sjs/vdirsyncer
1
0
Fork 0
mirror of https://github.com/samsonjs/vdirsyncer.git synced 2026-04-27 14:57:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #104 from untitaker/revert-102-tls_fingerprints

Browse source 
Revert "Tls fingerprints"
This commit is contained in:
Markus Unterwaditzer 2014-08-20 18:39:11 +02:00
commit d30437b8fe
6 changed files with 13 additions and 46 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
AUTHORS.rst
View file

@ -7,4 +7,3 @@ In alphabetical order:
- Clément Mondon - Clément Mondon
- Julian Mehne - Julian Mehne
- Markus Unterwaditzer - Markus Unterwaditzer
- Thomas Weißschuh

2
CONTRIBUTING.rst
View file

@ -20,6 +20,6 @@
* But not because you wrote too few tests. * But not because you wrote too few tests.
* Add yourself to ``AUTHORS.rst``. Don't add anything to * Add yourself to ``CONTRIBUTORS.rst``. Don't add anything to
``CHANGELOG.rst``, I do that myself shortly before the release. You can ``CHANGELOG.rst``, I do that myself shortly before the release. You can
help by writing meaningful commit messages. help by writing meaningful commit messages.

4
tests/storage/test_http.py
View file

@ -41,7 +41,7 @@ def test_list(monkeypatch):
u'\n'.join([u'BEGIN:VCALENDAR'] + items + [u'END:VCALENDAR']) u'\n'.join([u'BEGIN:VCALENDAR'] + items + [u'END:VCALENDAR'])
] * 2 ] * 2
def get(self, method, url, *a, **kw): def get(method, url, *a, **kw):
assert method == 'GET' assert method == 'GET'
assert url == collection_url assert url == collection_url
r = Response() r = Response()
@ -52,7 +52,7 @@ def test_list(monkeypatch):
r.encoding = 'ISO-8859-1' r.encoding = 'ISO-8859-1'
return r return r
monkeypatch.setattr('requests.sessions.Session.request', get) monkeypatch.setattr('requests.request', get)
s = HttpStorage(url=collection_url) s = HttpStorage(url=collection_url)

15
vdirsyncer/storage/dav.py
View file

@ -162,14 +162,13 @@ class DavSession(object):
''' '''
def __init__(self, url, username='', password='', verify=True, auth=None, def __init__(self, url, username='', password='', verify=True, auth=None,
useragent=USERAGENT, tls_fingerprint=None, dav_header=None): useragent=USERAGENT, dav_header=None):
if username and not password: if username and not password:
password = utils.get_password(username, url) password = utils.get_password(username, url)
self._settings = { self._settings = {
'verify': prepare_verify(verify), 'verify': prepare_verify(verify),
'auth': prepare_auth(auth, username, password), 'auth': prepare_auth(auth, username, password)
'tls_fingerprint': tls_fingerprint,
} }
self.useragent = useragent self.useragent = useragent
self.url = url.rstrip('/') + '/' self.url = url.rstrip('/') + '/'
@ -223,8 +222,6 @@ class DavStorage(Storage):
:param password: Password for authentication. :param password: Password for authentication.
:param verify: Verify SSL certificate, default True. This can also be a :param verify: Verify SSL certificate, default True. This can also be a
local path to a self-signed SSL certificate. local path to a self-signed SSL certificate.
:param tls_fingerprint: Optional. SHA1 or MD5 fingerprint of the
expected server certificate.
:param auth: Optional. Either ``basic``, ``digest`` or ``guess``. Default :param auth: Optional. Either ``basic``, ``digest`` or ``guess``. Default
``guess``. If you know yours, consider setting it explicitly for ``guess``. If you know yours, consider setting it explicitly for
performance. performance.
@ -251,15 +248,14 @@ class DavStorage(Storage):
def __init__(self, url, username='', password='', collection=None, def __init__(self, url, username='', password='', collection=None,
verify=True, auth=None, useragent=USERAGENT, verify=True, auth=None, useragent=USERAGENT,
unsafe_href_chars='@', tls_fingerprint=None, **kwargs): unsafe_href_chars='@', **kwargs):
super(DavStorage, self).__init__(**kwargs) super(DavStorage, self).__init__(**kwargs)
url = url.rstrip('/') + '/' url = url.rstrip('/') + '/'
if collection is not None: if collection is not None:
url = utils.urlparse.urljoin(url, collection) url = utils.urlparse.urljoin(url, collection)
self.session = DavSession(url, username, password, verify, auth, self.session = DavSession(url, username, password, verify, auth,
useragent, tls_fingerprint, useragent, dav_header=self.dav_header)
dav_header=self.dav_header)
self.collection = collection self.collection = collection
self.unsafe_href_chars = unsafe_href_chars self.unsafe_href_chars = unsafe_href_chars
@ -272,8 +268,7 @@ class DavStorage(Storage):
if kwargs.pop('collection', None) is not None: if kwargs.pop('collection', None) is not None:
raise TypeError('collection argument must not be given.') raise TypeError('collection argument must not be given.')
discover_args, _ = utils.split_dict(kwargs, lambda key: key in ( discover_args, _ = utils.split_dict(kwargs, lambda key: key in (
'username', 'password', 'verify', 'auth', 'useragent', 'username', 'password', 'verify', 'auth', 'useragent'
'tls_fingerprint',
)) ))
d = cls.discovery_class(DavSession( d = cls.discovery_class(DavSession(
url=url, dav_header=cls.dav_header, **discover_args)) url=url, dav_header=cls.dav_header, **discover_args))

