From 4dd2c15775735b6cfe177a1d801c20bc4140a5c4 Mon Sep 17 00:00:00 2001 From: Lance Stout Date: Wed, 10 Oct 2012 10:48:30 -0700 Subject: [PATCH 1/3] Update carbons plugin to use latest spec. --- sleekxmpp/plugins/xep_0280/carbons.py | 9 +++++++-- sleekxmpp/plugins/xep_0280/stanza.py | 22 +++++++++++----------- 2 files changed, 18 insertions(+), 13 deletions(-) diff --git a/sleekxmpp/plugins/xep_0280/carbons.py b/sleekxmpp/plugins/xep_0280/carbons.py index fe2cdbb2..482d046a 100644 --- a/sleekxmpp/plugins/xep_0280/carbons.py +++ b/sleekxmpp/plugins/xep_0280/carbons.py @@ -47,13 +47,18 @@ class XEP_0280(BasePlugin): register_stanza_plugin(Iq, stanza.CarbonEnable) register_stanza_plugin(Iq, stanza.CarbonDisable) + register_stanza_plugin(stanza.ReceivedCarbon, + self.xmpp['xep_0297'].stanza.Forwarded) + register_stanza_plugin(stanza.SentCarbon, + self.xmpp['xep_0297'].stanza.Forwarded) + def plugin_end(self): self.xmpp.remove_handler('Carbon Received') self.xmpp.remove_handler('Carbon Sent') - self.xmpp.plugin['xep_0030'].del_feature(feature='urn:xmpp:carbons:1') + self.xmpp.plugin['xep_0030'].del_feature(feature='urn:xmpp:carbons:2') def session_bind(self, jid): - self.xmpp.plugin['xep_0030'].add_feature('urn:xmpp:carbons:1') + self.xmpp.plugin['xep_0030'].add_feature('urn:xmpp:carbons:2') def _handle_carbon_received(self, msg): self.xmpp.event('carbon_received', msg) diff --git a/sleekxmpp/plugins/xep_0280/stanza.py b/sleekxmpp/plugins/xep_0280/stanza.py index 94b37823..2f3aad86 100644 --- a/sleekxmpp/plugins/xep_0280/stanza.py +++ b/sleekxmpp/plugins/xep_0280/stanza.py @@ -11,54 +11,54 @@ from sleekxmpp.xmlstream import ElementBase class ReceivedCarbon(ElementBase): name = 'received' - namespace = 'urn:xmpp:carbons:1' + namespace = 'urn:xmpp:carbons:2' plugin_attrib = 'carbon_received' interfaces = set(['carbon_received']) is_extension = True def get_carbon_received(self): - return self.parent()['forwarded']['stanza'] + return self['forwarded']['stanza'] def del_carbon_received(self): - del self.parent()['forwarded']['stanza'] + del self['forwarded']['stanza'] def set_carbon_received(self, stanza): - self.parent()['forwarded']['stanza'] = stanza + self['forwarded']['stanza'] = stanza class SentCarbon(ElementBase): name = 'sent' - namespace = 'urn:xmpp:carbons:1' + namespace = 'urn:xmpp:carbons:2' plugin_attrib = 'carbon_sent' interfaces = set(['carbon_sent']) is_extension = True def get_carbon_sent(self): - return self.parent()['forwarded']['stanza'] + return self['forwarded']['stanza'] def del_carbon_sent(self): - del self.parent()['forwarded']['stanza'] + del self['forwarded']['stanza'] def set_carbon_sent(self, stanza): - self.parent()['forwarded']['stanza'] = stanza + self['forwarded']['stanza'] = stanza class PrivateCarbon(ElementBase): name = 'private' - namespace = 'urn:xmpp:carbons:1' + namespace = 'urn:xmpp:carbons:2' plugin_attrib = 'carbon_private' interfaces = set() class CarbonEnable(ElementBase): name = 'enable' - namespace = 'urn:xmpp:carbons:1' + namespace = 'urn:xmpp:carbons:2' plugin_attrib = 'carbon_enable' interfaces = set() class CarbonDisable(ElementBase): name = 'disable' - namespace = 'urn:xmpp:carbons:1' + namespace = 'urn:xmpp:carbons:2' plugin_attrib = 'carbon_disable' interfaces = set() From 675c0112ac935896e0d2a1674647c17884c62973 Mon Sep 17 00:00:00 2001 From: Lance Stout Date: Wed, 10 Oct 2012 11:07:25 -0700 Subject: [PATCH 2/3] Correct handling deleting plugins when xml:lang is active. --- sleekxmpp/xmlstream/stanzabase.