hueso/gajim-plugins
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[preview] Add option to disable https verification

Browse Source
This commit is contained in:
Philipp Hörist
2017-12-05 18:08:20 +01:00
parent 42cc17269b
commit 9c91679a63
3 changed files with 34 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
url_image_preview/config_dialog.py
View File

@@ -21,7 +21,7 @@ from gi.repository import GObject
from gi.repository import Gtk from gi.repository import Gtk
from gajim.options_dialog import OptionsDialog, GenericOption, SpinOption from gajim.options_dialog import OptionsDialog, GenericOption, SpinOption
from gajim.common.const import Option, OptionType from gajim.common.const import Option, OptionType, OptionKind
class UrlImagePreviewConfigDialog(OptionsDialog): class UrlImagePreviewConfigDialog(OptionsDialog):
@@ -57,6 +57,10 @@ class UrlImagePreviewConfigDialog(OptionsDialog):
callback=self.on_option, data='LEFTCLICK_ACTION', callback=self.on_option, data='LEFTCLICK_ACTION',
props={'items': actions, props={'items': actions,
'plugin': self.plugin}), 'plugin': self.plugin}),
Option(OptionKind.SWITCH, _('Enable HTTPS Verification'),
OptionType.VALUE, self.plugin.config['VERIFY'],
callback=self.on_option, data='VERIFY'),
] ]
OptionsDialog.__init__(self, parent, _('UrlImagePreview Options'), OptionsDialog.__init__(self, parent, _('UrlImagePreview Options'),

33
url_image_preview/http_functions.py
View File

@@ -18,6 +18,7 @@
import urllib.request as urllib2 import urllib.request as urllib2
import socket import socket
import re import re
import ssl
from gajim.common import app from gajim.common import app
from gajim.common import helpers from gajim.common import helpers
@@ -34,12 +35,12 @@ if app.HAVE_PYCURL:
log = logging.getLogger('gajim.plugin_system.url_image_preview.http_functions') log = logging.getLogger('gajim.plugin_system.url_image_preview.http_functions')
def get_http_head(account, url): def get_http_head(account, url, verify):
# Check if proxy is used # Check if proxy is used
proxy = helpers.get_proxy_info(account) proxy = helpers.get_proxy_info(account)
if proxy and proxy['type'] in ('http', 'socks5'): if proxy and proxy['type'] in ('http', 'socks5'):
return _get_http_head_proxy(url, proxy) return _get_http_head_proxy(url, proxy)
return _get_http_head_direct(url) return _get_http_head_direct(url, verify)
def get_http_file(account, attrs): def get_http_file(account, attrs):
# Check if proxy is used # Check if proxy is used
@@ -49,16 +50,23 @@ def get_http_file(account, attrs):
else: else:
return _get_http_direct(attrs) return _get_http_direct(attrs)
def _get_http_head_direct(url): def _get_http_head_direct(url, verify):
log.debug('Head request direct for URL: %s' % url) log.debug('Head request direct for URL: %s' % url)
try: try:
req = urllib2.Request(url) req = urllib2.Request(url)
req.get_method = lambda: 'HEAD' req.get_method = lambda: 'HEAD'
req.add_header('User-Agent', 'Gajim %s' % app.version) req.add_header('User-Agent', 'Gajim %s' % app.version)
if os.name == 'nt': if not verify:
f = urllib2.urlopen(req, cafile=certifi.where()) context = ssl.create_default_context()
context.check_hostname = False
context.verify_mode = ssl.CERT_NONE
log.warning('CERT Verification disabled')
f = urllib2.urlopen(req, timeout=30, context=context)
else: else:
f = urllib2.urlopen(req) if os.name == 'nt':
f = urllib2.urlopen(req, cafile=certifi.where())
else:
f = urllib2.urlopen(req)
except Exception as ex: except Exception as ex:
log.debug('Could not get head response for URL: %s' % url) log.debug('Could not get head response for URL: %s' % url)
log.debug("%s" % str(ex)) log.debug("%s" % str(ex))
@@ -136,10 +144,17 @@ def _get_http_direct(attrs):
try: try:
req = urllib2.Request(attrs['src']) req = urllib2.Request(attrs['src'])
req.add_header('User-Agent', 'Gajim ' + app.version) req.add_header('User-Agent', 'Gajim ' + app.version)
if os.name == 'nt': if not attrs['verify']:
f = urllib2.urlopen(req, cafile=certifi.where()) context = ssl.create_default_context()
context.check_hostname = False
context.verify_mode = ssl.CERT_NONE
log.warning('CERT Verification disabled')
f = urllib2.urlopen(req, timeout=30, context=context)
else: else:
f = urllib2.urlopen(req) if os.name == 'nt':
f = urllib2.urlopen(req, cafile=certifi.where())
else:
f = urllib2.urlopen(req)
except Exception as ex: except Exception as ex:
log.debug('Error loading file %s ' log.debug('Error loading file %s '
% attrs['src'] + str(ex)) % attrs['src'] + str(ex))

7
url_image_preview/url_image_preview.py
View File

@@ -81,7 +81,8 @@ class UrlImagePreviewPlugin(GajimPlugin):
'PREVIEW_SIZE': (150, 'Preview size(10-512)'), 'PREVIEW_SIZE': (150, 'Preview size(10-512)'),
'MAX_FILE_SIZE': (524288, 'Max file size for image preview'), 'MAX_FILE_SIZE': (524288, 'Max file size for image preview'),
'LEFTCLICK_ACTION': ('open_menuitem', 'Open'), 'LEFTCLICK_ACTION': ('open_menuitem', 'Open'),
'ANONYMOUS_MUC': False,} 'ANONYMOUS_MUC': (False, ''),
'VERIFY': (True, ''),}
self.controls = {} self.controls = {}
self.history_window_control = None self.history_window_control = None
@@ -246,8 +247,9 @@ class Base(object):
# then check the mime type and filesize # then check the mime type and filesize
if urlparts.scheme == 'aesgcm': if urlparts.scheme == 'aesgcm':
real_text = 'https://' + real_text[9:] real_text = 'https://' + real_text[9:]
verify = self.plugin.config['VERIFY']
app.thread_interface( app.thread_interface(
get_http_head, [self.textview.account, real_text], get_http_head, [self.textview.account, real_text, verify],
self._check_mime_size, [real_text, repl_start, repl_end, self._check_mime_size, [real_text, repl_start, repl_end,
filepaths, key, iv, encrypted]) filepaths, key, iv, encrypted])
@@ -403,6 +405,7 @@ class Base(object):
return return
attributes = {'src': url, attributes = {'src': url,
'verify': self.plugin.config['VERIFY'],
'max_size': max_size, 'max_size': max_size,
'filepaths': filepaths, 'filepaths': filepaths,
'key': key, 'key': key,