Rezzect/syncplay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Add error message if SAN doesn't match hostname (#253)

Browse Source 
* Add error message if SAN doesn't match hostname

* Add a better message for the error startTLS-server-certificate-invalid-DNS-ID and add the strings to the other languages
This commit is contained in:
kidburglar 2020-05-17 13:03:39 +02:00 committed by GitHub
parent e831d4c83f
commit fbd474cd8f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
syncplay/messages_de.py
View File

@ -325,6 +325,7 @@ de = {
"startTLS-initiated": "Sichere Verbindung wird versucht",
"startTLS-secure-connection-ok": "Sichere Verbindung hergestellt ({})",
"startTLS-server-certificate-invalid": 'Sichere Verbindung fehlgeschlagen. Der Server benutzt ein ungültiges Sicherheitszertifikat. Der Kanal könnte von Dritten abgehört werden. Für weitere Details und Problemlösung siehe <a href="https://syncplay.pl/trouble">hier</a> [Englisch].',
"startTLS-server-certificate-invalid-DNS-ID": "Syncplay does not trust this server because it uses a certificate that is not valid for its hostname.", # TODO: Translate
"startTLS-not-supported-client": "Dieser Server unterstützt kein TLS",
"startTLS-not-supported-server": "Dieser Server unterstützt kein TLS",

1
syncplay/messages_en.py
View File

@ -326,6 +326,7 @@ en = {
"startTLS-initiated": "Attempting secure connection",
"startTLS-secure-connection-ok": "Secure connection established ({})",
"startTLS-server-certificate-invalid": 'Secure connection failed. The server uses an invalid security certificate. This communication could be intercepted by a third party. For further details and troubleshooting see <a href="https://syncplay.pl/trouble">here</a>.',
"startTLS-server-certificate-invalid-DNS-ID": "Syncplay does not trust this server because it uses a certificate that is not valid for its hostname.",
"startTLS-not-supported-client": "This client does not support TLS",
"startTLS-not-supported-server": "This server does not support TLS",

1
syncplay/messages_es.py
View File

@ -326,6 +326,7 @@ es = {
"startTLS-initiated": "Intentando conexión segura",
"startTLS-secure-connection-ok": "Conexión segura establecida ({})",
"startTLS-server-certificate-invalid": 'Falló la conexión segura. El servidor utiliza un certificado inválido. Esta comunicación podría ser interceptada por un tercero. Para más detalles y solución de problemas, consulta <a href="https://syncplay.pl/trouble">aquí</a>.',
"startTLS-server-certificate-invalid-DNS-ID": "Syncplay does not trust this server because it uses a certificate that is not valid for its hostname.", # TODO: Translate
"startTLS-not-supported-client": "Este cliente no soporta TLS",
"startTLS-not-supported-server": "Este servidor no soporta TLS",

1
syncplay/messages_it.py
View File

@ -326,6 +326,7 @@ it = {
"startTLS-initiated": "Tentativo di connessione sicura in corso",
"startTLS-secure-connection-ok": "Connessione sicura stabilita ({})",
"startTLS-server-certificate-invalid": 'Connessione sicura non riuscita. Il certificato di sicurezza di questo server non è valido. La comunicazione potrebbe essere intercettata da una terza parte. Per ulteriori dettagli e informazioni sulla risoluzione del problema, clicca <a href="https://syncplay.pl/trouble">qui</a>.',
"startTLS-server-certificate-invalid-DNS-ID": "Syncplay does not trust this server because it uses a certificate that is not valid for its hostname.", # TODO: Translate
"startTLS-not-supported-client": "Questo client non supporta TLS",
"startTLS-not-supported-server": "Questo server non supporta TLS",

1
syncplay/messages_ru.py
View File

@ -329,6 +329,7 @@ ru = {
"startTLS-initiated": "Attempting secure connection",
"startTLS-secure-connection-ok": "Secure connection established ({})",
"startTLS-server-certificate-invalid": 'Secure connection failed. The server uses an invalid security certificate. This communication could be intercepted by a third party. For further details and troubleshooting see <a href="https://syncplay.pl/trouble">here</a>.',
"startTLS-server-certificate-invalid-DNS-ID": "Syncplay does not trust this server because it uses a certificate that is not valid for its hostname.",
"startTLS-not-supported-client": "This client does not support TLS",
"startTLS-not-supported-server": "This server does not support TLS",

2
syncplay/protocols.py
View File

@ -99,6 +99,8 @@ class SyncClientProtocol(JSONCommandProtocol):
self._client._clientSupportsTLS = False
elif "certificate verify failed" in str(reason.value):
self.dropWithError(getMessage("startTLS-server-certificate-invalid"))
elif "mismatched_id=DNS_ID" in str(reason.value):
self.dropWithError(getMessage("startTLS-server-certificate-invalid-DNS-ID"))
except:
pass
self._client.destroyProtocol()