fix(client): dont verify self-signed certificate

- Updated server cert and key
2024-08-27 14:21:24 -04:00 · 2024-08-27 14:21:24 -04:00 · 604a846143
commit 604a846143
parent 7573f1769f
4 changed files with 148 additions and 49 deletions
--- a/server.crt
+++ b/server.crt
@ -1,23 +1,30 @@
 -----BEGIN CERTIFICATE-----
-MIID6TCCAtGgAwIBAgIUA6R0Oohkukp0PbSKG2yCqBv7YL0wDQYJKoZIhvcNAQEL
-BQAwgZsxCzAJBgNVBAYTAkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1v
-bnRyZWFsMRMwEQYDVQQKDApNaW5oVHJhbkxUMRowGAYDVQQLDBFRdWljUmVmbGVj
-dGlvbkF0azERMA8GA1UEAwwITWluaFRyYW4xJDAiBgkqhkiG9w0BCQEWFW1pbmhA
-bWluaHRyYW5uaGF0LmNvbTAgFw0yNDA4MTgxOTAwNTBaGA8zMDEwMDQxMjE5MDA1
-MFowgZsxCzAJBgNVBAYTAkNBMQ8wDQYDVQQIDAZRdWViZWMxETAPBgNVBAcMCE1v
-bnRyZWFsMRMwEQYDVQQKDApNaW5oVHJhbkxUMRowGAYDVQQLDBFRdWljUmVmbGVj
-dGlvbkF0azERMA8GA1UEAwwITWluaFRyYW4xJDAiBgkqhkiG9w0BCQEWFW1pbmhA
-bWluaHRyYW5uaGF0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-AMbS8p4wjNHUfnGc8sGdBRIEOMHQ+/QCtKnltgkt0i3fVfl0x9iMsORQjayLvJRJ
-zgfA7yO6bpIVM4XfJavIxSyLCZT7uHEYWPfzNmvGHiOhdr9wuI6XMbeDDEU09t1A
-pYWA+yiW6yDWQcg3fKA4DsmMFP5ebHPtDO+Wz3jtRkatynCD9AsAxqPmy7v/ruBB
-sELyVvFGORDUk5po2OSrRb7Awlkwx2LhkhMYH7pNXmkJYbSjc8k0krWcQQLU7c17
-c81PQvmb7Co9I6hVqZ0yxzmJ8G+EWtJSEdPNGLO8dUkvH6tmWZNgb2RMB3QMRsJF
-LDFu0bt3OI/wwDrSwfU3dykCAwEAAaMhMB8wHQYDVR0OBBYEFPQrcuSoVRkrKJlZ
-Beg7I2ssQpf1MA0GCSqGSIb3DQEBCwUAA4IBAQA/fuJy0ROp2zd2F8fKaoteC/7f
-GQmd9AGPqdpuadxxFaOgpX2Skrf42p4GgPalPr2D7YZOxhmraSFWVHlSSxrSjiK0
-fpLE8SGvL8ioGiFwiMza+m9+lOYdN1oPiHLFnklkRGIjAK09HCe3bYdhyOpCSYD9
-ANqTAUNG1KN0PKFK+VoAK188fdbTF6vDc1PEVo/ManEeNzLIc/KModme264NJQhE
-h4q21gbVaH+DdwpMZP29E+FLiOo+27BI1cwWyofv763BzWsZzwqGP3sK9vz6l8CK
-giNruYNoQ/5Nd2xkB86sOdaryl6FYTCyr3p+oqGcfao5r0PY1B7ZYrFFhb6W
+MIIFJTCCAw2gAwIBAgIUStbzfUkyh004WIO7yHeZlPDR3/EwDQYJKoZIhvcNAQEL
+BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTI0MDgyNDIzNDEzNFoXDTI1MDgy
+NDIzNDEzNFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEApZ7WPIZb4JW1Yz9cHpWeKern3oY2u/aMQpcq52RlJP66
+7X+DgUPLSa4tRZRjub6Bg7GCBlmT74Bh/Cly5NXN5V6zwBRZV595tT4TuE38y0sY
+xFVPdvBbdpPbzAySohSuDkLfz5A439vj+lZqEPoIV3nFXwEJxuqqHLj+56AOO1B6
+woZ2OWiqjQV8xAIpVTv/uxXEGx44upN8pPuHymNUgaLNvHV3ww4HCVGRSnw5pL7L
+y8/ZoWhdhYN8fU0xKk8ZNqOEl6zSNJB/gLJxeViYcTokSliLpcs6A6B3oeDRe7mc
+HqzPa9zEzIKjuDQPn+DX+VGGp9NnKhDHcPXZzHIWjeW32xPMLC8ma+izWHQ2RQF
