port to connect to.

• kwargs (Hash{Symbol => Object}) —

  Additional keyword arguments for #tls_connect.

Options Hash (**kwargs):

• :bind_host (String) —

  The local host to bind to.

• :bind_port (Integer) —

  The local port to bind to.

• :version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The TLS version to use.

• :min_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The minimum TLS version to use.

• :max_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The maximum TLS version to use.

• :verify (Symbol, Boolean) —

  Specifies whether to verify the SSL certificate. May be one of the following:

  • :none
  • :peer
  • :fail_if_no_peer_cert
  • :client_once
• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) —

  The RSA key to use for the TLS context.

• :key_file (String) —

  The path to the TLS .key file.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) —

  The X509 certificate to use for the TLS context.

• :cert_file (String) —

  The path to the TLS .crt file.

• :ca_bundle (String) —

  Path to the CA certificate file or directory.

Returns:

• (true) —

  The data was successfully sent.

See Also:

• Ronin::Support::Network::TLS.send

Since:

• 1.0.0

# File 'lib/ronin/support/network/tls/mixin.rb', line 314

def tls_send(data,host,port,**kwargs)
  TLS.send(data,host,port,**kwargs)
end

#tls_server(**kwargs) {|server| ... } ⇒ OpenSSL::SSL::SSLServer

Creates a new TLS server listening on a given host and port.

Parameters:

• kwargs (Hash{Symbol => Object}) —

  Additional keyword arguments for #tls_context.

Options Hash (**kwargs):

• :port (Integer) — default: 0 —

  The local port to listen on.

• :host (String, nil) —

  The host to bind to.

• :backlog (Integer) — default: 5 —

  The maximum backlog of pending connections.

• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) — default: SSL.key —

  The RSA key to use for the TLS context.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) — default: SSL.cert —

  The X509 certificate to use for the TLS context.

• :version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The TLS version to use.

• :min_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The minimum TLS version to use.

• :max_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The maximum TLS version to use.

• :verify (Symbol, Boolean) —

  Specifies whether to verify the SSL certificate. May be one of the following:

  • :none
  • :peer
  • :fail_if_no_peer_cert
  • :client_once
• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) —

  The RSA key to use for the TLS context.

• :key_file (String) —

  The path to the TLS .key file.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) —

  The X509 certificate to use for the TLS context.

• :cert_file (String) —

  The path to the TLS .crt file.

• :ca_bundle (String) —

  Path to the CA certificate file or directory.

Yields:

• (server) —

  The given block will be passed the newly created SSL server.

Yield Parameters:

• server (OpenSSL::SSL::SSLServer) —

  The newly created SSL server.

Returns:

• (OpenSSL::SSL::SSLServer) —

  The newly created SSL server.

Since:

• 1.1.0

# File 'lib/ronin/support/network/tls/mixin.rb', line 386

def tls_server(**kwargs, &block)
  TLS.server(**kwargs, &block)
end

#tls_server_loop(**kwargs) {|client| ... } ⇒ nil

Creates a new SSL socket listening on a given host and port, accepting clients in a loop.

Examples:

# $ openssl genrsa -out ssl.key 1024
# $ openssl req -new -key ssl.key -x509 -days 3653 -out ssl.crt
# $ cat ssl.key ssl.crt > ssl.pem
# $ chmod 600 ssl.key ssl.pem
tls_server_loop(port: 1337, cert: 'ssl.crt', key: 'ssl.key') do |sock|
  sock.puts 'lol'
end

Parameters:

• kwargs (Hash{Symbol => Object}) —

  Additional keyword arguments for #tls_server_socket.

Options Hash (**kwargs):

• :port (Integer) — default: 0 —

  The local port to listen on.

• :host (String, nil) —

  The host to bind to.

• :backlog (Integer) — default: 5 —

  The maximum backlog of pending connections.

• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) — default: SSL.key —

  The RSA key to use for the TLS context.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) — default: SSL.cert —

  The X509 certificate to use for the TLS context.

• :version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The TLS version to use.

• :min_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The minimum TLS version to use.

• :max_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The maximum TLS version to use.

• :verify (Symbol, Boolean) —

  Specifies whether to verify the SSL certificate. May be one of the following:

  • :none
  • :peer
  • :fail_if_no_peer_cert
  • :client_once
• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) —

  The RSA key to use for the TLS context.

• :key_file (String) —

  The path to the TLS .key file.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) —

  The X509 certificate to use for the TLS context.

• :cert_file (String) —

  The path to the TLS .crt file.

• :ca_bundle (String) —

  Path to the CA certificate file or directory.

Yields:

• (client) —

  The given block will be passed the newly connected client. After the block has finished, the client will be closed.

Yield Parameters:

• client (OpenSSL::SSL::SSLSocket) —

  A newly connected client.