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/sleekxmpp/xmlstream/stanzabase.py b/sleekxmpp/xmlstream/stanzabase.py index 4f58953b..08ce702a 100644 --- a/sleekxmpp/xmlstream/stanzabase.py +++ b/sleekxmpp/xmlstream/stanzabase.py @@ -662,7 +662,7 @@ class ElementBase(object): full_attrib = attrib attrib_lang = ('%s|' % attrib).split('|') attrib = attrib_lang[0] - lang = attrib_lang[1] or '' + lang = attrib_lang[1] or None kwargs = {} if lang and attrib in self.lang_interfaces: @@ -738,7 +738,7 @@ class ElementBase(object): full_attrib = attrib attrib_lang = ('%s|' % attrib).split('|') attrib = attrib_lang[0] - lang = attrib_lang[1] or '' + lang = attrib_lang[1] or None kwargs = {} if lang and attrib in self.lang_interfaces: @@ -824,7 +824,7 @@ class ElementBase(object): full_attrib = attrib attrib_lang = ('%s|' % attrib).split('|') attrib = attrib_lang[0] - lang = attrib_lang[1] or '' + lang = attrib_lang[1] or None kwargs = {} if lang and attrib in self.lang_interfaces: @@ -862,7 +862,7 @@ class ElementBase(object): del plugin[full_attrib] del self.plugins[(attrib, None)] else: - del self.plugins[(attrib, lang)] + del self.plugins[(attrib, plugin['lang'])] self.loaded_plugins.remove(attrib) try: self.xml.remove(plugin.xml) From e2e8c4b5dcca3dddfda6e60850a6754018e8f60d Mon Sep 17 00:00:00 2001 From: Lance Stout Date: Wed, 10 Oct 2012 11:42:24 -0700 Subject: [PATCH 3/3] Remove unneeded ssl_support checks. --- .../features/feature_starttls/starttls.py | 6 +- sleekxmpp/xmlstream/xmlstream.py | 107 ++++++++---------- 2 files changed, 50 insertions(+), 63 deletions(-) diff --git a/sleekxmpp/features/feature_starttls/starttls.py b/sleekxmpp/features/feature_starttls/starttls.py index 212b9da5..eb5eee1d 100644 --- a/sleekxmpp/features/feature_starttls/starttls.py +++ b/sleekxmpp/features/feature_starttls/starttls.py @@ -54,13 +54,9 @@ class FeatureSTARTTLS(BasePlugin): return False elif not self.xmpp.use_tls: return False - elif self.xmpp.ssl_support: + else: self.xmpp.send(features['starttls'], now=True) return True - else: - log.warning("The module tlslite is required to log in" + \ - " to some servers, and has not been found.") - return False def _handle_starttls_proceed(self, proceed): """Restart the XML stream when TLS is accepted.""" diff --git a/sleekxmpp/xmlstream/xmlstream.py b/sleekxmpp/xmlstream/xmlstream.py index 4cc1ac21..bea6e88f 100644 --- a/sleekxmpp/xmlstream/xmlstream.py +++ b/sleekxmpp/xmlstream/xmlstream.py @@ -58,9 +58,6 @@ WAIT_TIMEOUT = 0.1 #: a GIL increasing this value can provide better performance. HANDLER_THREADS = 1 -#: Flag indicating if the SSL library is available for use. -SSL_SUPPORT = True - #: The time in seconds to delay between attempts to resend data #: after an SSL error. SSL_RETRY_DELAY = 0.5 @@ -117,9 +114,6 @@ class XMLStream(object): """ def __init__(self, socket=None, host='', port=0): - #: Flag indicating if the SSL library is available for use. - self.ssl_support = SSL_SUPPORT - #: Most XMPP servers support TLSv1, but OpenFire in particular #: does not work well with it. For OpenFire, set #: :attr:`ssl_version` to use ``SSLv23``:: @@ -506,7 +500,7 @@ class XMLStream(object): self.reconnect_delay = delay return False - if self.use_ssl and self.ssl_support: + if self.use_ssl: log.debug("Socket Wrapped for SSL") if self.ca_certs is None: cert_policy = ssl.CERT_NONE @@ -535,7 +529,7 @@ class XMLStream(object): log.debug("Connecting