Mercurial > libervia-backend
diff sat/plugins/plugin_xep_0077.py @ 2838:8018cf9aa55b
plugin XEP-0077: correctly report invalid certificate + errback on unexpected stream close
author | Goffi <goffi@goffi.org> |
---|---|
date | Sun, 03 Mar 2019 19:18:45 +0100 |
parents | 003b8b4b56a7 |
children | ab2696e34d29 |
line wrap: on
line diff
--- a/sat/plugins/plugin_xep_0077.py Sun Mar 03 17:17:07 2019 +0100 +++ b/sat/plugins/plugin_xep_0077.py Sun Mar 03 19:18:45 2019 +0100 @@ -23,7 +23,7 @@ from sat.core.log import getLogger log = getLogger(__name__) -from twisted.words.protocols.jabber import jid, xmlstream, client +from twisted.words.protocols.jabber import jid, xmlstream, client, error as jabber_error from twisted.internet import defer, reactor from sat.tools import xml_tools @@ -50,12 +50,13 @@ # FIXME: doesn't handle data form or oob namespace = 'jabber:client' - def __init__(self, jid_, password, email=None): + def __init__(self, jid_, password, email=None, check_certificate=True): log.debug(_(u"Registration asked for {jid}").format(jid=jid_)) xmlstream.ConnectAuthenticator.__init__(self, jid_.host) self.jid = jid_ self.password = password self.email = email + self.check_certificate = check_certificate self.registered = defer.Deferred() def associateWithStream(self, xs): @@ -63,13 +64,10 @@ xs.addObserver(xmlstream.STREAM_AUTHD_EVENT, self.register) xs.initializers = [client.CheckVersionInitializer(xs)] - inits = [ (xmlstream.TLSInitiatingInitializer, False), - ] - - for initClass, required in inits: - init = initClass(xs) - init.required = required - xs.initializers.append(init) + tls_init = xmlstream.TLSInitiatingInitializer(xs) + tls_init.required = False + tls_init.check_certificate = self.check_certificate + xs.initializers.append(tls_init) def register(self, xmlstream): log.debug(_(u"Stream started with {server}, now registering" @@ -88,6 +86,26 @@ raise failure_ +class ServerRegister(xmlstream.XmlStreamFactory): + + def __init__(self, *args, **kwargs): + xmlstream.XmlStreamFactory.__init__(self, *args, **kwargs) + self.addBootstrap(xmlstream.STREAM_END_EVENT, self._disconnected) + + def clientConnectionLost(self, connector, reason): + connector.disconnect() + + def _disconnected(self, reason): + if not self.authenticator.registered.called: + err = jabber_error.StreamError(u"Server unexpectedly closed the connection") + try: + if reason.value.args[0][0][2] == "certificate verify failed": + err = exceptions.InvalidCertificate() + except (IndexError, TypeError): + pass + self.authenticator.registered.errback(err) + + class XEP_0077(object): def __init__(self, host): log.info(_("Plugin XEP_0077 initialization")) @@ -237,11 +255,12 @@ @param host(unicode): host of the server to register to @param port(int): port of the server to register to """ - authenticator = RegisteringAuthenticator(jid_, password, email) + check_certificate = host != u"127.0.0.1" + authenticator = RegisteringAuthenticator( + jid_, password, email, check_certificate=check_certificate) registered_d = authenticator.registered - serverRegistrer = xmlstream.XmlStreamFactory(authenticator) - connector = reactor.connectTCP(host, port, serverRegistrer) - serverRegistrer.clientConnectionLost = lambda conn, reason: connector.disconnect() + server_register = ServerRegister(authenticator) + reactor.connectTCP(host, port, server_register) return registered_d def _changePassword(self, new_password, profile_key):