diff options
author | Philipp Hörist <forenjunkie@chello.at> | 2017-12-05 20:08:20 +0300 |
---|---|---|
committer | Philipp Hörist <forenjunkie@chello.at> | 2017-12-05 20:08:20 +0300 |
commit | 9c91679a634b8597b8b0fd141a3926ff874ccc13 (patch) | |
tree | 5a345579b52374b2e01b89c961b0b2bd460cda0b /url_image_preview | |
parent | 42cc17269bd275460359760aaaf623014374ab89 (diff) |
[preview] Add option to disable https verification
Diffstat (limited to 'url_image_preview')
-rw-r--r-- | url_image_preview/config_dialog.py | 6 | ||||
-rw-r--r-- | url_image_preview/http_functions.py | 33 | ||||
-rw-r--r-- | url_image_preview/url_image_preview.py | 7 |
3 files changed, 34 insertions, 12 deletions
diff --git a/url_image_preview/config_dialog.py b/url_image_preview/config_dialog.py index 0bf433f..0d56f7c 100644 --- a/url_image_preview/config_dialog.py +++ b/url_image_preview/config_dialog.py @@ -21,7 +21,7 @@ from gi.repository import GObject from gi.repository import Gtk from gajim.options_dialog import OptionsDialog, GenericOption, SpinOption -from gajim.common.const import Option, OptionType +from gajim.common.const import Option, OptionType, OptionKind class UrlImagePreviewConfigDialog(OptionsDialog): @@ -57,6 +57,10 @@ class UrlImagePreviewConfigDialog(OptionsDialog): callback=self.on_option, data='LEFTCLICK_ACTION', props={'items': actions, 'plugin': self.plugin}), + + Option(OptionKind.SWITCH, _('Enable HTTPS Verification'), + OptionType.VALUE, self.plugin.config['VERIFY'], + callback=self.on_option, data='VERIFY'), ] OptionsDialog.__init__(self, parent, _('UrlImagePreview Options'), diff --git a/url_image_preview/http_functions.py b/url_image_preview/http_functions.py index 19fbf42..ecfb22f 100644 --- a/url_image_preview/http_functions.py +++ b/url_image_preview/http_functions.py @@ -18,6 +18,7 @@ import urllib.request as urllib2 import socket import re +import ssl from gajim.common import app from gajim.common import helpers @@ -34,12 +35,12 @@ if app.HAVE_PYCURL: log = logging.getLogger('gajim.plugin_system.url_image_preview.http_functions') -def get_http_head(account, url): +def get_http_head(account, url, verify): # Check if proxy is used proxy = helpers.get_proxy_info(account) if proxy and proxy['type'] in ('http', 'socks5'): return _get_http_head_proxy(url, proxy) - return _get_http_head_direct(url) + return _get_http_head_direct(url, verify) def get_http_file(account, attrs): # Check if proxy is used @@ -49,16 +50,23 @@ def get_http_file(account, attrs): else: return _get_http_direct(attrs) -def _get_http_head_direct(url): +def _get_http_head_direct(url, verify): log.debug('Head request direct for URL: %s' % url) try: req = urllib2.Request(url) req.get_method = lambda: 'HEAD' req.add_header('User-Agent', 'Gajim %s' % app.version) - if os.name == 'nt': - f = urllib2.urlopen(req, cafile=certifi.where()) + if not verify: + context = ssl.create_default_context() + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + log.warning('CERT Verification disabled') + f = urllib2.urlopen(req, timeout=30, context=context) else: - f = urllib2.urlopen(req) + if os.name == 'nt': + f = urllib2.urlopen(req, cafile=certifi.where()) + else: + f = urllib2.urlopen(req) except Exception as ex: log.debug('Could not get head response for URL: %s' % url) log.debug("%s" % str(ex)) @@ -136,10 +144,17 @@ def _get_http_direct(attrs): try: req = urllib2.Request(attrs['src']) req.add_header('User-Agent', 'Gajim ' + app.version) - if os.name == 'nt': - f = urllib2.urlopen(req, cafile=certifi.where()) + if not attrs['verify']: + context = ssl.create_default_context() + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + log.warning('CERT Verification disabled') + f = urllib2.urlopen(req, timeout=30, context=context) else: - f = urllib2.urlopen(req) + if os.name == 'nt': + f = urllib2.urlopen(req, cafile=certifi.where()) + else: + f = urllib2.urlopen(req) except Exception as ex: log.debug('Error loading file %s ' % attrs['src'] + str(ex)) diff --git a/url_image_preview/url_image_preview.py b/url_image_preview/url_image_preview.py index 068cfa0..c3f21f2 100644 --- a/url_image_preview/url_image_preview.py +++ b/url_image_preview/url_image_preview.py @@ -81,7 +81,8 @@ class UrlImagePreviewPlugin(GajimPlugin): 'PREVIEW_SIZE': (150, 'Preview size(10-512)'), 'MAX_FILE_SIZE': (524288, 'Max file size for image preview'), 'LEFTCLICK_ACTION': ('open_menuitem', 'Open'), - 'ANONYMOUS_MUC': False,} + 'ANONYMOUS_MUC': (False, ''), + 'VERIFY': (True, ''),} self.controls = {} self.history_window_control = None @@ -246,8 +247,9 @@ class Base(object): # then check the mime type and filesize if urlparts.scheme == 'aesgcm': real_text = 'https://' + real_text[9:] + verify = self.plugin.config['VERIFY'] app.thread_interface( - get_http_head, [self.textview.account, real_text], + get_http_head, [self.textview.account, real_text, verify], self._check_mime_size, [real_text, repl_start, repl_end, filepaths, key, iv, encrypted]) @@ -403,6 +405,7 @@ class Base(object): return attributes = {'src': url, + 'verify': self.plugin.config['VERIFY'], 'max_size': max_size, 'filepaths': filepaths, 'key': key, |