rex-socket 0.1.29 → 0.1.30
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/lib/rex/socket/parameters.rb +22 -5
- data/lib/rex/socket/ssl.rb +11 -1
- data/lib/rex/socket/ssl_tcp.rb +3 -24
- data/lib/rex/socket/version.rb +1 -1
- metadata +2 -2
- metadata.gz.sig +1 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 647d60dcc0fb176246243a7eaed1ca68a35c596c7034cf4de863ca233d08d9f0
|
4
|
+
data.tar.gz: 80fcd4c8fe671a6da97a5e262700331dfa5fe0292c679952b510abdc7af13cfa
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a5c001e83da2f988ff40eefcd5175bdf0684b22c5529820be68c9eda4b6d862a6f88bbd39a950941a30bcccc5b9a21479a44982e56a4e351b353c0ce480bc9a9
|
7
|
+
data.tar.gz: bdc211d907a45d1a0701fbc34721712fec81dea7e9417d1b3e94259916e13779a1e91e1742fd2b9526aaf4c8839c62373e58183c3ac7ad7dea64c3b8fd5d093d
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data.tar.gz.sig
CHANGED
Binary file
|
@@ -110,10 +110,7 @@ class Rex::Socket::Parameters
|
|
110
110
|
self.sslctx = hash['SSLContext']
|
111
111
|
end
|
112
112
|
|
113
|
-
|
114
|
-
if (hash['SSLVersion'] and supported_ssl_versions.include? hash['SSLVersion'])
|
115
|
-
self.ssl_version = hash['SSLVersion']
|
116
|
-
end
|
113
|
+
self.ssl_version = hash.fetch('SSLVersion', nil)
|
117
114
|
|
118
115
|
supported_ssl_verifiers = %W{CLIENT_ONCE FAIL_IF_NO_PEER_CERT NONE PEER}
|
119
116
|
if (hash['SSLVerifyMode'] and supported_ssl_verifiers.include? hash['SSLVerifyMode'])
|
@@ -383,7 +380,27 @@ class Rex::Socket::Parameters
|
|
383
380
|
|
384
381
|
# What version of SSL to use (Auto, SSL2, SSL3, SSL23, TLS1)
|
385
382
|
# @return [String,Symbol]
|
386
|
-
|
383
|
+
attr_reader :ssl_version
|
384
|
+
def ssl_version=(version)
|
385
|
+
# Let the caller specify a particular SSL/TLS version
|
386
|
+
case version
|
387
|
+
when 'SSL2'
|
388
|
+
version = :SSLv2
|
389
|
+
# 'TLS' will be the new name for autonegotation with newer versions of OpenSSL
|
390
|
+
when 'SSL23', 'TLS', 'Auto'
|
391
|
+
version = :SSLv23
|
392
|
+
when 'SSL3'
|
393
|
+
version = :SSLv3
|
394
|
+
when 'TLS1','TLS1.0'
|
395
|
+
version = :TLSv1
|
396
|
+
when 'TLS1.1'
|
397
|
+
version = :TLSv1_1
|
398
|
+
when 'TLS1.2'
