Mercurial > libervia-backend
annotate sat/tools/web.py @ 3384:f4386002f30f
docker (backend): set `background` to `dark` to avoid trouble with autodetection in jp
author | Goffi <goffi@goffi.org> |
---|---|
date | Thu, 12 Nov 2020 14:53:15 +0100 |
parents | 2c0628f3927e |
children | be6d91572633 |
rev | line source |
---|---|
3089
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
1 #!/usr/bin/env python3 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
2 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
3 # SàT: an XMPP client |
3136 | 4 # Copyright (C) 2009-2020 Jérôme Poisson (goffi@goffi.org) |
3089
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
5 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
6 # This program is free software: you can redistribute it and/or modify |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
7 # it under the terms of the GNU Affero General Public License as published by |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
8 # the Free Software Foundation, either version 3 of the License, or |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
9 # (at your option) any later version. |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
10 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
11 # This program is distributed in the hope that it will be useful, |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
14 # GNU Affero General Public License for more details. |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
15 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
16 # You should have received a copy of the GNU Affero General Public License |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
17 # along with this program. If not, see <http://www.gnu.org/licenses/>. |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
18 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
19 from OpenSSL import SSL |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
20 from zope.interface import implementer |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
21 from treq.client import HTTPClient |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
22 from twisted.internet.interfaces import IOpenSSLClientConnectionCreator |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
23 from twisted.internet import reactor, ssl |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
24 from twisted.web import iweb |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
25 from twisted.web import client as http_client |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
26 from sat.core.log import getLogger |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
27 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
28 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
29 log = getLogger(__name__) |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
30 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
31 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
32 SSLError = SSL.Error |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
33 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
34 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
35 @implementer(IOpenSSLClientConnectionCreator) |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
36 class NoCheckConnectionCreator(object): |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
37 def __init__(self, hostname, ctx): |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
38 self._ctx = ctx |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
39 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
40 def clientConnectionForTLS(self, tlsProtocol): |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
41 context = self._ctx |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
42 connection = SSL.Connection(context, None) |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
43 connection.set_app_data(tlsProtocol) |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
44 return connection |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
45 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
46 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
47 @implementer(iweb.IPolicyForHTTPS) |
3205
2c0628f3927e
plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
Goffi <goffi@goffi.org>
parents:
3136
diff
changeset
|
48 class NoCheckContextFactory: |
3089
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
49 """Context factory which doesn't do TLS certificate check |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
50 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
51 /!\\ it's obvisously a security flaw to use this class, |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
52 and it should be used only with explicit agreement from the end used |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
53 """ |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
54 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
55 def creatorForNetloc(self, hostname, port): |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
56 log.warning( |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
57 "TLS check disabled for {host} on port {port}".format( |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
58 host=hostname, port=port |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
59 ) |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
60 ) |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
61 certificateOptions = ssl.CertificateOptions(trustRoot=None) |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
62 return NoCheckConnectionCreator(hostname, certificateOptions.getContext()) |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
63 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
64 |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
65 #: following treq doesn't check TLS, obviously it is unsecure and should not be used |
e75024e41f81
plugin upload, XEP-0363: code modernisation + preparation for extension:
Goffi <goffi@goffi.org>
parents:
diff
changeset
|
66 #: without explicit warning |
3205
2c0628f3927e
plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
Goffi <goffi@goffi.org>
parents:
3136
diff
changeset
|
67 treq_client_no_ssl = HTTPClient(http_client.Agent(reactor, NoCheckContextFactory())) |