1

Day 35 验证客户端的合法性+socketserver

一 、getpeername和getsoketopt的用法

服务器端代码

 

import socket
sk =socket.socket()
sk.bind(('127.0.0.1',9000))
sk.listen()
conn,addr =sk.accept()
conn.send(b'gdadfadsd')
print('getpeername:\n',conn.getpeername())  #连接到当前套接字的远端地址.
print('getsocketop:\n',sk.getsockopt(socket.SOL_SOCKET,socket.SO_REUSEADDR))#返回指定套接字的参数
conn.recv(1024)
conn.close()
sk.close()

结果

 

 客户端代码

 

import socket
sk=socket.socket()
sk.connect(('127.0.0.1',9000))
sk.send(b'helllo')
ret =sk.recv(1024)
print(ret)
sk.close()

 

 

二 、将对server与client双向传输的数据进行md5加密操作()

 

验证客户端的合法性

 

Server端
import hashlib import socket sk
=socket.socket() sk.bind(('127.0.0.1',8083)) sk.listen() conn,addr =sk.accept() send_str ="helloword" secret_key = b'hello' conn.send(send_str.encode('utf-8'))#把字符串发过去 #留着比对用 md5_obj =hashlib.md5(secret_key)#md5加密 md5_obj.update(send_str.encode('utf-8')) #send_str进行加密,留着然后和client返回的做对比 sercret_ret =md5_obj.hexdigest() # 摘要之后是一串字符串. print(sercret_ret) # conn.send(sercret_ret.encode('utf-8')) if sercret_ret ==conn.recv(1024).decode('utf-8'): print("客户端为合法身份") else: print("客户端为非法身份")


客户端
import socket
import hashlib
ADDR = ('127.0.0.1',8083)
sk =socket.socket()
sk.connect(ADDR)

secret_key = b'hello'
md5_obj =hashlib.md5(secret_key)
msg = sk.recv(1024)
print(msg.decode('utf-8'))
md5_obj.update(msg)
secret_ret =md5_obj.hexdigest()#摘要结果为字符串格式.
print(secret_ret)
sk.send(secret_ret.encode('utf-8'))

输出结果

 


 

 

 

 

 

 

 

 

 

 

 

服务器端

import os
import socket
import hashlib
def check_client(conn):
    secret_key =b'egg'#秘钥
    send_str ='这是一个随机的字符串'
    conn.send(send_str.encode('utf-8'))
    md5_obj =hashlib.md5(secret_key)         #加盐也要转换成bytes类型
    md5_obj.update(send_str.encode('utf-8'))# update摘要必须是byte类型.
    secret_ret =md5_obj.hexdigest()         #摘要后的结果字符串类型str
    if conn.recv(1024).decode('utf-8')==secret_ret:
        print('合法的客户端')
        return  True
    else:
        print('非法的客户端')
        return False
sk =socket.socket()
sk.bind(('127.0.0.1',8000))
sk.listen()
conn,addr =sk.accept()
check_client(conn)
conn.close()
sk.close()

输出结果:

 

 

客户端

import socket 
import
hashlib sk=socket.socket() sk.connect(('127.0.0.1',8000)) recv =sk.recv(1025) #用相同的手法对这个字符串进行摘要. secret_key = b'egg'#秘钥 md5_obj = hashlib.md5(secret_key) #加盐的方式进行md5加密. md5_obj.update(recv) #摘要以bytes类型摘要. ret = md5_obj.hexdigest() #加密后是字符串的形式. sk.send(ret.encode('utf-8')) # 发送以bytes类型发送. sk.close()

 

 

三 、将对server与client双向传输的数据进行md5加密操作(),然后制作了一个小聊天工具. 

 

服务器端

 

 

import os
import socket
import hashlib
def check_client(conn):
    secret_key =b'egg'#秘钥
    send_str ='这是一个随机的字符串'
    conn.send(send_str.encode('utf-8'))
    md5_obj =hashlib.md5(secret_key)         #加盐也要转换成bytes类型
    md5_obj.update(send_str.encode('utf-8'))# update摘要必须是byte类型.
    secret_ret =md5_obj.hexdigest()         #摘要后的结果字符串类型str
    if conn.recv(1024).decode('utf-8')==secret_ret:
        print('合法的客户端')
        return  True
    else:
        print('非法的客户端')
        return False
sk =socket.socket()
sk.bind(('127.0.0.1',8002))
sk.listen()
conn,addr =sk.accept()
ret = check_client(conn)
while ret :
    inp = input('>>>>')
    conn.send(inp.encode('utf-8'))
    msg = conn.recv(1024)
    print(msg.decode('utf-8'))
conn.close()
sk.close()

 

结果 

 

 客户端:

 

import socket
import hashlib
sk = socket.socket()
sk.connect(('127.0.0.1',8002))
recv =sk.recv(1024)
#用相同的手法对这个字符串进行摘要.
secret_key = b'egg'#秘钥
md5_obj = hashlib.md5(secret_key)  #加盐的方式进行md5加密.
md5_obj.update(recv)        #摘要以bytes类型摘要.
ret = md5_obj.hexdigest()  #加密后是字符串的形式.
sk.send(ret.encode('utf-8')) # 发送以bytes类型发送.
msg =sk.recv(1024)
if msg:
    print(msg.decode('utf-8'))
    while True:
        inp = input(">>>>")
        sk.send(inp.encode('utf-8'))
        msg =sk.recv(1024)
        print(msg.decode('utf-8'))
sk.close()

