rex-socket 0.1.63 → 0.1.64
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/rex/socket/comm/local.rb +1 -2
- data/lib/rex/socket/ssl_tcp.rb +28 -79
- data/lib/rex/socket/ssl_tcp_server.rb +7 -18
- data/lib/rex/socket/tcp.rb +8 -0
- data/lib/rex/socket/version.rb +1 -1
- data/lib/rex/socket.rb +6 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1a33736b3aed4d8521995debf90923330d4229be27258e8b34eb275b6828b19e
|
|
4
|
+
data.tar.gz: 94fc8e11d711df827208ceba14c69b6f026203803fad52186853af063450e4ff
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1f6d553fd900432c16fc72561aace0ef12a9789ffc78ef744e37636fc75913a5efcf1178e6a35064d6ebdf74ab289e73a8317a1e708cf78fcf27336f2694e3fe
|
|
7
|
+
data.tar.gz: 0caafa60b338dfdc75d104029a3480044e8eeddc92da2db84cc3b677370150e5cb550a6e14054cb1f9cc00291d14a13b13d940fef72bf49127530dda228e63d8
|
|
@@ -324,8 +324,7 @@ class Rex::Socket::Comm::Local
|
|
|
324
324
|
|
|
325
325
|
# Now extend the socket with SSL and perform the handshake
|
|
326
326
|
if !param.bare? && param.ssl
|
|
327
|
-
|
|
328
|
-
sock.extend(klass)
|
|
327
|
+
sock.extend(Rex::Socket::SslTcp)
|
|
329
328
|
sock.initsock(param)
|
|
330
329
|
end
|
|
331
330
|
end
|
data/lib/rex/socket/ssl_tcp.rb
CHANGED
|
@@ -66,21 +66,19 @@ begin
|
|
|
66
66
|
super
|
|
67
67
|
|
|
68
68
|
version = params&.ssl_version || Rex::Socket::Ssl::DEFAULT_SSL_VERSION
|
|
69
|
-
# Raise an error if no selected versions are supported
|
|
70
|
-
unless Rex::Socket::SslTcp.system_ssl_methods.include? version
|
|
71
|
-
raise ArgumentError,
|
|
72
|
-
"This version of Ruby does not support the requested SSL/TLS version #{version}"
|
|
73
|
-
end
|
|
74
69
|
|
|
75
70
|
# Try initializing the socket with this SSL/TLS version
|
|
76
71
|
# This will throw an exception if it fails
|
|
77
72
|
initsock_with_ssl_version(params, version)
|
|
78
|
-
|
|
79
|
-
# Track the SSL version
|
|
80
|
-
self.ssl_negotiated_version = version
|
|
81
73
|
end
|
|
82
74
|
|
|
83
75
|
def initsock_with_ssl_version(params, version)
|
|
76
|
+
# Raise an error if no selected versions are supported
|
|
77
|
+
unless Rex::Socket::SslTcp.system_ssl_methods.include? version
|
|
78
|
+
raise ArgumentError,
|
|
79
|
+
"This version of Ruby does not support the requested SSL/TLS version #{version}"
|
|
80
|
+
end
|
|
81
|
+
|
|
84
82
|
# Build the SSL connection
|
|
85
83
|
self.sslctx = OpenSSL::SSL::SSLContext.new(version)
|
|
86
84
|
|
|
@@ -149,33 +147,22 @@ begin
|
|
|
149
147
|
|
|
150
148
|
# Force a negotiation timeout
|
|
151
149
|
begin
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
rescue ::Errno::EAGAIN, ::Errno::EWOULDBLOCK
|
|
160
|
-
IO::select(nil, nil, nil, 0.10)
|
|
161
|
-
retry
|
|
162
|
-
|
|
163
|
-
# Ruby 1.9.2+ uses IO::WaitReadable/IO::WaitWritable
|
|
164
|
-
rescue ::Exception => e
|
|
165
|
-
if ::IO.const_defined?('WaitReadable') and e.kind_of?(::IO::WaitReadable)
|
|
150
|
+
Timeout.timeout(params.timeout) do
|
|
151
|
+
if not allow_nonblock?
