from twisted.web.client import Agent, ResponseDone
from twisted.web.http_headers import Headers
from twisted.internet.protocol import Protocol
+from twisted.internet.ssl import ClientContextFactory
+
+from OpenSSL.SSL import Context, VERIFY_PEER, VERIFY_FAIL_IF_NO_PEER_CERT
+from OpenSSL.crypto import load_certificate, FILETYPE_PEM
+
+class VerifyTorProjectCert(ClientContextFactory):
+
+ torproject_ca = load_certificate(FILETYPE_PEM, open('torproject.pem', 'r').read())
+
+ def getContext(self, host, port):
+ ctx = ClientContextFactory.getContext(self)
+ ctx.set_verify_depth(0)
+ ctx.set_verify(VERIFY_PEER | VERIFY_FAIL_IF_NO_PEER_CERT, self.verifyHostname)
+ return ctx
+
+ def verifyHostname(self, connection, cert, errno, depth, preverifyOK):
+ return cert.digest('sha256') == self.torproject_ca.digest('sha256')
class TorBrowserLauncher:
## FIXME handle errors
+ def error(self, f):
+ print "FAIL", f
+
+
def download(self, name, url, path):
# initialize the progress bar
self.progressbar.set_fraction(0)
self.progressbar.show()
self.refresh_gtk()
- agent = Agent(reactor)
+ agent = Agent(reactor, VerifyTorProjectCert())
d = agent.request('GET', url,
Headers({'User-Agent': ['torbrowser-launcher']}),
None)
self.file_download = open(path, 'w')
- d.addCallback(self.response_received)
+ d.addCallback(self.response_received).addErrback(self.error)
def download_chunk(self, name):
# download 10kb a time
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIGujCCBaKgAwIBAgIQBt6X5R3DncJkjaxy3UEB/DANBgkqhkiG9w0BAQsFADBm
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSUwIwYDVQQDExxEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBDQS0zMB4XDTEzMDEyOTAwMDAwMFoXDTE2MDUwMzEyMDAwMFowcjELMAkGA1UE
+BhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxEDAOBgNVBAcTB1dhbHBvbGUx
+HjAcBgNVBAoTFVRoZSBUb3IgUHJvamVjdCwgSW5jLjEZMBcGA1UEAwwQKi50b3Jw
+cm9qZWN0Lm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN1oOe8B
+0kT0l6MXsIOWiBiXqLfGCk8nIeX+GXc0TNez14HBWPOzLMmA6Kfj3h9kJ0hLCzlS
+Gui3xsT1ca5ZXONP/2beDkIoxwF+7/MCS8gOu4Cyua0CjR0ce6YWemKYVKxoqJvY
+H/S2UnzMHaBI/bhJ+QK5kMYg/JXoMx9IMIJnjl9clFt3TE34UR5/NZTsytXAtCjI
+5qMSpzKRE31RREGv1kxwTqJq/g5UFJWzZEwISDEhTeFTVOru0qjbEAqaip4hQH9D
+ITjDOFw7Upgdab4TN4gLwDaZuo+Qcz+CQR6vCSlP2KziQAH9nlU+qT81eYVv+NOf
+jogvdu/Atl/q+z0CAwEAAaOCA1YwggNSMB8GA1UdIwQYMBaAFFDqc4nbKfsQj57l
+ASDU3nmZSIP3MB0GA1UdDgQWBBSx87Iq0fmAeNURYjYpnSG8riduZjArBgNVHREE
+JDAighAqLnRvcnByb2plY3Qub3Jngg50b3Jwcm9qZWN0Lm9yZzAOBgNVHQ8BAf8E
+BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMGEGA1UdHwRaMFgw
+KqAooCaGJGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9jYTMtZzE4LmNybDAqoCig
+JoYkaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL2NhMy1nMTguY3JsMIIBxAYDVR0g
+BIIBuzCCAbcwggGzBglghkgBhv1sAQEwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8v
+d3d3LmRpZ2ljZXJ0LmNvbS9zc2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYB
+BQUHAgIwggFWHoIBUgBBAG4AeQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMA
+ZQByAHQAaQBmAGkAYwBhAHQAZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEA
+YwBjAGUAcAB0AGEAbgBjAGUAIABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIA
+dAAgAEMAUAAvAEMAUABTACAAYQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcA
+IABQAGEAcgB0AHkAIABBAGcAcgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwA
+aQBtAGkAdAAgAGwAaQBhAGIAaQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkA
+bgBjAG8AcgBwAG8AcgBhAHQAZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUA
+ZgBlAHIAZQBuAGMAZQAuMHsGCCsGAQUFBwEBBG8wbTAkBggrBgEFBQcwAYYYaHR0
+cDovL29jc3AuZGlnaWNlcnQuY29tMEUGCCsGAQUFBzAChjlodHRwOi8vY2FjZXJ0
+cy5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlQ0EtMy5jcnQwDAYD
+VR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAFfAsIxhBxzSVi5a9FpEp9JGc
+0wL5/4BVFv0lKYjHkRVoBdvN3gnAfGt2YXrAJZb7OCVwW3KFdSaTwm8T10eCVSXX
+ASTrp6DWs6mHxw9HGIkVF9YESq6x5/ZGHDTovuRMCeHuIwn+nBL21z1WDqwozwcQ
+AxNXeRXJvXO4bOj301+26as9cOWjonGzkW9uc3WTWp89+YOpRo6RQ59Yc3UJlxjW
+HZR3Oqp/GM1jo2NPHnFeMpnFtVj+uuQBtNj7D7jiWhGtNxFIePizOBs8k+ao9lWO
+E2UHK5iM17YISRhBPNwi4YL+nf+jo5untE6WgvFYhEH2pwmCSKrIYBdGatbxfw==
+-----END CERTIFICATE-----
projects / torbrowser-launcher.git / commitdiff