vnc: anon tls encryption

author: Devaev Maxim <[email protected]> 2020-04-23 11:17:22 +0300
committer: Devaev Maxim <[email protected]> 2020-04-23 11:17:31 +0300
commit: 75669466cf6b68fbe209a6d2232aec6d49a51044 (patch)
tree: 74bdd3064eb76e0d5b6cabd2c6df07bc425e8ea5 /kvmd/apps/vnc/rfb/stream.py
parent: 820ef178710d8442e30c5b23d0ac0cb90be5150c (diff)
1 files changed, 26 insertions, 0 deletions
diff --git a/kvmd/apps/vnc/rfb/stream.py b/kvmd/apps/vnc/rfb/stream.py
index 843cfe54..49d86931 100644
--- a/kvmd/apps/vnc/rfb/stream.py
+++ b/kvmd/apps/vnc/rfb/stream.py
@@ -21,6 +21,7 @@
 
 
 import asyncio
+import ssl
 import struct
 
 from typing import Tuple
@@ -102,6 +103,31 @@ class RfbClientStream:
 
     # =====
 
+    async def _start_tls(self, ssl_context: ssl.SSLContext, ssl_timeout: float) -> None:
+        loop = asyncio.get_event_loop()
+
+        ssl_reader = asyncio.StreamReader()
+        protocol = asyncio.StreamReaderProtocol(ssl_reader)
+
+        transport = await loop.start_tls(
+            self.__writer.transport,
+            protocol,
+            ssl_context,
+            server_side=True,
+            ssl_handshake_timeout=ssl_timeout,
+        )
+
+        ssl_reader.set_transport(transport)
+        ssl_writer = asyncio.StreamWriter(
+            transport=transport,
+            protocol=protocol,
+            reader=ssl_reader,
+            loop=loop,
+        )
+
+        self.__reader = ssl_reader
+        self.__writer = ssl_writer
+
     def _close(self) -> None:
         try:
             self.__writer.close()
author	Devaev Maxim <[email protected]>	2020-04-23 11:17:22 +0300
committer	Devaev Maxim <[email protected]>	2020-04-23 11:17:31 +0300
commit	75669466cf6b68fbe209a6d2232aec6d49a51044 (patch)
tree	74bdd3064eb76e0d5b6cabd2c6df07bc425e8ea5 /kvmd/apps/vnc/rfb/stream.py
parent	820ef178710d8442e30c5b23d0ac0cb90be5150c (diff)