|
|
152
|
+
self.sslsock.connect
|
|
153
|
+
else
|
|
154
|
+
begin
|
|
155
|
+
self.sslsock.connect_nonblock
|
|
156
|
+
rescue ::IO::WaitReadable
|
|
166
157
|
IO::select( [ self.sslsock ], nil, nil, 0.10 )
|
|
167
158
|
retry
|
|
168
|
-
end
|
|
169
159
|
|
|
170
|
-
|
|
160
|
+
rescue ::IO::WaitWritable
|
|
171
161
|
IO::select( nil, [ self.sslsock ], nil, 0.10 )
|
|
172
162
|
retry
|
|
173
163
|
end
|
|
174
|
-
|
|
175
|
-
raise e
|
|
176
164
|
end
|
|
177
165
|
end
|
|
178
|
-
end
|
|
179
166
|
|
|
180
167
|
rescue ::Timeout::Error
|
|
181
168
|
raise Rex::ConnectionTimeout.new(params.peerhost, params.peerport)
|
|
@@ -215,34 +202,16 @@ begin
|
|
|
215
202
|
rescue ::IOError, ::Errno::EPIPE
|
|
216
203
|
return nil
|
|
217
204
|
|
|
218
|
-
|
|
219
|
-
|
|
220
|
-
# Sleep for a half a second, or until we can write again
|
|
221
|
-
Rex::ThreadSafe.select( nil, [ self.sslsock ], nil, retry_time )
|
|
222
|
-
# Decrement the block size to handle full sendQs better
|
|
223
|
-
block_size = 1024
|
|
224
|
-
# Try to write the data again
|
|
205
|
+
rescue ::IO::WaitReadable
|
|
206
|
+
IO::select( [ self.sslsock ], nil, nil, retry_time )
|
|
225
207
|
retry
|
|
226
208
|
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
IO::select( [ self.sslsock ], nil, nil, retry_time )
|
|
231
|
-
retry
|
|
232
|
-
end
|
|
233
|
-
|
|
234
|
-
if ::IO.const_defined?('WaitWritable') and e.kind_of?(::IO::WaitWritable)
|
|
235
|
-
IO::select( nil, [ self.sslsock ], nil, retry_time )
|
|
236
|
-
retry
|
|
237
|
-
end
|
|
238
|
-
|
|
239
|
-
# Another form of SSL error, this is always fatal
|
|
240
|
-
if e.kind_of?(::OpenSSL::SSL::SSLError)
|
|
241
|
-
return nil
|
|
242
|
-
end
|
|
209
|
+
rescue ::IO::WaitWritable
|
|
210
|
+
IO::select( nil, [ self.sslsock ], nil, retry_time )
|
|
211
|
+
retry
|
|
243
212
|
|
|
244
|
-
|
|
245
|
-
|
|
213
|
+
rescue ::OpenSSL::SSL::SSLError
|
|
214
|
+
return nil
|
|
246
215
|
end
|
|
247
216
|
|
|
248
217
|
total_sent
|
|
@@ -298,33 +267,16 @@ begin
|
|
|
298
267
|
rescue ::IOError, ::Errno::EPIPE
|
|
299
268
|
return nil
|
|
300
269
|
|
|
301
|
-
|
|
302
|
-
|
|
303
|
-
# Sleep for a tenth a second, or until we can read again
|
|
304
|
-
Rex::ThreadSafe.select( [ self.sslsock ], nil, nil, 0.10 )
|
|
305
|
-
# Decrement the block size to handle full sendQs better
|
|
306
|
-
block_size = 1024
|
|
307
|
-
# Try to write the data again
|
|
270
|
+
rescue ::IO::WaitReadable
|
|
271
|
+
IO::select( [ self.sslsock ], nil, nil, 0.10 )
|
|
308
272
|
retry
|
|
309
273
|
|
|
310
|
-
|
|
311
|
-
|
|
312
|
-
|
|
313
|
-
IO::select( [ self.sslsock ], nil, nil, 0.5 )
|
|
314
|
-
retry
|
|
315
|
-
end
|
|
316
|
-
|
|
317
|
-
if ::IO.const_defined?('WaitWritable') and e.kind_of?(::IO::WaitWritable)
|
|
318
|
-
IO::select( nil, [ self.sslsock ], nil, 0.5 )
|
|
319
|
-
retry
|
|
320
|
-
end
|
|
321
|
-
|
|
322
|
-
# Another form of SSL error, this is always fatal
|
|
323
|
-
if e.kind_of?(::OpenSSL::SSL::SSLError)
|
|
324
|
-
return nil
|
|
325
|
-
end
|
|
274
|
+
rescue ::IO::WaitWritable
|
|
275
|
+
IO::select( nil, [ self.sslsock ], nil, 0.10 )
|
|
276
|
+
retry
|
|
326
277
|
|
|
327
|
-
|
|
278
|
+
rescue ::OpenSSL::SSL::SSLError
|
|
279
|
+
return nil
|
|
328
280
|
end
|
|
329
281
|
|
|
330
282
|
end
|
|
@@ -409,7 +361,6 @@ begin
|
|
|
409
361
|
end
|
|
410
362
|
|
|
411
363
|
attr_reader :peer_verified # :nodoc:
|
|
412
|
-
attr_reader :ssl_negotiated_version # :nodoc:
|
|
413
364
|
attr_accessor :sslsock, :sslctx, :sslhash # :nodoc:
|
|
414
365
|
|
|
415
366
|
def type?
|
|
@@ -419,8 +370,6 @@ begin
|
|
|
419
370
|
protected
|
|
420
371
|
|
|
421
372
|
attr_writer :peer_verified # :nodoc:
|
|
422
|
-
attr_writer :ssl_negotiated_version # :nodoc:
|
|
423
|
-
|
|
424
373
|
|
|
425
374
|
rescue LoadError
|
|
426
375
|
end
|
|
@@ -71,24 +71,13 @@ module Rex::Socket::SslTcpServer
|
|
|
71
71
|
begin
|
|
72
72
|
ssl.accept_nonblock
|
|
73
73
|
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
if ::IO.const_defined?('WaitReadable') and e.kind_of?(::IO::WaitReadable)
|
|
82
|
-
IO::select( [ ssl ], nil, nil, 0.10 )
|
|
83
|
-
retry
|
|
84
|
-
end
|
|
85
|
-
|
|
86
|
-
if ::IO.const_defined?('WaitWritable') and e.kind_of?(::IO::WaitWritable)
|
|
87
|
-
IO::select( nil, [ ssl ], nil, 0.10 )
|
|
88
|
-
retry
|
|
89
|
-
end
|
|
90
|
-
|
|
91
|
-
raise e
|
|
74
|
+
rescue ::IO::WaitReadable
|
|
75
|
+
IO::select( [ self.sslsock ], nil, nil, 0.10 )
|
|
76
|
+
retry
|
|
77
|
+
|
|
78
|
+
rescue ::IO::WaitWritable
|
|
79
|
+
IO::select( nil, [ self.sslsock ], nil, 0.10 )
|
|
80
|
+
retry
|
|
92
81
|
end
|
|
93
82
|
end
|
|
94
83
|
|
data/lib/rex/socket/tcp.rb
CHANGED
|
@@ -58,4 +58,12 @@ module Rex::Socket::Tcp
|
|
|
58
58
|
return 'tcp'
|
|
59
59
|
end
|
|
60
60
|
|
|
61
|
+
def starttls(param)
|
|
62
|
+
param = Rex::Socket::Parameters.from_hash(param) if param.is_a? Hash
|
|
63
|
+
|
|
64
|
+
param.ssl = true
|
|
65
|
+
extend(Rex::Socket::SslTcp)
|
|
66
|
+
initsock_with_ssl_version(param, (param.ssl_version || Rex::Socket::Ssl::DEFAULT_SSL_VERSION))
|
|
67
|
+
nil
|
|
68
|
+
end
|
|
61
69
|
end
|
data/lib/rex/socket/version.rb
CHANGED
data/lib/rex/socket.rb
CHANGED
|
@@ -760,6 +760,9 @@ module Socket
|
|
|
760
760
|
raise "Thread #{i} - error #{e} - last child error: #{last_child_error}"
|
|
761
761
|
end
|
|
762
762
|
|
|
763
|
+
lsock.extend(Rex::Socket::Tcp)
|
|
764
|
+
rsock.extend(Rex::Socket::Tcp)
|
|
765
|
+
|
|
763
766
|
return [lsock, rsock]
|
|
764
767
|
end
|
|
765
768
|
|
|
@@ -779,6 +782,9 @@ module Socket
|
|
|
779
782
|
|
|
780
783
|
lsock.connect( *rsock.addr.values_at(3,1) )
|
|
781
784
|
|
|
785
|
+
lsock.extend(Rex::Socket::Udp)
|
|
786
|
+
rsock.extend(Rex::Socket::Udp)
|
|
787
|
+
|
|
782
788
|
return [lsock, rsock]
|
|
783
789
|
end
|
|
784
790
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rex-socket
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.64
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Metasploit Hackers
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-
|
|
11
|
+
date: 2025-12-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rake
|