1.客户端的链接合法性验证:
恶意的登录:扫描端口(0-65535)
tcp没有做登录客户端时:
使用hmac生成对随机字符串的摘要
import os import hmac import socket def auth(conn): msg = os.urandom(32) #生成一个随机字符串 conn.send(msg) #发送到客户端 result = hmac.new(secret_key,msg) #处理这个字符串,得到一个结果 # print(result) client_digest = conn.recv(1024) # 接收客户端返回的处理结果 if result.hexdigest() == client_digest.decode('utf-8'): print('合法的链接') #对比成功可以继续通信 return True else: print('非法链接') return False secret_key = b'123' sk = socket.socket() sk.bind(('192.168.16.33',8088)) sk.listen() conn,addr = sk.accept() # print(conn) if auth(conn): print(conn.recv(1024)) conn.close() else: conn.close() sk.close()
import hmac import socket sk = socket.socket() sk.connect(('192.168.16.33',8088)) def auth(sk): # print(sk) msg = sk.recv(1024) result = hmac.new(key,msg) # print(result) res = result.hexdigest() sk.send(res.encode('utf-8')) key = b'123' auth(sk) sk.send(b'upload') sk.close()
2:socketserver模块;
tcp协议,一个服务端同时与对个客户端同时通信
import socketserver class Myserver(socketserver.BaseRequestHandler): def handle(self): conn = self.request while True: conn.send(b'abc') print(conn.recv(1024)) server = socketserver.ThreadingTCPServer(('192.168.16.33',8088),Myserver) server.serve_forever()
import socket sk = socket.socket() sk.connect(('192.168.16.33',8088)) while True: ret = sk.recv(1024) print(ret) sk.send(b'byebye') sk.close()