Mercurial > libervia-backend
comparison sat/plugins/plugin_misc_download.py @ 3205:2c0628f3927e
plugin download, aesgcm: disable TLS check if `check_certificate` setting is disabled
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Fri, 06 Mar 2020 18:19:03 +0100 |
| parents | d92a144f3589 |
| children | 4252176ad993 |
comparison
equal
deleted
inserted
replaced
| 3204:fc2bea41e402 | 3205:2c0628f3927e |
|---|---|
| 27 from sat.core.log import getLogger | 27 from sat.core.log import getLogger |
| 28 from sat.core import exceptions | 28 from sat.core import exceptions |
| 29 from sat.tools import xml_tools | 29 from sat.tools import xml_tools |
| 30 from sat.tools.common import data_format | 30 from sat.tools.common import data_format |
| 31 from sat.tools import stream | 31 from sat.tools import stream |
| 32 from sat.tools.web import treq_client_no_ssl | |
| 32 | 33 |
| 33 log = getLogger(__name__) | 34 log = getLogger(__name__) |
| 34 | 35 |
| 35 | 36 |
| 36 PLUGIN_INFO = { | 37 PLUGIN_INFO = { |
| 161 unique_name = '.'.join([uid] + suffixes) | 162 unique_name = '.'.join([uid] + suffixes) |
| 162 with client.cache.cacheData("DOWNLOAD", uid, filename=unique_name) as f: | 163 with client.cache.cacheData("DOWNLOAD", uid, filename=unique_name) as f: |
| 163 # we close the file and only use its name, the file will be opened | 164 # we close the file and only use its name, the file will be opened |
| 164 # by the registered callback | 165 # by the registered callback |
| 165 dest_path = f.name | 166 dest_path = f.name |
| 167 | |
| 168 # should we check certificates? | |
| 169 check_certificate = self.host.memory.getParamA( | |
| 170 "check_certificate", "Connection", profile_key=client.profile) | |
| 171 if not check_certificate: | |
| 172 options['ignore_tls_errors'] = True | |
| 173 log.warning( | |
| 174 _("certificate check disabled for download, this is dangerous!")) | |
| 175 | |
| 166 try: | 176 try: |
| 167 callback = self._download_callbacks[uri_parsed.scheme] | 177 callback = self._download_callbacks[uri_parsed.scheme] |
| 168 except KeyError: | 178 except KeyError: |
| 169 raise exceptions.NotFound(f"Can't find any handler for uri {uri}") | 179 raise exceptions.NotFound(f"Can't find any handler for uri {uri}") |
| 170 else: | 180 else: |
| 210 download_d.errback(exceptions.NetworkError(msg)) | 220 download_d.errback(exceptions.NetworkError(msg)) |
| 211 | 221 |
| 212 async def downloadHTTP(self, client, uri_parsed, dest_path, options): | 222 async def downloadHTTP(self, client, uri_parsed, dest_path, options): |
| 213 url = uri_parsed.geturl() | 223 url = uri_parsed.geturl() |
| 214 | 224 |
| 215 head_data = await treq.head(url) | 225 if options.get('ignore_tls_errors', False): |
| 226 log.warning( | |
| 227 "TLS certificate check disabled, this is highly insecure" | |
| 228 ) | |
| 229 treq_client = treq_client_no_ssl | |
| 230 else: | |
| 231 treq_client = treq | |
| 232 | |
| 233 head_data = await treq_.head(url) | |
| 216 try: | 234 try: |
| 217 content_length = int(head_data.headers.getRawHeaders('content-length')[0]) | 235 content_length = int(head_data.headers.getRawHeaders('content-length')[0]) |
| 218 except (KeyError, TypeError, IndexError): | 236 except (KeyError, TypeError, IndexError): |
| 219 content_length = None | 237 content_length = None |
| 220 log.debug(f"No content lenght found at {url}") | 238 log.debug(f"No content lenght found at {url}") |
| 226 size = content_length, | 244 size = content_length, |
| 227 ) | 245 ) |
| 228 | 246 |
| 229 progress_id = file_obj.uid | 247 progress_id = file_obj.uid |
| 230 | 248 |
| 231 resp = await treq.get(url, unbuffered=True) | 249 resp = await treq_client.get(url, unbuffered=True) |
| 232 if resp.code == 200: | 250 if resp.code == 200: |
| 233 d = treq.collect(resp, file_obj.write) | 251 d = treq.collect(resp, file_obj.write) |
| 234 d.addBoth(lambda _: file_obj.close()) | 252 d.addBoth(lambda _: file_obj.close()) |
| 235 else: | 253 else: |
| 236 d = defer.Deferred() | 254 d = defer.Deferred() |