def invalid_cert(self, pem_cert):
der_cert = ssl.PEM_cert_to_DER_cert(pem_cert)
try:
cert.verify('talk.google.com', der_cert)
logging.debug("CERT: Found GTalk certificate")
except cert.CertificateError as err:
log.error(err.message)
self.disconnect(send_close=False)
def invalid_cert(self, pem_cert):
der_cert = ssl.PEM_cert_to_DER_cert(pem_cert)
try:
cert.verify('talk.google.com', der_cert)
print "CERT: Found GTalk certificate"
except cert.CertificateError as err:
print err.message, " : ", traceback.format_exc()
self.disconnect(send_close=False)
def invalid_cert(self, pem_cert):
der_cert = ssl.PEM_cert_to_DER_cert(pem_cert)
try:
cert.verify('talk.google.com', der_cert)
print "CERT: Found GTalk certificate"
except cert.CertificateError as err:
print err.message, " : ", traceback.format_exc()
self.disconnect(send_close=False)
def invalid_cert(self, pem_cert):
der_cert = ssl.PEM_cert_to_DER_cert(pem_cert)
try:
cert.verify('talk.google.com', der_cert)
logging.debug("CERT: Found GTalk certificate")
except cert.CertificateError as err:
log.error(err.message)
self.disconnect(send_close=False)
def verify_cert(self, pem_cert):
"""Verify that certificate originates from Google."""
der_cert = ssl.PEM_cert_to_DER_cert(pem_cert)
try:
cert.verify('talk.google.com', der_cert)
logging.debug('Found Hangouts certificate.')
except cert.CertificateError as err:
logging.error(err)
self.disconnect(send_close=False)
def ssl_invalid_cert(self, pem_cert):
# Source: https://github.com/poezio/slixmpp/blob/master/examples/gtalk_custom_domain.py
der_cert = ssl.PEM_cert_to_DER_cert(pem_cert)
try:
cert.verify('talk.google.com', der_cert)
self.logger.info("found GTalk certificate")
except cert.CertificateError as err:
self.logger.error(err.message)
self.disconnect(send_close=False)
def ssl_invalid_cert(self, pem_cert):
# Source: https://github.com/poezio/slixmpp/blob/master/examples/gtalk_custom_domain.py
der_cert = ssl.PEM_cert_to_DER_cert(pem_cert)
try:
cert.verify('talk.google.com', der_cert)
self.logger.info("found GTalk certificate")
except cert.CertificateError as err:
self.logger.error(err.message)
self.disconnect(send_close=False)
def invalid_cert(self, pem_cert):
""" PEM certification is used to verify the identity of a web site to avoid certain kinds of
network hacking attacks.
For this to work you may need to install extra non-standard Python modules.
"""
print "Got invalid certificate error"
der_cert = ssl.PEM_cert_to_DER_cert(pem_cert)
try:
print "Try using talk.google.com certificate"
cert.verify('talk.google.com', der_cert)
logging.debug("CERT: Found GTalk certificate")
except cert.CertificateError as err:
log.error(err.message)
self.disconnect(send_close=False)
def invalid_cert(self, pem_cert):
""" PEM certification is used to verify the identity of a web site to avoid certain kinds of
network hacking attacks.
For this to work you may need to install extra non-standard Python modules.
"""
print "Got invalid certificate error"
der_cert = ssl.PEM_cert_to_DER_cert(pem_cert)
try:
print "Try using talk.google.com certificate"
cert.verify('talk.google.com', der_cert)
logging.debug("CERT: Found GTalk certificate")
except cert.CertificateError as err:
log.error(err.message)
self.disconnect(send_close=False)
def invalid_cert(self, pem_cert):
""" PEM certification is used to verify the identity of a web site to avoid certain kinds of
network hacking attacks. This kind of network security is not required for the COMP 206 assignment, but we
support it just in case you want to use this code in the future. For this to work
you may need to install extra non-standard Python modules.
"""
print "Got invalid certificate error"
der_cert = ssl.PEM_cert_to_DER_cert(pem_cert)
try:
print "Try using talk.google.com certificate"
cert.verify('talk.google.com', der_cert)
logging.debug("CERT: Found GTalk certificate")
except cert.CertificateError as err:
log.error(err.message)
self.disconnect(send_close=False)
def invalid_cert(self, pem_cert):
""" PEM certification is used to verify the identity of a web site to avoid certain kinds of
network hacking attacks. This kind of network security is not required for the COMP 206 assignment, but we
support it just in case you want to use this code in the future. For this to work
you may need to install extra non-standard Python modules.
