Philipp Hörist pushed to branch master at gajim / python-nbxmpp
Commits:
13e0e3b6 by Philipp Hörist at 2023-05-26T22:21:50+02:00
fix: Websocket: Always set peer certificate
- - - - -
1 changed file:
- nbxmpp/websocket.py
Changes:
=====================================
nbxmpp/websocket.py
=====================================
@@ -52,6 +52,8 @@ class WebsocketConnection(Connection):
message = Soup.Message.new('GET', self._address.uri)
message.connect('accept-certificate', self._check_certificate)
+ message.connect('notify::tls-peer-certificate',
+ self._on_certificate_set)
message.set_flags(Soup.MessageFlags.NO_REDIRECT)
self._session.websocket_connect_async(message,
None,
@@ -105,6 +107,15 @@ class WebsocketConnection(Connection):
self._cancellable.cancel()
return False
+ def _on_certificate_set(self, message, _param):
+ if self._peer_certificate is not None:
+ return
+
+ # If the cert has errors _check_certificate() will set the cert.
+ self._peer_certificate = message.props.tls_peer_certificate
+ self._peer_certificate_errors = convert_tls_error_flags(
+ message.props.tls_peer_certificate_errors)
+
def _on_websocket_message(self, _websocket, _type, message):
data = message.get_data().decode()
self._log_stanza(data)
View it on GitLab:
https://dev.gajim.org/gajim/python-nbxmpp/-/commit/13e0e3b68135d7af25de12cf6e8f472db030542d
--
View it on GitLab:
https://dev.gajim.org/gajim/python-nbxmpp/-/commit/13e0e3b68135d7af25de12cf6e8f472db030542d
You're receiving this email because of your account on dev.gajim.org.
_______________________________________________
Commits mailing list
[email protected]
https://lists.gajim.org/cgi-bin/listinfo/commits
