bypass ssl security while fetching invalid https url

This commit is contained in:
Carl Chenet 2019-12-25 23:27:44 +01:00
parent bae51858e6
commit 15415e369a
6 changed files with 54 additions and 4 deletions

View file

@ -44,6 +44,7 @@ In order to configure Feed2toot, you need to create a feed2toot.ini file (or any
title_pattern=Open Source
title_pattern_case_sensitive=true
no_uri_pattern_no_global_pattern=true
; ignore_ssl=false
[hashtaglist]
several_words_hashtags_list=/etc/feed2toot/hashtags.txt
@ -85,6 +86,7 @@ For the [rss] section:
- {one field of the rss feed}_pattern_case_sensitive: either the pattern matching for the specified field should be case sensitive or not. Default to true if not specified.
- no_uri_pattern_no_global_pattern: don't apply global pattern (see above) when no pattern-by-uri is defined in the uri_list. Allows to get all entries of a rss in the uri_list because no pattern is defined so we match them all. Defaults to false, meaning the global patterns will be tried on every rss in the uri_list NOT HAVING specific patterns and so ONLY entries from the specific uri in the uri_list matching the global patterns will be considered.
addtags: add the tags from the rss feed at the end of the toot. Defaults to true.
- ignore_ssl: when the uri or uri_list contains an https url with an invalid certificate (e.g an expired one), feed2toot will be unable to get rss content. This option allows to bypass the ssl security to catch the rss content. Defaults to false.
For the [hashtaglist] section:

View file

@ -50,6 +50,9 @@ class CliParse:
parser.add_argument('-a', '--all', action='store_true', default=False,
dest='all',
help='tweet all RSS items, regardless of cache')
parser.add_argument('--ignore-ssl', action='store_true', default=False,
dest='ignore_ssl',
help='ignore ssl errors while fetching rss feeds')
parser.add_argument('-l', '--limit', dest='limit', default=10, type=int,
help='tweet only LIMIT items (default: %(default)s)')
parser.add_argument('-t', '--lock-timeout', dest='locktimeout', default=3600, type=int,

View file

@ -34,6 +34,7 @@ from feed2toot.confparsers.feedparser import parsefeedparser
from feed2toot.confparsers.lock import parselock
from feed2toot.confparsers.media import parsemedia
from feed2toot.confparsers.plugins import parseplugins
from feed2toot.confparsers.rss.ignoressl import parseignoressl
from feed2toot.confparsers.rss.pattern import parsepattern
from feed2toot.confparsers.rss.toot import parsetoot
from feed2toot.confparsers.rss.uri import parseuri
@ -78,15 +79,19 @@ class ConfParse:
# addtags option, default: True
###############################
options['addtags'] = parseaddtags(config)
###################
# ignore_ssl option
###################
ignore_ssl = parseignoressl(config, self.clioptions.ignore_ssl)
#################
# uri_list option
#################
feeds = []
feeds = parseurilist(config, accept_bozo_exceptions)
feeds = parseurilist(config, accept_bozo_exceptions, ignore_ssl)
############
# uri option
############
options['rss_uri'], feed, feedname, options['nopatternurinoglobalpattern'] = parseuri(config, self.clioptions.rss_uri, feeds)
options['rss_uri'], feed, feedname, options['nopatternurinoglobalpattern'] = parseuri(config, self.clioptions.rss_uri, feeds, ignore_ssl)
###########################
# the cache section
###########################

View file

@ -0,0 +1,30 @@
# -*- coding: utf-8 -*-
# Copyright © 2015-2019 Carl Chenet <carl.chenet@ohmytux.com>
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/
# Get values of the ignoressl option of the rss section
'''Get values of the ignoressl option of the rss section'''
# standard library imports
import ssl
def parseignoressl(config, ignore_ssl_from_cli):
'''Parse configuration values and get values of the feedparser section'''
section = 'rss'
option = 'ignore_ssl'
if config.has_option(section, option):
ignoressl = config.getboolean(section, option)
else:
ignoressl = ignore_ssl_from_cli
return ignoressl

View file

@ -18,10 +18,11 @@
# standard library imports
import feedparser
import ssl
import sys
import re
def parseuri(config, clioption, feeds):
def parseuri(config, clioption, feeds, ignoressl):
'''Parse configuration value of the uri option of the rss section'''
rssuri = ''
feedname =''
@ -48,6 +49,10 @@ def parseuri(config, clioption, feeds):
sys.exit('{confoption} parameter in the [{section}] section of the configuration file is mandatory. Exiting.'.format(section=section, confoption=confoption))
else:
rssuri = clioption
# ignore ssl if asked
if ignoressl:
if hasattr(ssl, '_create_unverified_context'):
ssl._create_default_https_context = ssl._create_unverified_context
# get the rss feed for rss parameter of [rss] section
feed = feedparser.parse(rssuri)
if not feed:

View file

@ -20,10 +20,11 @@
import feedparser
import logging
import os.path
import ssl
import sys
import re
def parseurilist(config, accept_bozo_exceptions):
def parseurilist(config, accept_bozo_exceptions, ignoressl):
'''Parse configuration value of the uri_list option of the rss section'''
bozoexception = False
feeds = []
@ -62,6 +63,10 @@ def parseurilist(config, accept_bozo_exceptions):
patternstring = ''
# split different searched patterns
patterns = [i for i in patternstring.split(stringsep) if i]
# ignore ssl if asked
if ignoressl:
if hasattr(ssl, '_create_unverified_context'):
ssl._create_default_https_context = ssl._create_unverified_context
# retrieve the content of the rss
feed = feedparser.parse(rss)
if 'bozo_exception' in feed: