Queer European MD passionate about IT
Эх сурвалжийг харах

Serious bug silently bypassing SSL context fixed. Previous versions do not really support SSL!

Davte 5 жил өмнө
parent
commit
54e5e0fc3b

+ 1 - 1
filebridging/__init__.py

@@ -13,6 +13,6 @@ __author__ = "Davide Testa"
 __email__ = "davide@davte.it"
 __credits__ = []
 __license__ = "GNU General Public License v3.0"
-__version__ = "0.0.3"
+__version__ = "0.0.4"
 __maintainer__ = "Davide Testa"
 __contact__ = "t.me/davte"

+ 7 - 3
filebridging/client.py

@@ -59,7 +59,6 @@ class Client:
         self._working = False
         self._token = token
         self._password = password
-        self._ssl_context = None
         self._encryption_complete = False
         self._file_name = None
         self._file_size = None
@@ -199,11 +198,16 @@ class Client:
                 reader, writer = await asyncio.open_connection(
                     host=self.host,
                     port=self.port,
-                    ssl=self.ssl_context
+                    ssl=self.ssl_context,
+                    ssl_handshake_timeout=5
                 )
-            except (ConnectionRefusedError, ConnectionResetError) as exception:
+            except (ConnectionRefusedError, ConnectionResetError,
+                    ConnectionAbortedError) as exception:
                 logging.error(f"Connection error: {exception}")
                 return
+            except ssl.SSLCertVerificationError as exception:
+                logging.error(f"SSL error: {exception}")
+                return
             await self.connect(reader=reader, writer=writer)
 
     async def _connect(self, reader: asyncio.StreamReader,

+ 5 - 2
filebridging/server.py

@@ -33,7 +33,6 @@ class Server:
         self._buffer_length_limit = buffer_length_limit
         self._working = False
         self._server = None
-        self._ssl_context = None
 
     @property
     def host(self) -> str:
@@ -130,7 +129,11 @@ class Server:
         Decide whether client is sender or receiver and start transmission.
         """
         client_hello = await reader.readline()
-        client_hello = client_hello.decode('utf-8').strip('\n').split('|')
+        try:
+            client_hello = client_hello.decode('utf-8').strip('\n').split('|')
+        except UnicodeDecodeError:
+            logging.error("Invalid client hello.")
+            return
         if len(client_hello) != 4:
             await self.refuse_connection(writer=writer,
                                          message="Invalid client_hello!")