+HlMS+zWvEDXjoCjYsLgjcAQaJinDKBJBcKLxK418uG/fAs8YIP/eLMfWbgKqhJgv
+xAY8F2S5wozQFpGE2AUfIzpjA9AB6/GwK6PG/8TTAYuT/zqwvceY6RacowPO3La+
+9L0W5T3SUuE8IwtOgSdkZa8NQlROsyeR8o/iSmRrxWOT5bwLYDucA0aspvxHVcjz
+W0vKtz7FZTZOoq5gb7Feb7EIw66pTg3yervHYM6P3KP/ExAfM5J4E7PXFxn33Q49
+HxikVjBv283D7w5vub8IX6rns5WDrbbwXVbM8j5z7SCwyBX469b1o2wSMCR21vkC
+AwEAAaNvMG0wHQYDVR0OBBYEFM/oF51PrSg/y9Z9JyhpGPdJukaTMB8GA1UdIwQY
+MBaAFM/oF51PrSg/y9Z9JyhpGPdJukaTMA8GA1UdEwEB/wQFMAMBAf8wGgYDVR0R
+BBMwEYIJbG9jYWxob3N0hwR/AAABMA0GCSqGSIb3DQEBCwUAA4ICAQBIo9ioeApm
+Me4doXNLcrv0ntfkqEmT8w9Y7jRl0LClm8ywXh+WjN0QBf+1dTl3frVoyz8R3zjr
+H9Bz3B7RFAHa3ytE/o5MvWSyFx+CVs7NZztYKTLDWzuxfAnT/Nuo8wDMVq8CtF77
+6DhciCFD0W83zTr8QLORUIrh2MP2WW7y3lfg9+FaWDd00s0h9pb/sX17HMud7wu+
+TPF/I6XWhqxlGuGeTigYI/w9LXdjgY6c7ADRFv5oXrEWG9jDHiUZGRsUr62nb6JF
+cWFjRwV77SKLT79WzkfHADVm9ucOt6v1c1E9dv3jZTlNy3tEkkW6dhGBlSPGGIgR
+g67KRljfye6EgCqR+8W+d6j7Y4Qn7mI2ciBTWtFH1a5TNmk0MujdJrkaPfq0zDKS
+N8jrDfWMzUEL8tOFjiVdEtFSwCCgztBuPloML8pR3xjTN3+rhXiygoq4p42V2dGu
+DWkmYNP9ijuiy6VoI2iLmG0WWd3YFmBI7pFiGrmZaeBpqbxlIxzFveQ/cIksmc35
+YdI6vcK4mcDdq7u/o+ApW2DqQ1117u+YvR8Ulx611U9MEfbsxuaeTXcORP0Rl7lo
+fxy8cVhL3yHrz+qkbyXXqdwKekNdNlaIkXkVITUz207Hr66e2vjxYVFSguxTa1Gw
+IBjlPxEZ0hLvVZYJHVFWyPdOHjO77r5v7g==
 -----END CERTIFICATE-----
--- a/server.key
+++ b/server.key
@ -1,28 +1,52 @@
 -----BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDG0vKeMIzR1H5x
-nPLBnQUSBDjB0Pv0ArSp5bYJLdIt31X5dMfYjLDkUI2si7yUSc4HwO8jum6SFTOF
-3yWryMUsiwmU+7hxGFj38zZrxh4joXa/cLiOlzG3gwxFNPbdQKWFgPsolusg1kHI
-N3ygOA7JjBT+Xmxz7Qzvls947UZGrcpwg/QLAMaj5su7/67gQbBC8lbxRjkQ1JOa
-aNjkq0W+wMJZMMdi4ZITGB+6TV5pCWG0o3PJNJK1nEEC1O3Ne3PNT0L5m+wqPSOo
-VamdMsc5ifBvhFrSUhHTzRizvHVJLx+rZlmTYG9kTAd0DEbCRSwxbtG7dziP8MA6
-0sH1N3cpAgMBAAECggEACDWZkvKKPfe6KNLEKz5igTXvagFJBfA+qW00sPhVX1OD
-Z0NtJQHaI/M3hlJWvQC3IxbSSPVfr2R0tihak9c8XPR4ttAV84V/1u0R6C1L/Uij
-cJAk7q5LfTpJ/WmMb+JFc1e6BxkEKFzwZmX0HWFzKts/2qjnbXnyOMpPUrzpU+2y
-b+Y+o8FW3RRCvxADm5U4YrQPaJsObScduK9xxK95RoTvp27oXtu7vL2MqCZbucbQ
-lua4u29T5U5XKGIqd8G7UTsj2nXVFArqXGG0N0CIQnyqbNGLrrpAd9FuyJeXnsgP
-xBh2H+CcXBsDrqqfk45pzme76dQRN9SDsfFy7CIESQKBgQDt8XQDivYYOh+syF58
-OYKjrqEEoaBQQkqY8m48KbopnRmPHiy7JbWM7wWsEWDgItGtATBDvPPzx6FnhqJO
-80S0VD0P91a4WUy7a1A1SQvyI9ZUaJVEsWHQY5lzMmU3NJHeYo/lovtQ3h5DgNL8
-gHpCgSxmUKT48CsrZikDf0BZCwKBgQDV6YXECThpT/BikDkRxF+w0fUqg6L5P4pG
