| CARVIEW |
Select Language
HTTP/2 200
date: Fri, 26 Dec 2025 18:51:05 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With
etag: W/"ffc9a4d741c5f88f31bc7565f7c179d9"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com github.githubassets.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com wss://alive-staging.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com marketplace-screenshots.githubusercontent.com/ copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com github.githubassets.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
set-cookie: _gh_sess=atBH05x%2FKiQfsDSDPmaZmo9hRzjll4ap63zmu%2BhOWE5GQHXNXcVnLi0aMTKJRP5N7JpHSG%2FKrWSTKlmrlvcGHqaeOGt1o%2FfLy%2BfxPpLAiP2F8wHTJS5qEBrYHcugDoHqA0bMAhoKTKrI4NEuYPWMZrRmoxVVECbeAAmMqUzh94AViMjJ4QgupyRJWziQaANJOQl%2F26MZ6CLoMKkpCrCIadqvWnkz18RzdYhNjem7hlXQPw2I5RnK9GFhYcJoSY0gdMA%2Febq7YUuhBAnFmrMlYg%3D%3D--e2mERr8ftmLvYIdV--8LY0ikvEzlvYcJkGeVa6zw%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.645384590.1766775064; Path=/; Domain=github.com; Expires=Sat, 26 Dec 2026 18:51:04 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Sat, 26 Dec 2026 18:51:04 GMT; HttpOnly; Secure; SameSite=Lax
x-github-request-id: B34E:2C1316:3C10B29:47CCF6F:694ED918
GitHub - networkupstools/TLS-Shims: Thin daemons provide up-to-date TLS encryption between upsd and client
Skip to content
Navigation Menu
{{ message }}
forked from NUT-RogerPrice/Shims
-
Notifications
You must be signed in to change notification settings - Fork 1
networkupstools/TLS-Shims
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
README 2021-05-22 Roger Price
NUT TLS Shims
-------------
The software described here was developed in support of the
Internet-Draft "Uninterruptible Power Supply (UPS) Management Protocol
-- Commands and Responses"
NUT is a mature project which advances slowly. The SSL provisions for
secure communication are now outdated and deprecated. The shims
proposed here provide thin daemons to be used in front of NUT's upsd
and upsmon. They support TLS 1.3 encryption of the NUT commands and
responses.
TLS shim upsdTLS TLS shim upsmonTLS
listens on port 401 listens on port 3493
,-----,------------,----, ,----,--------------,
| UPS - Attachment |TLS | <-STARTTLS | TLS| Management |
| | Daemon |shim| OK--> |shim| Daemon |
| | upsd | | | | upsmon |
/-----'------------'----\ '----'--------------'
Listens on
port nut/3493
Attachment Daemon (upsd) Shim
The shim in front of upsd listens to incoming traffic on port ups/401.
When it receives the command STARTTLS it
1. Returns OK to the client and sets up TLS encapsulation.
2. Does not send STARTTLS to upsd port nut/3493.
All other commands and responses are passed through.
Management Daemon (upsmon) Shim
The shim in front of upsmon listens for incoming traffic on port
nut/3493. When it receives the command STARTTLS it
1. Returns FEATURE-NOT-CONFIGURED to the client.
2. Sends STARTTLS to upsd port ups/401.
All other commands and responses are passed through.
The three Python3 scripts are
upsdTLS.py : Daemon receives TLS encrypted commands on port ups/401
and passes them in plain text to upsd's port nut/3493
upsmonTLS.py : Daemon receives plain text commands from upsmon, upsc,
upsrw, upscmd, etc, on port nut/3493 and relays them encrypted to
port ups/401.
mkNUTcert.py : Utility script creates a private key/public key pair,
and issues the corresponding "server" and "client" PEM-encoded
certificates suitable for the shims.
Full documentation is available in Part 2 of Configuration Examples
version 2.0.
The Makefile serves to run the Python linter on the source code using
the command make.
About
Thin daemons provide up-to-date TLS encryption between upsd and client
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published
Languages
- Python 98.8%
- Makefile 1.2%
You can’t perform that action at this time.