changeset 3192:883fb4981958

plugin attach: disable TLS check if "check_certificate" is disabled
author Goffi <goffi@goffi.org>
date Fri, 28 Feb 2020 10:06:23 +0100
parents 7255286a298a
children 65d89a339dd3
files sat/plugins/plugin_misc_attach.py sat/plugins/plugin_xep_0363.py
diffstat 2 files changed, 8 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/sat/plugins/plugin_misc_attach.py	Wed Feb 26 22:03:15 2020 +0100
+++ b/sat/plugins/plugin_misc_attach.py	Fri Feb 28 10:06:23 2020 +0100
@@ -78,9 +78,15 @@
             progress_id = attachment.get("progress_id")
             if progress_id:
                 options["progress_id"] = attachment["progress_id"]
+            check_certificate = self.host.memory.getParamA(
+                "check_certificate", "Connection", profile_key=client.profile)
+            if not check_certificate:
+                options['ignore_tls_errors'] = True
+                log.warning(
+                    _("certificate check disabled for upload, this is dangerous!"))
             if client.encryption.isEncryptionRequested(data):
                 # FIXME: we should not use implementation specific value here
-                #   but for not it's the only file encryption method available with
+                #   but for now it's the only file encryption method available with
                 #   with upload.
                 options['encryption'] = C.ENC_AES_GCM
 
--- a/sat/plugins/plugin_xep_0363.py	Wed Feb 26 22:03:15 2020 +0100
+++ b/sat/plugins/plugin_xep_0363.py	Fri Feb 28 10:06:23 2020 +0100
@@ -1,7 +1,6 @@
 #!/usr/bin/env python3
 
-
-# SAT plugin for HTTP File Upload (XEP-0363)
+# SàT plugin for HTTP File Upload (XEP-0363)
 # Copyright (C) 2009-2020 Jérôme Poisson (goffi@goffi.org)
 
 # This program is free software: you can redistribute it and/or modify