Returns:

• (nil)

See Also:

• Ronin::Support::Network::TLS.server_loop

Since:

• 1.0.0

# File 'lib/ronin/support/network/tls/mixin.rb', line 448

def tls_server_loop(**kwargs,&block)
  TLS.server_loop(**kwargs,&block)
end

#tls_server_session(**kwargs) {|server| ... } ⇒ OpenSSL::SSL::SSLServer

Creates a new temporary TLS server listening on a given host and port.

Parameters:

• kwargs (Hash{Symbol => Object}) —

  Additional keyword arguments for #tls_context.

Options Hash (**kwargs):

• :port (Integer) — default: 0 —

  The local port to listen on.

• :host (String, nil) —

  The host to bind to.

• :backlog (Integer) — default: 5 —

  The maximum backlog of pending connections.

• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) — default: SSL.key —

  The RSA key to use for the TLS context.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) — default: SSL.cert —

  The X509 certificate to use for the TLS context.

• :version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The TLS version to use.

• :min_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The minimum TLS version to use.

• :max_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The maximum TLS version to use.

• :verify (Symbol, Boolean) —

  Specifies whether to verify the SSL certificate. May be one of the following:

  • :none
  • :peer
  • :fail_if_no_peer_cert
  • :client_once
• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) —

  The RSA key to use for the TLS context.

• :key_file (String) —

  The path to the TLS .key file.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) —

  The X509 certificate to use for the TLS context.

• :cert_file (String) —

  The path to the TLS .crt file.

• :ca_bundle (String) —

  Path to the CA certificate file or directory.

Yields:

• (server) —

  The given block will be passed the newly created SSL server.

Yield Parameters:

• server (OpenSSL::SSL::SSLServer) —

  The newly created SSL server. Once the block has finished, the server will be closed.

Returns:

• (OpenSSL::SSL::SSLServer) —

  The newly created SSL server.

Since:

• 1.1.0

# File 'lib/ronin/support/network/tls/mixin.rb', line 413

def tls_server_session(**kwargs, &block)
  TLS.server_session(**kwargs, &block)
end

#tls_server_socket(socket, **kwargs) ⇒ OpenSSL::SSL::SSLSocket

Accepts an SSL session from an existing TCP socket.

Parameters:

• socket (TCPSocket) —

  The existing TCP socket.

• kwargs (Hash{Symbol => Object}) —

  Additional keyword arguments for #tls_socket.

Options Hash (**kwargs):

• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) — default: SSL.key —

  The RSA key to use for the TLS context.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) — default: SSL.cert —

  The X509 certificate to use for the TLS context.

• :version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The TLS version to use.

• :min_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The minimum TLS version to use.

• :max_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The maximum TLS version to use.

• :verify (Symbol, Boolean) —

  Specifies whether to verify the SSL certificate. May be one of the following:

  • :none
  • :peer
  • :fail_if_no_peer_cert
  • :client_once
• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) —

  The RSA key to use for the TLS context.

• :key_file (String) —

  The path to the TLS .key file.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) —

  The X509 certificate to use for the TLS context.

• :cert_file (String) —

  The path to the TLS .crt file.

• :ca_bundle (String) —

  Path to the CA certificate file or directory.

Returns:

• (OpenSSL::SSL::SSLSocket) —

  The new SSL Socket.

See Also:

• Ronin::Support::Network::TLS.server_socket

Since:

• 1.0.0

# File 'lib/ronin/support/network/tls/mixin.rb', line 347

def tls_server_socket(socket,**kwargs)
  TLS.server_socket(socket,**kwargs)
end

#tls_socket(socket, **kwargs) ⇒ OpenSSL::SSL::SSLSocket

Initiates an SSL session with an existing TCP socket.

Parameters:

• socket (TCPSocket) —

  The existing TCP socket.

• kwargs (Hash{Symbol => Object}) —

  Additional keyword arguments for Ronin::Support::Network::TLS.socket.

Options Hash (**kwargs):

• :version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The TLS version to use.

• :min_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The minimum TLS version to use.

• :max_version (1, 1.1, 1.2, 1.3, Symbol, nil) —

  The maximum TLS version to use.

• :verify (Symbol, Boolean) —

  Specifies whether to verify the SSL certificate. May be one of the following:

  • :none
  • :peer
  • :fail_if_no_peer_cert
  • :client_once
• :key (Crypto::Key::RSA, OpenSSL::PKey::RSA, nil) —

  The RSA key to use for the TLS context.

• :key_file (String) —

  The path to the TLS .key file.

• :cert (Crypto::Cert, OpenSSL::X509::Certificate, nil) —

  The X509 certificate to use for the TLS context.

• :cert_file (String) —

  The path to the TLS .crt file.

• :ca_bundle (String) —

  Path to the CA certificate file or directory.

Returns:

• (OpenSSL::SSL::SSLSocket) —

  The new SSL Socket.

Since:

• 1.0.0

# File 'lib/ronin/support/network/tls/mixin.rb', line 101

def tls_socket(socket,**kwargs)
  TLS.socket(socket,**kwargs)
end