From a939f5048086a01fc3e329af01d01dddf55d474c Mon Sep 17 00:00:00 2001 From: black-sliver <59490463+black-sliver@users.noreply.github.com> Date: Thu, 22 Jun 2023 00:01:41 +0200 Subject: [PATCH] Clients: use certifi (#1879) * Clients: use certifi for wss On Windows, the local cert store might be outdated and refuse connection to some servers. * Clients: lazily create ssl_context --- CommonClient.py | 11 ++++++++++- requirements.txt | 1 + 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/CommonClient.py b/CommonClient.py index 87fa59cbf2c9..045cfba45625 100644 --- a/CommonClient.py +++ b/CommonClient.py @@ -23,6 +23,7 @@ from Utils import Version, stream_input, async_start from worlds import network_data_package, AutoWorldRegister import os +import ssl if typing.TYPE_CHECKING: import kvui @@ -33,6 +34,12 @@ gui_enabled = not sys.stdout or "--nogui" not in sys.argv +@Utils.cache_argsless +def get_ssl_context(): + import certifi + return ssl.create_default_context(ssl.Purpose.SERVER_AUTH, cafile=certifi.where()) + + class ClientCommandProcessor(CommandProcessor): def __init__(self, ctx: CommonContext): self.ctx = ctx @@ -589,7 +596,8 @@ def reconnect_hint() -> str: logger.info(f'Connecting to Archipelago server at {address}') try: - socket = await websockets.connect(address, port=port, ping_timeout=None, ping_interval=None) + socket = await websockets.connect(address, port=port, ping_timeout=None, ping_interval=None, + ssl=get_ssl_context() if address.startswith("wss://") else None) if ctx.ui is not None: ctx.ui.update_address_bar(server_url.netloc) ctx.server = Endpoint(socket) @@ -604,6 +612,7 @@ def reconnect_hint() -> str: except websockets.InvalidMessage: # probably encrypted if address.startswith("ws://"): + # try wss await server_loop(ctx, "ws" + address[1:]) else: ctx.handle_connection_loss(f"Lost connection to the multiworld server due to InvalidMessage" diff --git a/requirements.txt b/requirements.txt index a082728f4553..463a298d3931 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,3 +7,4 @@ schema>=0.7.5 kivy>=2.2.0 bsdiff4>=1.2.3 platformdirs>=3.5.1 +certifi>=2023.5.7