-W857y6n4j5BKFwNPPbrREEXI1RpLLM/8D0gVKlS9hYOamWZiH6J+3I1FltRJxrju
-Q9OiyKI+MErj+bEq6nPVA8tV2IfZYsmq2S7K8XXvuMG/QAOIHIT3O/B2Plvk0DwS
-O6yAD7QZGwKBgBwuZsEsqi0AZVP/f0FTRmfAfQ2hXu1ijJdEz02M26GmG6rZtg6M
-Ts5cWN2iSUkClrbY1zCOpo4O7MzoIz0ajt6Uw46qirjWysG/2gYVmraZC/9/S36R
-S7Z0tW3xYA+DyGsAXW6jOQTA6fCwx0xkoxZRWkLb9k4Nk+9V8DGb1rE1AoGAD99v
-JJfGjtH2tWmcQnw+2YEK3ye7bSFQ4l2nmboIF8CXZVgFz9h1x1OcygU+GTvvBvYf
-VCq69QE2Pb+KQFe2mBFHjlVd1Uegq1VvG9Ilb9XniLkbc2LIS5MngGw70F6rNjk9
-ZqO6K5qbDdTzLiNnnmzdL/j6mqT1AClbaHlB1OcCgYA/qlAHtzVpHWeWg8UtNNjW
-S5Mfdcld/wIy0T1dsw7ha8PPnwHU2aSydCrqIdyw4Ol0AuGNUsq+qpdfKHdyD/Li
-7JxfTFUSXuqbzC6odFXZBZNBtphHUyvVwk4QybRXMVMVPIvOkvebij2kTiRanTjZ
-jUp2nUaVQw4kDaiECn6NXQ==
+MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQClntY8hlvglbVj
+P1welZ4p6ufehja79oxClyrnZGUk/rrtf4OBQ8tJri1FlGO5voGDsYIGWZPvgGH8
+KXLk1c3lXrPAFFlXn3m1PhO4TfzLSxjEVU928Ft2k9vMDJKiFK4OQt/PkDjf2+P6
+VmoQ+ghXecVfAQnG6qocuP7noA47UHrChnY5aKqNBXzEAilVO/+7FcQbHji6k3yk
+4fKY1SBos28dXfDDgcJUZFKfDmkvsvLz9mhaF2Fg3x9TTEqTxk2o4SXrNI0kH+A
+snF5WJhxOiRKWIulyzoDoHeh4NF7uZz4erM9r3MTMgqO4NA+f4Nf5UYan02cqEMd
+w9dnMchaN5bfbE8wsLyZr6LNYdDZFAUeUxL7Na8QNeOgKNiwuCNwBBomKcMoEkFw
+ovErjXy4b98Czxgg/94sx9ZuAqqEmC/EBjwXZLnCjNAWkYTYBR8jOmMD0AHr8bAr
+o8b/xNMBi5P/OrC9x5jpFpyjA87ctr70vRblPdJS4TwjC06BJ2Rlrw1CVE6zJ5Hy
+j+JKZGvFY5PlvAtgO5wDRqym/EdVyPNbS8q3PsVlNk6irmBvsV5vsQjDrqlODfJ6
+u8dgzo/co/8TEB8zkngTs9cXGffdDj0fGKRWMG/bzcPvDm+5vwhfquezlYOttvBd
+VszyPnPtILDIFfjr1vWjbBIwJHbW+QIDAQABAoICABxTm17EuCgkUt7DsnTEsEWJ
+GNlVaT0iwQCOrFbhM+9s5fnC6nIMb1ONx85zv87AB5THom6FmajH83pWeIEtFEcb
+uHCsyk8TRpS6JlNKe2cl0/mYgbvdBje0uE4hBF9WXCKyS2dLyn53NHnXl9KJgS28
+9QX3vn1YG3pIJcjl9iks7aIhr0zIWws9mgZIPFuIpIeSBHWC6L74hMQPBT2XWZfG
+iZunF7Gzz35HhisQLifAPkkApr9Vg1FXmM4xiqwq1SwkMYRjmZxF7pjLbF8NyRzs
+jdJtbI0Rwj1mj6+PLSUVLQTOr6NoQ61PzMB9MQDPfF/FbgUVpAecO8Z2fXv35sVI
+lvHf3dnfs9S8Fl1xtlI2zHQk432HkvI1cN591bQjaA1yBZYqh/U5nxSq7gm4eXWi
+FYP2stYC6SUcu2h88IZH1nCPoL+NuENu4JUkUn9ywihSPASBFUc815vMcEVG23wn
+FuUUtZUsGLBhd9CgkfmlPYRNV/+GkBWCZBjToZ0JBwUJZ+E27xja2IMw25eyLP9d
+TozJhz5b9eXvMBhvQJz4qIslQ0Y8FZVsto82Ylbnrtq+XjmK+qdbH8sbVDp2+nXn
+O0wq+7c24Ap/A7Ndpfi5DkD3tM+WQHRflbQ8zAX//uGrXxOaxA0+5TUc+UZPRcyC
+xDVHTeMyLGqynsBL9CWFAoIBAQDkTbOLhLpc6Yq8Bjk6/iIZ0ge3g3cOJT+4Vkeu
+ZVd/sIxqp9Eyw+6yxJZxety1+rywBh8UFbihhjNmgillT25KuhG2ouYzjOOK05ln
+LvguUwRZhh6BAHWPHjyqF1X7TlpZV4aaPxTxfV3q6xoGrpij/rtybil0w8jCAKkN