to %s:%s", domain, self.address[1]) self.socket.connect(self.address) - if self.use_ssl and self.ssl_support: + if self.use_ssl: try: self.socket.do_handshake() except (Socket.error, ssl.SSLError): @@ -823,59 +817,56 @@ class XMLStream(object): If the handshake is successful, the XML stream will need to be restarted. """ - if self.ssl_support: - log.info("Negotiating TLS") - log.info("Using SSL version: %s", str(self.ssl_version)) - if self.ca_certs is None: - cert_policy = ssl.CERT_NONE - else: - cert_policy = ssl.CERT_REQUIRED - - ssl_socket = ssl.wrap_socket(self.socket, - certfile=self.certfile, - keyfile=self.keyfile, - ssl_version=self.ssl_version, - do_handshake_on_connect=False, - ca_certs=self.ca_certs, - cert_reqs=cert_policy) - - if hasattr(self.socket, 'socket'): - # We are using a testing socket, so preserve the top - # layer of wrapping. - self.socket.socket = ssl_socket - else: - self.socket = ssl_socket - - try: - self.socket.do_handshake() - except (Socket.error, ssl.SSLError): - log.error('CERT: Invalid certificate trust chain.') - if not self.event_handled('ssl_invalid_chain'): - self.disconnect(self.auto_reconnect, send_close=False) - else: - self.event('ssl_invalid_chain', direct=True) - return False - - self._der_cert = self.socket.getpeercert(binary_form=True) - pem_cert = ssl.DER_cert_to_PEM_cert(self._der_cert) - log.debug('CERT: %s', pem_cert) - self.event('ssl_cert', pem_cert, direct=True) - - try: - cert.verify(self._expected_server_name, self._der_cert) - except cert.CertificateError as err: - if not self.event_handled('ssl_invalid_cert'): - log.error(err.message) - self.disconnect(self.auto_reconnect, send_close=False) - else: - self.event('ssl_invalid_cert', pem_cert, direct=True) - - self.set_socket(self.socket) - return True + log.info("Negotiating TLS") + log.info("Using SSL version: %s", str(self.ssl_version)) + if self.ca_certs is None: + cert_policy = ssl.CERT_NONE else: - log.warning("Tried to enable TLS, but ssl module not found.") + cert_policy = ssl.CERT_REQUIRED + + ssl_socket = ssl.wrap_socket(self.socket, + certfile=self.certfile, + keyfile=self.keyfile, + ssl_version=self.ssl_version, + do_handshake_on_connect=False, + ca_certs=self.ca_certs, + cert_reqs=cert_policy) + + if hasattr(self.socket, 'socket'): + # We are using a testing socket, so preserve the top + # layer of wrapping. + self.socket.socket = ssl_socket + else: + self.socket = ssl_socket + + try: + self.socket.do_handshake() + except (Socket.error, ssl.SSLError): + log.error('CERT: Invalid certificate trust chain.') + if not self.event_handled('ssl_invalid_chain'): + self.disconnect(self.auto_reconnect, send_close=False) + else: + self._der_cert = self.socket.getpeercert(binary_form=True) + self.event('ssl_invalid_chain', direct=True) return False + self._der_cert = self.socket.getpeercert(binary_form=True) + pem_cert = ssl.DER_cert_to_PEM_cert(self._der_cert) + log.debug('CERT: %s', pem_cert) + self.event('ssl_cert', pem_cert, direct=True) + + try: + cert.verify(self._expected_server_name, self._der_cert) + except cert.CertificateError as err: + if not self.event_handled('ssl_invalid_cert'): + log.error(err.message) + self.disconnect(self.auto_reconnect, send_close=False) + else: + self.event('ssl_invalid_cert', pem_cert, direct=True) + + self.set_socket(self.socket) + return True + def _cert_expiration(self, event): """Schedule an event for when the TLS certificate expires."""