網路程式設計筆記(4)——hmac模組:驗證客戶端的合法性
阿新 • • 發佈:2020-08-10
內容詳細
- hmac-驗證客戶端的合法性
內容目錄
hmac
-
監測一下客戶端是否合法
-
不依靠登入認證
import hmac hmac.new() # secret_key,你想進行加密的bytes sercret = h.digest() # 密文 hmac.compare_digest() # 對比 密文與另外一個密文 -
檢驗客戶端連線的可靠性-檢查
# Server端: import os import socket import hmac secret_key = b'egg' sk = socket.socket() sk.bind(('127.0.0.1',8080)) sk.listen() def check_conn(conn): msg = os.urandom(32) conn.send(msg) h = hmac.new(secret_key,msg) digest = h.digest() client_digest = conn.recv(1024) return hmac.compare_digest(digest,client_digest) conn,addr = sk.accept() res = check_conn(conn) if res: print('合法的客戶端') conn.close() else: print('不合法的客戶端') conn.close() sk.close() # Client端: import socket import hmac secret_key = b'egg' sk = socket.socket() sk.connect(('127.0.0.1',8080)) msg = sk.recv(1024) h = hmac.new(secret_key,msg) digest = h.digest() sk.send(digest) sk.close() -
os.urandom -- 生成一個隨機位數的二進位制
import os msg = os.urandom(32) print(msg) #b'\xc0\x1c.\xa4\xda\xd3\xd4\xef\xe1`\x8aP\x05}\x9c\x9f\x1f\xa6]\x97NU6\xea\xc3\x01n\xd1\x8f\x1e\x90\x04' -
socketserver模組--多執行緒
# server端: import socketserver class MyServer(socketserver.BaseRequestHandler): #必須繼承socketserver.BaseRequestHandler這個類 def handle(self): #必須有handle這個方法 # print(self.request.recv(1024)) # self.request相當於conn while True: msg = self.request.recv(1024).decode('utf-8') if msg == 'q': break print(msg) info = input('>>>>') self.request.send(info.encode('utf-8')) if __name__ == '__main__': server = socketserver.ThreadingTCPServer(('127.0.0.1',8080),MyServer) # thread 執行緒 server.serve_forever() # Client端: import socket sk = socket.socket() sk.connect(('127.0.0.1',8080)) while True: msg = input('>>>:') if msg == 'q': sk.send(b'q') break sk.send(msg.encode('utf-8')) ret = sk.recv(1024).decode('utf-8') print(ret) sk.close()