startTLS: avoid retrying TLS connection if hostname is an IP address

2019-02-04 17:50:07 +01:00 · 2019-02-04 17:50:07 +01:00 · 09b035e57d
commit 09b035e57d
parent cecd992fa8
3 changed files with 13 additions and 5 deletions
--- a/syncplay/client.py
+++ b/syncplay/client.py
@ -706,10 +706,14 @@ class SyncplayClient(object):
        if '[' in host:
            host = host.strip('[]')
        port = int(port)
-        with open('cert/server.crt') as cert_file:
-            trust_root = Certificate.loadPEM(cert_file.read())
        self._endpoint = HostnameEndpoint(reactor, host, port)
-        self.protocolFactory.options = optionsForClientTLS(hostname=host, trustRoot = trust_root)
+        try:
+            with open('cert/server.crt') as cert_file:
+                trust_root = Certificate.loadPEM(cert_file.read())
+            self.protocolFactory.options = optionsForClientTLS(hostname=host, trustRoot = trust_root)
+        except Exception as e:
+            self.protocolFactory.options = None
+            self._serverSupportsTLS = False

        def retry(retries):
            self._lastGlobalUpdate = None
--- a/syncplay/protocols.py
+++ b/syncplay/protocols.py
@ -78,9 +78,15 @@ class SyncClientProtocol(JSONCommandProtocol):
            self.sendTLS({"startTLS": "send"})
            self._client.ui.showMessage("Attempting secure connection")
        else:
+            self._client.ui.showErrorMessage("This server does not support TLS")
            self.sendHello()

    def connectionLost(self, reason):
+        try:
+            if "Invalid DNS-ID" in str(reason.value):
+                self._client._serverSupportsTLS = False
+        except:
+            pass
        self._client.destroyProtocol()

    def dropWithError(self, error):
@ -303,7 +309,6 @@ class SyncClientProtocol(JSONCommandProtocol):

    def handleError(self, error):
        if "startTLS" in error["message"] and not self.logged:
-            self._client.ui.showErrorMessage("This server does not support TLS")
            self._client._serverSupportsTLS = False
        else:
            self.dropWithError(error["message"])
--- a/syncplayServer.py
+++ b/syncplayServer.py
@ -13,7 +13,6 @@ except AttributeError:
    import warnings
    warnings.warn("You must run Syncplay with Python 3.4 or newer!")

-from OpenSSL import crypto
 from twisted.internet import reactor
 from twisted.internet.endpoints import TCP4ServerEndpoint, TCP6ServerEndpoint