|
399
|
+
version = :TLSv1_2
|
400
|
+
end
|
401
|
+
|
402
|
+
@ssl_version = version
|
403
|
+
end
|
387
404
|
|
388
405
|
# What specific SSL Cipher(s) to use, may be a string containing the cipher
|
389
406
|
# name or an array of strings containing cipher names e.g.
|
data/lib/rex/socket/ssl.rb
CHANGED
@@ -11,6 +11,9 @@ require 'openssl'
|
|
11
11
|
###
|
12
12
|
module Rex::Socket::Ssl
|
13
13
|
|
14
|
+
# Default to SSLv23 (automatically negotiate)
|
15
|
+
DEFAULT_SSL_VERSION = :SSLv23
|
16
|
+
|
14
17
|
module CertProvider
|
15
18
|
|
16
19
|
def self.ssl_generate_subject(cn: nil, org: nil, loc: nil, st: nil)
|
@@ -122,7 +125,14 @@ module Rex::Socket::Ssl
|
|
122
125
|
key, cert, chain = ssl_generate_certificate(cert_vars: {cn: params.ssl_cn})
|
123
126
|
end
|
124
127
|
|
125
|
-
|
128
|
+
version = params&.ssl_version || DEFAULT_SSL_VERSION
|
129
|
+
# Raise an error if no selected versions are supported
|
130
|
+
unless Rex::Socket::SslTcp.system_ssl_methods.include? version
|
131
|
+
raise ArgumentError,
|
132
|
+
"This version of Ruby does not support the requested SSL/TLS version #{version}"
|
133
|
+
end
|
134
|
+
|
135
|
+
ctx = OpenSSL::SSL::SSLContext.new(version)
|
126
136
|
ctx.key = key
|
127
137
|
ctx.cert = cert
|
128
138
|
ctx.extra_chain_cert = chain
|
data/lib/rex/socket/ssl_tcp.rb
CHANGED
@@ -65,35 +65,14 @@ begin
|
|
65
65
|
def initsock(params = nil)
|
66
66
|
super
|
67
67
|
|
68
|
-
|
69
|
-
version = :SSLv23
|
70
|
-
|
71
|
-
# Let the caller specify a particular SSL/TLS version
|
72
|
-
if params
|
73
|
-
case params.ssl_version
|
74
|
-
when 'SSL2', :SSLv2
|
75
|
-
version = :SSLv2
|
76
|
-
# 'TLS' will be the new name for autonegotation with newer versions of OpenSSL
|
77
|
-
when 'SSL23', :SSLv23, 'TLS', 'Auto'
|
78
|
-
version = :SSLv23
|
79
|
-
when 'SSL3', :SSLv3
|
80
|
-
version = :SSLv3
|
81
|
-
when 'TLS1','TLS1.0', :TLSv1
|
82
|
-
version = :TLSv1
|
83
|
-
when 'TLS1.1', :TLSv1_1
|
84
|
-
version = :TLSv1_1
|
85
|
-
when 'TLS1.2', :TLSv1_2
|
86
|
-
version = :TLSv1_2
|
87
|
-
end
|
88
|
-
end
|
89
|
-
|
68
|
+
version = params&.ssl_version || Rex::Socket::Ssl::DEFAULT_SSL_VERSION
|
90
69
|
# Raise an error if no selected versions are supported
|
91
70
|
unless Rex::Socket::SslTcp.system_ssl_methods.include? version
|
92
71
|
raise ArgumentError,
|
93
|
-
"This version of Ruby does not support the requested SSL/TLS version #{
|
72
|
+
"This version of Ruby does not support the requested SSL/TLS version #{version}"
|
94
73
|
end
|
95
74
|
|
96
|
-
# Try
|
75
|
+
# Try initializing the socket with this SSL/TLS version
|
97
76
|
# This will throw an exception if it fails
|
98
77
|
initsock_with_ssl_version(params, version)
|
99
78
|
|
data/lib/rex/socket/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rex-socket
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.30
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Metasploit Hackers
|
@@ -93,7 +93,7 @@ cert_chain:
|
|
93
93
|
EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
|
94
94
|
9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
|
95
95
|
-----END CERTIFICATE-----
|
96
|
-
date: 2021-
|
96
|
+
date: 2021-08-05 00:00:00.000000000 Z
|
97
97
|
dependencies:
|
98
98
|
- !ruby/object:Gem::Dependency
|
99
99
|
name: rake
|
metadata.gz.sig
CHANGED
@@ -1,4 +1 @@
|
|
1
|
-
|
2
|
-
�;�n"7&F����+8f��V�3f�V���fzi���*�/d�����{G��Q
|
3
|
-
��mN�ͤM^2*ʪhP�]]p,E�7.���mž�!����z����C
|
4
|
-
S����Di�9-z�j�k�8��b6�eae\�����7Ͻ����9�̵����J�7j������]jt2��=�����4[a�� Wj�����\��������s��j��TiYd�Xx���r�
|
1
|
+
�D~�[8Yo�:�a�㎊� �<�|�iq����tp�I>��|@W��:�y'�x����/��1���(�%M��B��P\0?���f����O��K�W+�O�l,�y�����AdR�/��U��xe�_�3ʊqX�,Z���O��80)�����i�Rp;��+a/F��d�Y��']N��%)���r\�1=YJK�_�H�i6~����2�i4�**�ͭ�XY.�")5eފ"k�Wŋ����k s
|