monorail
/
Archipelago
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Clients: use certifi (#1879) 

* Clients: use certifi for wss

On Windows, the local cert store might be outdated and refuse connection to some servers.

* Clients: lazily create ssl_context
This commit is contained in:
black-sliver 2023-06-22 00:01:41 +02:00 committed by GitHub
parent b04b105bd8
commit a939f50480
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
CommonClient.py
View File

@ -23,6 +23,7 @@ from NetUtils import Endpoint, decode, NetworkItem, encode, JSONtoTextParser, \
from Utils import Version, stream_input, async_start from Utils import Version, stream_input, async_start
from worlds import network_data_package, AutoWorldRegister from worlds import network_data_package, AutoWorldRegister
import os import os
import ssl
if typing.TYPE_CHECKING: if typing.TYPE_CHECKING:
import kvui import kvui
@ -33,6 +34,12 @@ logger = logging.getLogger("Client")
gui_enabled = not sys.stdout or "--nogui" not in sys.argv gui_enabled = not sys.stdout or "--nogui" not in sys.argv
@Utils.cache_argsless
def get_ssl_context():
import certifi
return ssl.create_default_context(ssl.Purpose.SERVER_AUTH, cafile=certifi.where())
class ClientCommandProcessor(CommandProcessor): class ClientCommandProcessor(CommandProcessor):
def __init__(self, ctx: CommonContext): def __init__(self, ctx: CommonContext):
self.ctx = ctx self.ctx = ctx
@ -589,7 +596,8 @@ async def server_loop(ctx: CommonContext, address: typing.Optional[str] = None)
logger.info(f'Connecting to Archipelago server at {address}') logger.info(f'Connecting to Archipelago server at {address}')
try: try:
socket = await websockets.connect(address, port=port, ping_timeout=None, ping_interval=None) socket = await websockets.connect(address, port=port, ping_timeout=None, ping_interval=None,
ssl=get_ssl_context() if address.startswith("wss://") else None)
if ctx.ui is not None: if ctx.ui is not None:
ctx.ui.update_address_bar(server_url.netloc) ctx.ui.update_address_bar(server_url.netloc)
ctx.server = Endpoint(socket) ctx.server = Endpoint(socket)
@ -604,6 +612,7 @@ async def server_loop(ctx: CommonContext, address: typing.Optional[str] = None)
except websockets.InvalidMessage: except websockets.InvalidMessage:
# probably encrypted # probably encrypted
if address.startswith("ws://"): if address.startswith("ws://"):
# try wss
await server_loop(ctx, "ws" + address[1:]) await server_loop(ctx, "ws" + address[1:])
else: else:
ctx.handle_connection_loss(f"Lost connection to the multiworld server due to InvalidMessage" ctx.handle_connection_loss(f"Lost connection to the multiworld server due to InvalidMessage"

1
requirements.txt
View File

@ -7,3 +7,4 @@ schema>=0.7.5
kivy>=2.2.0 kivy>=2.2.0
bsdiff4>=1.2.3 bsdiff4>=1.2.3
platformdirs>=3.5.1 platformdirs>=3.5.1
certifi>=2023.5.7