6
vdirsyncer/storage/http.py
View file

@ -54,8 +54,6 @@ class HttpStorage(Storage):
:param password: Password for authentication. :param password: Password for authentication.
:param verify: Verify SSL certificate, default True. This can also be a :param verify: Verify SSL certificate, default True. This can also be a
local path to a self-signed SSL certificate. local path to a self-signed SSL certificate.
:param tls_fingerprint: Optional. SHA1 or MD5 fingerprint of the
expected server certificate.
:param auth: Optional. Either ``basic``, ``digest`` or ``guess``. Default :param auth: Optional. Either ``basic``, ``digest`` or ``guess``. Default
``guess``. If you know yours, consider setting it explicitly for ``guess``. If you know yours, consider setting it explicitly for
performance. performance.
@ -83,8 +81,7 @@ class HttpStorage(Storage):
_items = None _items = None
def __init__(self, url, username='', password='', collection=None, def __init__(self, url, username='', password='', collection=None,
verify=True, auth=None, useragent=USERAGENT, verify=True, auth=None, useragent=USERAGENT, **kwargs):
tls_fingerprint=None, **kwargs):
super(HttpStorage, self).__init__(**kwargs) super(HttpStorage, self).__init__(**kwargs)
if username and not password: if username and not password:
@ -92,7 +89,6 @@ class HttpStorage(Storage):
self._settings = { self._settings = {
'verify': prepare_verify(verify), 'verify': prepare_verify(verify),
'tls_fingerprint': tls_fingerprint,
'auth': prepare_auth(auth, username, password), 'auth': prepare_auth(auth, username, password),
'latin1_fallback': False 'latin1_fallback': False
} }

31
vdirsyncer/utils/__init__.py
View file

@ -10,7 +10,6 @@
import os import os
import requests import requests
from requests.packages.urllib3.poolmanager import PoolManager
from .. import exceptions, log from .. import exceptions, log
from ..doubleclick import click from ..doubleclick import click
@ -178,23 +177,8 @@ def _password_from_keyring(username, resource):
key = new_key key = new_key
class _FingerprintAdapter(requests.adapters.HTTPAdapter):
def __init__(self, fingerprint=None, **kwargs):
self.fingerprint = str(fingerprint)
super(_FingerprintAdapter, self).__init__(**kwargs)
def send(self, *args, **kwargs):
return super(_FingerprintAdapter, self).send(*args, **kwargs)
def init_poolmanager(self, connections, maxsize, block=False):
self.poolmanager = PoolManager(num_pools=connections,
maxsize=maxsize,
block=block,
assert_fingerprint=self.fingerprint)
def request(method, url, data=None, headers=None, auth=None, verify=None, def request(method, url, data=None, headers=None, auth=None, verify=None,
session=None, latin1_fallback=True, tls_fingerprint=None): session=None, latin1_fallback=True):
''' '''
Wrapper method for requests, to ease logging and mocking. Parameters should Wrapper method for requests, to ease logging and mocking. Parameters should
be the same as for ``requests.request``, except: be the same as for ``requests.request``, except:
@ -209,16 +193,9 @@ def request(method, url, data=None, headers=None, auth=None, verify=None,
''' '''
if session is None: if session is None:
session = requests.Session() func = requests.request
else:
if tls_fingerprint is not None: func = session.request
https_prefix = 'https://'
if not isinstance(session.adapters[https_prefix], _FingerprintAdapter):
fingerprint_adapter = _FingerprintAdapter(tls_fingerprint)
session.mount(https_prefix, fingerprint_adapter)
func = session.request
logger.debug(u'{} {}'.format(method, url)) logger.debug(u'{} {}'.format(method, url))
logger.debug(headers) logger.debug(headers)