Rezzect/syncplay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

startTLS: avoid retrying TLS connection if hostname is an IP address

Browse Source
This commit is contained in:
Alberto Sottile 2019-02-04 17:50:07 +01:00
parent cecd992fa8
commit 09b035e57d
3 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
syncplay/client.py
View File

@ -706,10 +706,14 @@ class SyncplayClient(object):
if '[' in host: if '[' in host:
host = host.strip('[]') host = host.strip('[]')
port = int(port) port = int(port)
with open('cert/server.crt') as cert_file:
trust_root = Certificate.loadPEM(cert_file.read())
self._endpoint = HostnameEndpoint(reactor, host, port) self._endpoint = HostnameEndpoint(reactor, host, port)
self.protocolFactory.options = optionsForClientTLS(hostname=host, trustRoot = trust_root) try:
with open('cert/server.crt') as cert_file:
trust_root = Certificate.loadPEM(cert_file.read())
self.protocolFactory.options = optionsForClientTLS(hostname=host, trustRoot = trust_root)
except Exception as e:
self.protocolFactory.options = None
self._serverSupportsTLS = False
def retry(retries): def retry(retries):
self._lastGlobalUpdate = None self._lastGlobalUpdate = None

7
syncplay/protocols.py
View File

@ -78,9 +78,15 @@ class SyncClientProtocol(JSONCommandProtocol):
self.sendTLS({"startTLS": "send"}) self.sendTLS({"startTLS": "send"})
self._client.ui.showMessage("Attempting secure connection") self._client.ui.showMessage("Attempting secure connection")
else: else:
self._client.ui.showErrorMessage("This server does not support TLS")
self.sendHello() self.sendHello()
def connectionLost(self, reason): def connectionLost(self, reason):
try:
if "Invalid DNS-ID" in str(reason.value):
self._client._serverSupportsTLS = False
except:
pass
self._client.destroyProtocol() self._client.destroyProtocol()
def dropWithError(self, error): def dropWithError(self, error):
@ -303,7 +309,6 @@ class SyncClientProtocol(JSONCommandProtocol):
def handleError(self, error): def handleError(self, error):
if "startTLS" in error["message"] and not self.logged: if "startTLS" in error["message"] and not self.logged:
self._client.ui.showErrorMessage("This server does not support TLS")
self._client._serverSupportsTLS = False self._client._serverSupportsTLS = False
else: else:
self.dropWithError(error["message"]) self.dropWithError(error["message"])

1
syncplayServer.py
View File

@ -13,7 +13,6 @@ except AttributeError:
import warnings import warnings
warnings.warn("You must run Syncplay with Python 3.4 or newer!") warnings.warn("You must run Syncplay with Python 3.4 or newer!")
from OpenSSL import crypto
from twisted.internet import reactor from twisted.internet import reactor
from twisted.internet.endpoints import TCP4ServerEndpoint, TCP6ServerEndpoint from twisted.internet.endpoints import TCP4ServerEndpoint, TCP6ServerEndpoint