Browse Source

irc: allow tls certificate verification to be bypassed

William Pitcock 1 year ago
parent
commit
6b9e2a44d7
2 changed files with 14 additions and 2 deletions
  1. 3
    0
      viera.yaml.example
  2. 11
    2
      viera/irc.py

+ 3
- 0
viera.yaml.example View File

@@ -13,6 +13,9 @@ irc:
13 13
   # whether to use SSL/TLS to connect or not
14 14
   ssl: true
15 15
 
16
+  # whether to disable SSL certificate verification (self-signed certs, etc.)
17
+  ssl_no_verify: false
18
+
16 19
   # the main nickname of the bot to use
17 20
   nickname: viera
18 21
 

+ 11
- 2
viera/irc.py View File

@@ -2,6 +2,7 @@ import asyncio
2 2
 import logging
3 3
 import base64
4 4
 import html
5
+import ssl
5 6
 
6 7
 from blinker import signal
7 8
 
@@ -269,9 +270,17 @@ async def irc_bot():
269 270
 
270 271
     server = IRC_CONFIG['host']
271 272
     port = IRC_CONFIG['port']
272
-    ssl = IRC_CONFIG['ssl']
273
+    use_ssl = IRC_CONFIG['ssl']
273 274
 
274
-    transport, protocol = await loop.create_connection(IRCProtocol, host=server, port=port, ssl=ssl)
275
+    sc = None
276
+    if use_ssl:
277
+        sc = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
278
+
279
+        if IRC_CONFIG.get('ssl_no_verify', False):
280
+            sc.check_hostname = False
281
+            sc.verify_mode = ssl.CERT_NONE
282
+
283
+    transport, protocol = await loop.create_connection(IRCProtocol, host=server, port=port, ssl=sc)
275 284
     set_irc_bot(protocol)
276 285
 
277 286
     logging.info('IRC bot ready.')