Mikaela/Limnoria
1
0
Fork 0
mirror of https://github.com/Mikaela/Limnoria.git synced 2024-11-25 12:19:24 +01:00
Code Issues Projects Releases Wiki Activity

Socket: Fix crash non-TLS connections when using a SOCKS proxy

Browse Source
This commit is contained in:
Valentin Lorentz 2021-05-27 01:08:33 +02:00
parent 3bedc86479
commit 711db72ad0
1 changed files with 16 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/drivers/Socket.py
View File

@ -42,11 +42,7 @@ import threading
import select import select
import socket import socket
try: import ipaddress
import ipaddress # Python >= 3.3 or backported ipaddress
except ImportError:
# Python < 3.3
ipaddress = None
from .. import (conf, drivers, log, utils, world) from .. import (conf, drivers, log, utils, world)
from ..utils import minisix from ..utils import minisix
@ -314,14 +310,21 @@ class SocketDriver(drivers.IrcDriver, drivers.ServersMixin):
address = address.decode('utf-8') address = address.decode('utf-8')
elif (not network_config.requireStarttls()) and \ elif (not network_config.requireStarttls()) and \
(not network_config.ssl()) and \ (not network_config.ssl()) and \
(not self.currentServer.force_tls_verification) and \ (not self.currentServer.force_tls_verification):
(ipaddress is None or not ipaddress.ip_address(address).is_loopback):
drivers.log.warning(('Connection to network %s ' try:
'does not use SSL/TLS, which makes it vulnerable to ' is_loopback = ipaddress.ip_address(address).is_loopback
'man-in-the-middle attacks and passive eavesdropping. ' except ValueError:
'You should consider upgrading your connection to SSL/TLS ' # address is a hostname, eg. because we're using a SOCKS
'<http://docs.limnoria.net/en/latest/use/faq.html#how-to-make-a-connection-secure>') # proxy
% self.irc.network) is_loopback = False
if not is_loopback:
drivers.log.warning(('Connection to network %s '
'does not use SSL/TLS, which makes it vulnerable to '
'man-in-the-middle attacks and passive eavesdropping. '
'You should consider upgrading your connection to SSL/TLS '
'<http://docs.limnoria.net/en/latest/use/faq.html#how-to-make-a-connection-secure>')
% self.irc.network)
conf.supybot.drivers.poll.addCallback(self.setTimeout) conf.supybot.drivers.poll.addCallback(self.setTimeout)
self.setTimeout() self.setTimeout()