我正在寻找有关如何设置一个简单的 SSL 服务器的建议,该服务器侦听端口,并在设备连接时告诉设备断开连接,然后执行命令
背景:该设备是亚马逊仪表盘,当它连接时,消息是加密的,但我不关心该消息。
我将在 openwrt 路由器上运行它
我读过有关使用 netcat 和 openssl s_server 的信息,但我希望获得有关实现此目的的最佳方法的反馈和建议。
这是我当前使用 netcat 的解决方案:
while true; do
netcat -vv -l -p 443 -c < /www/default.html
curl -X POST http://maker.ifttt.com/trigger/button_pressed/with/key/<MY KEY>
sleep 5
完毕
对这个解决方案有什么想法吗?
答案1
我找到了这些用于设置 SSL 服务器来欺骗 Dash 按钮的说明。
https://mpetroff.net/2015/05/amazon-dash-button-teardown/
(请参阅 Mark 于 2015 年 8 月 9 日下午 5:39 发表的评论)
他使用了来自https://gist.github.com/jonathantneal/774e4b0b3d4d739cbc53
利用以上信息,我能够编写自己的 SSL 服务器。
import BaseHTTPServer, SimpleHTTPServer, ssl
class MyHTTPHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
def do_GET(s):
print 'GET', s.path
def do_POST(s):
print 'POST', s.path
if __name__ == "__main__":
# Create the server, binding to localhost on port 443
httpd = BaseHTTPServer.HTTPServer(('', 443), MyHTTPHandler)
httpd.socket = ssl.wrap_socket (httpd.socket, certfile='cert.pem', server_side=True)
httpd.serve_forever()
我得到的输出如下:
POST /2/b
POST /2/d
POST /2/d
POST /2/d
以上内容均来自单击。但是,它并不比仅处理传入连接的通用 TCP 服务器更有用。因为单击、双击和长按之间没有区别。
(您很可能需要欺骗 Dash 按钮来信任您的自签名证书。这就是我所做的)
$ openssl req -x509 -newkey rsa:2048 -out cert.pem -nodes -keyout cert.pem
Generating a 2048 bit RSA private key
.................................................+++
..................................................................................................................+++
writing new private key to 'cert.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Washington
Locality Name (eg, city) []:Seattle
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:Amazon.com, Inc.
Common Name (e.g. server FQDN or YOUR name) []:parker-gateway-na.amazon.com
Email Address []: