commit 1b2af9b8f0bbbfe22b8ee5c4c361f2535509987c Author: juga0 <juga@riseup.net> Date: Fri Dec 14 14:02:11 2018 +0000 config: stop allowing http servers without tls Destinations' Web servers must support TLS to avoid contents cache. Fixes bug #28789. Bugfix v0.2.0. --- sbws/lib/destination.py | 3 --- sbws/util/config.py | 10 +++++++--- tests/integration/conftest.py | 3 +++ tests/unit/util/test_config.py | 11 +++++++---- 4 files changed, 17 insertions(+), 10 deletions(-) diff --git a/sbws/lib/destination.py b/sbws/lib/destination.py index 1b4c192..ee67cd2 100644 --- a/sbws/lib/destination.py +++ b/sbws/lib/destination.py @@ -98,9 +98,6 @@ class Destination: def __init__(self, url, max_dl, verify): self._max_dl = max_dl u = urlparse(url) - # these things should have been verified in verify_config - assert u.scheme in ['http', 'https'] - assert u.netloc self._url = u self._verify = verify diff --git a/sbws/util/config.py b/sbws/util/config.py index 67ec0e0..1aaff53 100644 --- a/sbws/util/config.py +++ b/sbws/util/config.py @@ -516,12 +516,16 @@ def _validate_enum(section, key, choices): def _validate_url(section, key): value = section[key] - if not value.startswith(('http://', 'https://')): - return False, 'Must start with http:// or https://' url = urlparse(value) - assert url.scheme in ['http', 'https'] if not url.netloc: return False, 'Does not appear to contain a hostname' + # It should be possible to have an URL that starts by http:// that uses + # TLS,but python requests is just checking the scheme starts by https + # when verifying certificate: + # https://github.com/requests/requests/blob/master/requests/adapters.py#L215 # noqa + # When the scheme is https but the protocol is not TLS, requests will hang. + if url.scheme != 'https' and not url.netloc.startswith('127.0.0.1'): + return False, 'URL scheme must be HTTPS (except for the test server)' return True, '' diff --git a/tests/integration/conftest.py b/tests/integration/conftest.py index 7e1b727..b1312d9 100644 --- a/tests/integration/conftest.py +++ b/tests/integration/conftest.py @@ -72,6 +72,9 @@ def conf(sbwshome_dir): conf['tor']['run_dpath'] = os.path.join(sbwshome_dir, 'tor', 'run') conf['destinations']['foo'] = 'on' conf['destinations.foo'] = {} + # The test server is not using TLS. Ideally it should also support TLS + # If the url would start with https but the request is not using TLS, + # the request would hang. conf['destinations.foo']['url'] = 'http://127.0.0.1:28888/sbws.bin' conf['tor']['extra_lines'] = """ # noqa: E501 DirAuthority auth1 orport=2002 no-v2 v3ident=D7DBC517EFD2BA1A5012CF1BD0BB38F17C8160BD 127.10.0.1:2003 AA45C13025C037F056E734169891878ED0880231 diff --git a/tests/unit/util/test_config.py b/tests/unit/util/test_config.py index e3aba98..e1ce169 100644 --- a/tests/unit/util/test_config.py +++ b/tests/unit/util/test_config.py @@ -190,14 +190,17 @@ def test_validate_bool(): def test_validate_url(): goods = [ - 'http://example.com', 'http://example.com/', - 'http://example.com/foo.bar', - 'http://example.com/foo/bar', - 'http://user@example.com', + 'https://example.com', 'https://example.com/', + 'https://example.com/foo.bar', + 'https://example.com/foo/bar', + 'https://user@example.com', + 'https://48.290.983.123:4443', + 'http://127.0.0.1:8000' ] bads = [ 'ftp://example.com/foo.bar', 'http://', 'http:///', + 'http://example.com', ] for val in goods: d = {'': val}