+Tb1zTzTRXEHO01LPAgLATjZrJfiJ5BbMx67gOjhBX+NdtKc8ep/MwT+6TtUj16S9
+FRP6ZSsSgQ9txXN6KzutZD2WpqCEdwJDXeVqwhKTQiZ+ei6mCezBBczg7JlJVmy5
+On2YsnC6BkxU48Am/kq7XAjZthyFZqM2O068siBogK3rurFLAoIBAQC5tmvsIAuL
+H7fegZ3m7O90dpQHzU72II4uOzIvNxPbSPXeZWx2mC5Z+gCVwQWKWqzlwZfJYSwl
+/y0olfKGLJUSisSDDBEvK23FEyrbRpm31kJcY+EDO0huPoL4ORFhieIJ5t4V7zUB
+Xg/n+NXsgiu+uSd7BlpL7pYf1csTe/bqjVJK0Srv8wLA/uMDPqX27WD/pZMMrhnu
+Xdgmqqm8MZyjDCNwo5JYRjOReMCTdcNm/2y97ySdnG3kfLfTLnQEbyQx9TP87L17
+ERO3fvutHWJr+AsstdNC2+23SbmLrClC+m0NC+goffGPbsuNNCGWWEdPSd5zRoVT
+df0Kbr/8BPJLAoIBAQCiXcRwWC/2Pj3lpQN0uiJkfKPyVrQIQmOD5RDLrdVBwbzL
+aZh1YzVSvE9GW5u2bKFfCqt1rFEHxxqtL6rjG0+UI6rPWiEfznZRWFXENXpZ776r
+MKBnHH1/EIESctA6jyngWkgnUO/DI2b02MlEsU1rbJHBOymOmmMf3jpcdMpkxJMK
+xnMi9dXx1TtBqx42q+WLo8S3VNhBLgauL9TS4tUBRTB6/YEmLkSVXhsSQnhX3zV3
+zoO7jO6olzC1CxJmHxEPxFe+s3uipm1xf11DHAArI+nWCRsBaCNILgfa4AdM3rMf
+CbWltegFk1pwz26X71VvZmRzAFDqEEDOMZ3/hWHrAoIBACOMgNIdPDhwZODpzNEE
+b73KaQGpUkEY8D53RF73WwyxxabBoWZ+MPk2OuBvp2DZhJkiWqzItgu78ef/9AGt
+DQgUmhM/vxZZaNS9m4mH1Sr0j5Vh5ROaSH4Z5zYerm4OV79vevmV5X6Sg9bysfho
+3njOtnj9OVGppQEJCqt7IkO5s5PwwBhYWyGYaNoZJunCfLvS9PgLZ5lSS2rzZjRJ
+BuPLEgmgtgXBwmNJSwuvEi1oHWeqHEczR3HiUcnR7ZFfuPz7I+15X7fsB+srGoAD
+zPA/9dukHoGA2dso+KR82xUgHLnPmqwNl6zOF5a68Ob3lQbfa/6C9EiKoFpb4tIa
+HEsCggEAEecHeFfpJLNhdG1bIM4PWtkypH/QD/rrvOkQOY/yypWh7NVxaq9g5TUq
+ZIh4tayc0hxVzGeQAiw35aGgBSwTT/uZ2j9WcH6dS7RLITsapA44LD7DRSx6gmzJ
+xu38zGn8pq0Kng8J4SnIDuzE0C+PbeLYeoshBV3ghOAvtF/7gH1bDe4b/bRY489v
+lrzCwk9pM1j8g5VPZOyBxMdpmq7k7asIPAeQ8Bhc7ih1ugJb+2v3WcZrer+SnjL7
+v9ejMTgZWfxY3VLwVq05SLlLl6lscegrEiMgUbx0hfJBL4dLFI+IUrIwlQ9G6xQ7
+XF0nAyhvdJyNDziSAVk5P5nPVwDbEg==
 -----END PRIVATE KEY-----
--- a/src/quic_reflection_attack/client.py
+++ b/src/quic_reflection_attack/client.py
@ -0,0 +1,66 @@
+import asyncio
+from aioquic.asyncio.protocol import QuicConnectionProtocol
+import uvloop
+import ssl
+from typing import cast, Optional
+
+from aioquic.asyncio.client import connect
+from aioquic.quic.configuration import QuicConfiguration
+from aioquic.quic.events import QuicEvent, StreamDataReceived
+from aioquic.quic.connection import QuicConnection
+
+
+async def run_client(host: str, port: int, message: str) -> None:
+    configuration = QuicConfiguration(
+        is_client=True, alpn_protocols=["quic-echo"], verify_mode=ssl.CERT_NONE
+    )  # our own custome alpn protocol
+
+    async with connect(
+        host,
+        port,
+        configuration=configuration,
+        create_protocol=QuicClientProtocol,
+        wait_connected=True,
+    ) as client:
+        client = cast(QuicClientProtocol, client)
+
+        assert (
+            client.quic is not None
+        ), "QUIC Client connection is not properly initilized"
+
+        # Open a stream and send data
+        stream_id = client.quic.get_next_available_stream_id()
+        client.quic.send_stream_data(stream_id, message.encode())
+
+        # Wait for the response
+        response = await client.wait_for_response(stream_id)
+        print(f"Response from server: {response}")
+
+
+class QuicClientProtocol(QuicConnectionProtocol):
+    def __init__(self, *args, **kwargs) -> None:
+        super().__init__(*args, **kwargs)
+        self.quic: Optional[QuicConnection] = None
+        self.stream_data = {}
+
+    def quic_event_received(self, event: QuicEvent) -> None:
+        if isinstance(event, StreamDataReceived):
+            stream_id = event.stream_id
+            data = event.data
+            if stream_id in self.stream_data:
+                self.stream_data[stream_id] += data
+            else:
+                self.stream_data[stream_id] = data
+
+    async def wait_for_response(self, stream_id: int) -> str:
+        while stream_id not in self.stream_data:
+            await asyncio.sleep(0.1)
+        return self.stream_data[stream_id].decode()
+
+
+if __name__ == "__main__":
+    host = "localhost"
+    port = 8000
+    message = "Hello, QUIC server!"
+
+    uvloop.run(run_client(host, port, message))
--- a/src/quic_reflection_attack/server.py
+++ b/src/quic_reflection_attack/server.py
@ -4,12 +4,14 @@ import uvloop

 from aioquic.quic.configuration import QuicConfiguration
 from aioquic.quic.connection import QuicConnection
+from aioquic.asyncio.protocol import QuicConnectionProtocol
 from aioquic.quic.events import QuicEvent, StreamDataReceived
 from aioquic.asyncio import serve  # type: ignore


-class QuicServerProtocol:
-    def __init__(self):
+class QuicServerProtocol(QuicConnectionProtocol):
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
        self.quic: Optional[QuicConnection] = None

    def quic_event_received(self, event: QuicEvent) -> None: