diff options
author | Philipp Hörist <forenjunkie@chello.at> | 2018-03-31 12:54:55 +0300 |
---|---|---|
committer | Philipp Hörist <forenjunkie@chello.at> | 2018-03-31 12:56:07 +0300 |
commit | 70df229a46f41f690adc6de6dd23d6fed45e73a2 (patch) | |
tree | 80e55bab2bb4f8ce6598294cb04c30c1b71f5532 | |
parent | ca06bbec4ec4eb4f6c5661087d839981e36d2441 (diff) |
[omemo] Use httpupload_verify config setting
-rw-r--r-- | omemo/file_crypto.py | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/omemo/file_crypto.py b/omemo/file_crypto.py index 646f59b..38f92f0 100644 --- a/omemo/file_crypto.py +++ b/omemo/file_crypto.py @@ -25,6 +25,7 @@ import threading import platform import subprocess import binascii +import ssl from urllib.request import urlopen from urllib.error import URLError from urllib.parse import urlparse, urldefrag @@ -32,6 +33,7 @@ from io import BufferedWriter, FileIO, BytesIO from gi.repository import GLib from gajim import gtkgui_helpers +from gajim.common import app from gajim.common import configpaths from gajim.dialogs import ErrorDialog, YesNoDialog if os.name == 'nt': @@ -70,7 +72,8 @@ def encrypt_file(data): class File: - def __init__(self, url): + def __init__(self, url, account): + self.account = account self.url, self.fragment = urldefrag(url) self.key = None self.iv = None @@ -88,7 +91,7 @@ class FileDecryption: return self.window = window urlparts = urlparse(url) - file = File(urlparts.geturl()) + file = File(urlparts.geturl(), instance.account) if urlparts.scheme not in ['https', 'aesgcm'] or not urlparts.netloc: log.info("Not accepting URL for decryption: %s", url) @@ -190,11 +193,21 @@ class Download: def load_url(self): try: stream = BytesIO() - if os.name == 'nt': - get_request = urlopen( - self.file.url, cafile=certifi.where(), timeout=30) + if not app.config.get_per('accounts', + self.file.account, + 'httpupload_verify'): + context = ssl.create_default_context() + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + log.warning('CERT Verification disabled') + get_request = urlopen(self.file.url, timeout=30, context=context) else: - get_request = urlopen(self.file.url, timeout=30) + if os.name == 'nt': + get_request = urlopen( + self.file.url, cafile=certifi.where(), timeout=30) + else: + get_request = urlopen(self.file.url, timeout=30) + size = get_request.info()['Content-Length'] if not size: errormsg = 'Content-Length not found in header' |