libervia-backend: sat/tools/web.py annotate

annotate sat/tools/web.py @ 3405:ecdb3728749e

plugin XEP-0353: Jingle Message Initiation implementation: This plugin uses the new `XEP-0166_initiate` trigger to initiate a Jingle session with messages if the peer jid has no resource specified. On reception, if the sender is not in our roster, a confirmation is requested to user to avoid leaking presence and IP. If user refuses the session for somebody not in roster, nothing is sent at all (the request is just ignored).

author	Goffi <goffi@goffi.org>
date	Thu, 12 Nov 2020 14:53:15 +0100
parents	2c0628f3927e
children	be6d91572633

rev	line source
3089 e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	1 #!/usr/bin/env python3
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	2
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	3 # SàT: an XMPP client
3136 9d0df638c8b4 dates update Goffi <goffi@goffi.org> parents: 3089 diff changeset	4 # Copyright (C) 2009-2020 Jérôme Poisson (goffi@goffi.org)
3089 e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	5
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	6 # This program is free software: you can redistribute it and/or modify
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	7 # it under the terms of the GNU Affero General Public License as published by
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	8 # the Free Software Foundation, either version 3 of the License, or
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	9 # (at your option) any later version.
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	10
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	11 # This program is distributed in the hope that it will be useful,
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	14 # GNU Affero General Public License for more details.
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	15
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	16 # You should have received a copy of the GNU Affero General Public License
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	17 # along with this program. If not, see <http://www.gnu.org/licenses/>.
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	18
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	19 from OpenSSL import SSL
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	20 from zope.interface import implementer
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	21 from treq.client import HTTPClient
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	22 from twisted.internet.interfaces import IOpenSSLClientConnectionCreator
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	23 from twisted.internet import reactor, ssl
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	24 from twisted.web import iweb
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	25 from twisted.web import client as http_client
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	26 from sat.core.log import getLogger
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	27
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	28
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	29 log = getLogger(__name__)
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	30
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	31
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	32 SSLError = SSL.Error
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	33
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	34
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	35 @implementer(IOpenSSLClientConnectionCreator)
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	36 class NoCheckConnectionCreator(object):
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	37 def __init__(self, hostname, ctx):
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	38 self._ctx = ctx
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	39
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	40 def clientConnectionForTLS(self, tlsProtocol):
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	41 context = self._ctx
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	42 connection = SSL.Connection(context, None)
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	43 connection.set_app_data(tlsProtocol)
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	44 return connection
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	45
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	46
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	47 @implementer(iweb.IPolicyForHTTPS)
3205 2c0628f3927e plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled Goffi <goffi@goffi.org> parents: 3136 diff changeset	48 class NoCheckContextFactory:
3089 e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	49 """Context factory which doesn't do TLS certificate check
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	50
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	51 /!\\ it's obvisously a security flaw to use this class,
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	52 and it should be used only with explicit agreement from the end used
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	53 """
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	54
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	55 def creatorForNetloc(self, hostname, port):
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	56 log.warning(
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	57 "TLS check disabled for {host} on port {port}".format(
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	58 host=hostname, port=port
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	59 )
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	60 )
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	61 certificateOptions = ssl.CertificateOptions(trustRoot=None)
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	62 return NoCheckConnectionCreator(hostname, certificateOptions.getContext())
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	63
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	64
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	65 #: following treq doesn't check TLS, obviously it is unsecure and should not be used
e75024e41f81 plugin upload, XEP-0363: code modernisation + preparation for extension: Goffi <goffi@goffi.org> parents: diff changeset	66 #: without explicit warning
3205 2c0628f3927e plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled Goffi <goffi@goffi.org> parents: 3136 diff changeset	67 treq_client_no_ssl = HTTPClient(http_client.Agent(reactor, NoCheckContextFactory()))

Mercurial > libervia-backend

annotate sat/tools/web.py @ 3405:ecdb3728749e