结果:

 

 四 、验证客户端合法性的方法HMAC

 

 

import os
import hmac
#内置模块
#简单的网络编程中的客户端合法性验证。
ret =os.urandom(32)
print(os.urandom(32))#每次运行都会生成一个32位的随机字节
# 输出结果
# b'\xa8=\xd2}\xe2\xdcc\xbd\xc3X\xf4\xe2\xcfW\xe02LD\xd8\xa0\x10e\xbcR0\x02\xf8\xc1\x0ez9\xf1'

hmac_obj =hmac.new(b'egg',ret)
ret2 =hmac_obj.digest()
print(ret2)
# 输出结果
# b'\xf9\x0c\xa8{\xb1\xb0\xf7\xda\xa7\xb9\x8d\xe3\x1f\x9e\xa0\x87'
#

 

 

 

 服务器端

import hmac 
import os
import socket
import hmac
def check_client(conn):
secret_key =b'egg'#秘钥
send_str ='这是一个随机的字符串'
  send_str = os.urandom(32)
conn.send(send_str.encode('utf-8'))
  conn.send(send_str)
md5_obj =hashlib.md5(secret_key) #加盐也要转换成bytes类型
  md5_obj =hmac.new(secret_key,send_str)
md5_obj.update(send_str.encode('utf-8'))# update摘要必须是byte类型.
secret_ret =md5_obj.hexdigest() #摘要后的结果字符串类型str
  secret_ret =md5_obj.digest() hmac 摘要后的结果是bytes

if conn.recv(1024).decode('utf-8')==secret_ret:
    if conn.recv(1024)==secret_ret:  两个bytes类型进行对比 

print('合法的客户端')
return True
else:
print('非法的客户端')
return False
sk =socket.socket()
sk.bind(('127.0.0.1',8002))
sk.listen()
conn,addr =sk.accept()
ret = check_client(conn)
while ret :
inp = input('>>>>')
conn.send(inp.encode('utf-8'))
msg = conn.recv(1024)
print(msg.decode('utf-8'))
conn.close()
sk.close()

 

 

 

客户端

# sk.connect(('127.0.0.1',8002))
# recv =sk.recv(1024)
# #用相同的手法对这个字符串进行摘要.
# secret_key = b'egg'#秘钥
# md5_obj = hashlib.md5(secret_key)  #加盐的方式进行md5加密.
md5_obj=hmac.new(secret_key,recv)
# ret = md5_obj.digest()  #加密后是字符串的形式.
# sk.send(ret.encode('utf-8')) # 发送以bytes类型发送.
# sk.send(ret) #

# msg =sk.recv(1024)
# if msg:
#     print(msg.decode('utf-8'))
#     while True:
#         inp = input(">>>>")
#         sk.send(inp.encode('utf-8'))
#         msg =sk.recv(1024)
#         print(msg.decode('utf-8'))
# sk.close()

 

 

五、socketserver

 

tcp的问题 : 1 黏包 

      2 . 线程不释放.

 

服务器端

 

import socketserver
class MyServer(socketserver.BaseRequestHandler):
    def handle(self):
        self.request.send(b'hello')      #conn
        msg=self.request.recv(1024).decode('utf-8')
        print(msg)
server = socketserver.ThreadingTCPServer(
    ('127.0.0.1',9000),
    MyServer)
server.serve_forever()

客户端

import socket
sk =socket.socket()
sk.connect(('127.0.0.1',9000))
print(sk.recv(1024))
msg= input(">>>>").encode('utf-8')
sk.send(msg)
sk.close()

 

 

 

 

 

服务器端

import json
import hashlib
import socketserver
def md5_pwd(user,pwd):
    md5_obj = hashlib.md5(user.encode('utf-8'))
    md5_obj.update(pwd.encode('utf-8'))
    ret = md5_obj.hexdigest()
    return ret

def login(userinfo):
    user_dic = json.loads(userinfo)
    passwd = md5_pwd(user_dic['username'], user_dic['passwd'])
    with open('userinfo') as f:
        for line in f:
            user, pwd = line.split('|')
            if user_dic['username'] == \
            user and passwd == pwd:
                print('登录成功')
                break

class MyServer(socketserver.BaseRequestHandler):
    def handle(self):
        userinfo = self.request.recv(1024).decode('utf-8')
        login(userinfo)

server = socketserver.ThreadingTCPServer(
                ('127.0.0.1',9000),
                MyServer)
server.serve_forever()

 

客户端

 

 

import json
import socket
ADDR = ('127.0.0.1',9000)
def get_socket():
    sk = socket.socket()
    sk.connect(ADDR)
    return sk
# 输入账号
username = input('username >>>')
passwd = input('password >>>')
if username.strip() and passwd.strip():
    sk = get_socket()
    dic = {'username':username,'passwd':passwd}
    str_dic = json.dumps(dic)
    sk.send(str_dic.encode('utf-8'))
sk.close()
# 连接socket

 

 

六 、 作业题 

 

posted @ 2018-03-22 15:00  萌哥-爱学习  阅读(268)  评论(0编辑  收藏  举报