"""
print "Got invalid certificate error"
der_cert = ssl.PEM_cert_to_DER_cert(pem_cert)
try:
print "Try using talk.google.com certificate"
cert.verify('talk.google.com', der_cert)
logging.debug("CERT: Found GTalk certificate")
except cert.CertificateError as err:
log.error(err.message)
self.disconnect(send_close=False)
def verify_gtalk_cert(xmpp_client):
"""
Hack specific for google apps domains with SRV entries.
It needs to fid the SSL certificate of google and not the one for your domain
"""
hosts = resolver.get_SRV(xmpp_client.boundjid.server,
5222,
xmpp_client.dns_service,
resolver=resolver.default_resolver())
it_is_google = False
for host, _ in hosts:
if host.lower().find('google.com') > -1:
it_is_google = True
if it_is_google:
raw_cert = xmpp_client.socket.getpeercert(binary_form=True)
try:
if cert.verify('talk.google.com', raw_cert):
logging.info('google cert found for %s',
xmpp_client.boundjid.server)
return
except cert.CertificateError:
pass
logging.error("invalid cert received for %s", xmpp_client.boundjid.server)
def ssl_invalid_cert(self, raw_cert):
"""Handle an invalid certificate from the Jabber server
This may happen if the domain is using Google Apps
for their XMPP server and the XMPP server."""
hosts = resolver.get_SRV(self.boundjid.server,
5222,
'xmpp-client',
resolver=resolver.default_resolver())
domain_uses_google = False
for host, _ in hosts:
if host.lower()[-10:] == 'google.com':
domain_uses_google = True
if domain_uses_google:
try:
if cert.verify('talk.google.com',
ssl.PEM_cert_to_DER_cert(raw_cert)):
logging.debug('Google certificate found for %s',
self.boundjid.server)
return
except cert.CertificateError:
pass
logging.error("Invalid certificate received for %s",
self.boundjid.server)
self.disconnect()
def verify_gtalk_cert(self, raw_cert):
hosts = resolver.get_SRV(self.boundjid.server, 5222,
self.dns_service,
resolver=resolver.default_resolver())
it_is_google = False
for host, _ in hosts:
if host.lower().find('google.com') > -1:
it_is_google = True
if it_is_google:
try:
if cert.verify('talk.google.com', ssl.PEM_cert_to_DER_cert(raw_cert)):
logging.info('google cert found for %s',
self.boundjid.server)
return
except cert.CertificateError:
pass
logging.error("invalid cert received for %s",
self.boundjid.server)
def verify_gtalk_cert(self, raw_cert):
hosts = resolver.get_SRV(self.boundjid.server,
5222,
self.dns_service,
resolver=resolver.default_resolver())
it_is_google = False
for host, _ in hosts:
if host.lower().find('google.com') > -1:
it_is_google = True
if it_is_google:
try:
if cert.verify('talk.google.com',
ssl.PEM_cert_to_DER_cert(raw_cert)):
logging.info('google cert found for %s',
self.boundjid.server)
return
except cert.CertificateError:
pass
logging.error("invalid cert received for %s", self.boundjid.server)
def ssl_invalid_cert(self, raw_cert):
"""Handle an invalid certificate from the Jabber server
This may happen if the domain is using Google Apps
for their XMPP server and the XMPP server."""
hosts = resolver.get_SRV(self.boundjid.server, 5222,
'xmpp-client',
resolver=resolver.default_resolver())
domain_uses_google = False
for host, _ in hosts:
if host.lower()[-10:] == 'google.com':
domain_uses_google = True
if domain_uses_google:
try:
if cert.verify('talk.google.com', ssl.PEM_cert_to_DER_cert(raw_cert)):
logging.debug('Google certificate found for %s', self.boundjid.server)
return
except cert.CertificateError:
pass
logging.error("Invalid certificate received for %s", self.boundjid.server)
self.disconnect()
def verify_gtalk_cert(xmpp_client):
"""
Hack specific for google apps domains with SRV entries.
It needs to fid the SSL certificate of google and not the one for your domain
"""
hosts = resolver.get_SRV(xmpp_client.boundjid.server, 5222,
xmpp_client.dns_service,
resolver=resolver.default_resolver())
it_is_google = False
for host, _ in hosts:
if host.lower().find('google.com') > -1:
it_is_google = True
if it_is_google:
raw_cert = xmpp_client.socket.getpeercert(binary_form=True)
try:
if cert.verify('talk.google.com', raw_cert):
log.info('google cert found for %s', xmpp_client.boundjid.server)
return
except cert.CertificateError:
pass
log.error("invalid cert received for %s", xmpp_client.boundjid.server)