通过python的ssl模块（OPENSSL）

#!/usr/bin/env python3#-*- encoding:utf8 -*-import argparse,socket,ssldef client(host,port,cafile=None):    purpose = ssl.Purpose.SERVER_AUTH    context = ssl.create_default_context(purpose,cafile=cafile)    raw_sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM)    raw_sock.connect((host,port))    print("Connect to host {!r} and port {}".format(host,port))    ssl_sock = context.wrap_socket(raw_sock,server_hostname=host)    while True:        data = ssl_sock.recv(1024)        if not data:break        print(repr(data))def server(host,port,certifle,cafile=None):    purpose = ssl.Purpose.CLIENT_AUTH    context = ssl.create_default_context(purpose,cafile=cafile)    context.load_cert_chain(certifle)    listener = socket.socket(socket.AF_INET,socket.SOCK_STREAM)    listener.setsockopt(socket.SOL_SOCKET,socket.SO_REUSEADDR,1)    listener.bind((host,port))    listener.listen(1)    print('Listening at interface {!r} and port {}'.format(host,port))    raw_sock,address = listener.accept()    print('Connection from host {!r} and port {}'.format(*address))    ssl_sock = context.wrap_socket(raw_sock,server_side=True)    ssl_sock.sendall(b'Simple is better than Complex')    ssl_sock.close()    listener.close()if __name__ == "__main__":    parser = argparse.ArgumentParser(description='Safe TLS client and server')    parser.add_argument('host',help='Hostname or IP Address')    parser.add_argument('port',type=int,help='TCP port number')    parser.add_argument('-a',metavar='cafile',default=None,                        help='authority:Path to CA certificate PEM file')    parser.add_argument('-s',metavar='certfile',default=None,                        help='Run as server:Path to server PEM file')    args = parser.parse_args()    if args.s:        server(args.host,args.port,args.s,args.a)    else:        client(args.host,args.port,args.a)