rex-socket 0.1.7 → 0.1.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 92ddd973eb7d16ebd11f040c398d294c62f8caf3
-  data.tar.gz: 59c01a8084132ba7df79382a23ff6ab835a5480e
+  metadata.gz: 18bb58a6a55981a1a6e883d7a60f99851162d6f8
+  data.tar.gz: 66d105060da27f4303522d2947196abab1bb58b1
 SHA512:
-  metadata.gz: 4d5161ad095c421332a0180bd18985d64bf7dc2abb719dce49a442b10bc8a7d5a976c34f18d5882969341c321b6af87328c52daed44fd0ce6cf2153b45e52b02
-  data.tar.gz: 35eb1b361afd7e6df0def370c54e6539f0619ff2f820193b3628595d7671e2abc6c7a42694a071195659f06d97791b2dc44fc15a40ee9a2e161426fbdbf86d9e
+  metadata.gz: 5226bee52b4a24107ef6673fe73002eba689ec865e82ffc534e6992f05c80223a47b005da96b8292cc6db9464608a4fb4a6d97863d1fcd4ef208de0b5ead7715
+  data.tar.gz: 77a6ee0ad79d35244ea92ed9fb7a20279886640acdd0150e233641d1e3e35afd248f35124691a67630f446e3d5f773d83cfb12ec33751c8e218ec38f75088fb7

data/lib/rex/socket/parameters.rb

@@ -148,6 +148,22 @@ class Rex::Socket::Parameters
       end
     end
 
+    if (hash['SSLClientCert'] and ::File.file?(hash['SSLClientCert']))
+      begin
+        self.ssl_client_cert = ::File.read(hash['SSLClientCert'])
+      rescue ::Exception => e
+        elog("Failed to read client cert: #{e.class}: #{e}", LogSource)
+      end
+    end
+
+    if (hash['SSLClientKey'] and ::File.file?(hash['SSLClientKey']))
+      begin
+        self.ssl_client_key = ::File.read(hash['SSLClientKey'])
+      rescue ::Exception => e
+        elog("Failed to read client key: #{e.class}: #{e}", LogSource)
+      end
+    end
+
     if hash['Proxies']
       self.proxies = hash['Proxies'].split(',').map{|a| a.strip}.map{|a| a.split(':').map{|b| b.strip}}
     end
@@ -353,10 +369,16 @@ class Rex::Socket::Parameters
   attr_accessor :ssl_compression
 
   #
-  # The SSL context verification mechanism
+  # The client SSL certificate
+  #
+  attr_accessor :ssl_client_cert
   #
+  # The client SSL key
+  #
+  attr_accessor :ssl_client_key
+  #
+  # SSL certificate verification mode for SSL context
   attr_accessor :ssl_verify_mode
-
   #
   # Whether we should use IPv6
   # @return [Bool]

data/lib/rex/socket/ssl_tcp.rb

@@ -37,7 +37,9 @@ begin
   end
 
   #
-  # Set the SSL flag to true and call the base class's create_param routine.
+  # Set the SSL flag to true,
+  # create placeholders for client certs,
+  # call the base class's create_param routine.
   #
   def self.create_param(param)
     param.ssl   = true
@@ -95,6 +97,16 @@ begin
     # Build the SSL connection
     self.sslctx  = OpenSSL::SSL::SSLContext.new(version)
 
+    # Configure client certificate
+    if params and params.ssl_client_cert
+      self.sslctx.cert = OpenSSL::X509::Certificate.new(params.ssl_client_cert)
+    end
+
+    # Configure client key
+    if params and params.ssl_client_key
+      self.sslctx.key = OpenSSL::PKey::RSA.new(params.ssl_client_key)
+    end
+
     # Configure the SSL context
     # TODO: Allow the user to specify the verify mode callback
     # Valid modes:
@@ -319,6 +331,20 @@ begin
     sslsock.peer_cert_chain if sslsock
   end
 
+  #
+  # Access to client cert
+  #
+  def client_cert
+    sslsock.sslctx.cert if sslsock
+  end
+
+  #
+  # Access to client key
+  #
+  def client_key
+    sslsock.sslctx.key if sslsock
+  end
+
   #
   # Access to the current cipher
   #

data/lib/rex/socket/version.rb

@@ -1,5 +1,5 @@
 module Rex
   module Socket
-    VERSION = "0.1.7"
+    VERSION = "0.1.8"
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rex-socket
 version: !ruby/object:Gem::Version
-  version: 0.1.7
+  version: 0.1.8
 platform: ruby
 authors:
 - David Maloney
@@ -88,7 +88,7 @@ cert_chain:
   G+Hmcg1v810agasPdoydE0RTVZgEOOMoQ07qu7JFXVWZ9ZQpHT7qJATWL/b2csFG
   8mVuTXnyJOKRJA==
   -----END CERTIFICATE-----
-date: 2017-06-25 00:00:00.000000000 Z
+date: 2017-06-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler