add cert validation ignoring switches (closes #15)

r4sas · Jul 16, 2019 · 7fc2a1a · 7fc2a1a
1 parent 8aea956
commit 7fc2a1a
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 12 deletions.
diff --git a/pbincli/__init__.py b/pbincli/__init__.py
@@ -2,6 +2,6 @@
 # -*- coding: utf-8 -*-
 
 __author__ = "R4SAS <[email protected]>"
-__version__ = "0.2-beta1"
+__version__ = "0.2b2"
 __copyright__ = "Copyright (c) R4SAS"
 __license__ = "MIT"
diff --git a/pbincli/api.py b/pbincli/api.py
@@ -1,17 +1,24 @@
 import requests
 
 class PrivateBin:
-    def __init__(self, server, proxy=None):
+    def __init__(self, server, settings=None):
         self.server = server
         self.headers = {'X-Requested-With': 'JSONHttpRequest'}
-        if proxy:
-            self.proxy = {proxy.split('://')[0]: proxy}
+
+        if settings['proxy']:
+            self.proxy = {settings['proxy'].split('://')[0]: settings['proxy']}
         else:
             self.proxy = {}
 
+        if settings['noinsecurewarn']:
+            from requests.packages.urllib3.exceptions import InsecureRequestWarning
+            requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
+
+        self.session = requests.Session()
+        self.session.verify = settings['nocheckcert']
 
     def post(self, request):
-        result = requests.post(
+        result = self.session.post(
             url = self.server,
             headers = self.headers,
             proxies = self.proxy,
@@ -25,7 +32,7 @@ def post(self, request):
 
 
     def get(self, request):
-        return requests.get(
+        return self.session.get(
             url = self.server + "?" + request,
             headers = self.headers,
             proxies = self.proxy).json()
@@ -35,7 +42,7 @@ def delete(self, request):
         # using try as workaround for versions < 1.3 due to we cant detect
         # if server used version 1.2, where auto-deletion is added
         try:
-            result = requests.post(
+            result = self.session.post(
                 url = self.server,
                 headers = self.headers,
                 proxies = self.proxy,
@@ -57,7 +64,7 @@ def delete(self, request):
 
 
     def getVersion(self):
-        jsonldSchema = requests.get(
+        jsonldSchema = self.session.get(
             url = self.server + '?jsonld=paste',
             proxies = self.proxy).json()
         return jsonldSchema['@context']['v']['@value'] \

diff --git a/pbincli/cli.py b/pbincli/cli.py
@@ -36,6 +36,8 @@ def main():
     send_parser.add_argument("-q", "--notext", default=False, action="store_true", help="don't send text in paste")
     send_parser.add_argument("-c", "--compression", default="zlib", action="store",
         choices=["zlib", "none"], help="set compression for paste (default: zlib). Note: works only on v2 paste format")
+    send_parser.add_argument("--no-check-certificate", default=True, action="store_false", help="disable certificate validation")
+    send_parser.add_argument("--no-insecure-warning", default=False, action="store_true", help="suppress InsecureRequestWarning (only with --no-check-certificate)")
     send_parser.add_argument("-d", "--debug", default=False, action="store_true", help="enable debug")
     send_parser.add_argument("--dry", default=False, action="store_true", help="invoke dry run")
     send_parser.add_argument("stdin", help="input paste text from stdin", nargs="?", type=argparse.FileType("r"), default=sys.stdin)
@@ -44,22 +46,28 @@ def main():
     # a get command
     get_parser = subparsers.add_parser("get", description="Get data from PrivateBin instance")
     get_parser.add_argument("pasteinfo", help="example: aabb#cccddd")
-    get_parser.add_argument("-d", "--debug", default=False, action="store_true", help="enable debug")
     get_parser.add_argument("-p", "--password", help="password for decrypting paste")
+    get_parser.add_argument("--no-check-certificate", default=True, action="store_false", help="disable certificate validation")
+    get_parser.add_argument("--no-insecure-warning", default=False, action="store_true", help="suppress InsecureRequestWarning (only with --no-check-certificate)")
+    get_parser.add_argument("-d", "--debug", default=False, action="store_true", help="enable debug")
     get_parser.set_defaults(func=pbincli.actions.get)
 
     # a delete command
     delete_parser = subparsers.add_parser("delete", description="Delete paste from PrivateBin instance using token")
     delete_parser.add_argument("-p", "--paste", required=True, help="paste id")
     delete_parser.add_argument("-t", "--token", required=True, help="paste deletion token")
+    delete_parser.add_argument("--no-check-certificate", default=True, action="store_false", help="disable certificate validation")
+    delete_parser.add_argument("--no-insecure-warning", default=False, action="store_true", help="suppress InsecureRequestWarning (only with --no-check-certificate)")
     delete_parser.add_argument("-d", "--debug", default=False, action="store_true", help="enable debug")
     delete_parser.set_defaults(func=pbincli.actions.delete)
 
     # parse arguments
     args = parser.parse_args()
 
-    CONFIG = {"server": "https://paste.i2pd.xyz/",
-              "proxy": None}
+    CONFIG = {
+        "server": "https://paste.i2pd.xyz/",
+        "proxy": None
+    }
 
     for p in CONFIG_PATHS:
         if os.path.exists(p):
@@ -70,7 +78,13 @@ def main():
         var = "PRIVATEBIN_{}".format(key.upper())
         if var in os.environ: CONFIG[key] = os.getenv(var)
 
-    api_client = PrivateBin(CONFIG["server"], proxy=CONFIG["proxy"])
+    SETTINGS = {
+        "proxy": CONFIG["proxy"],
+        "nocheckcert": args.no_check_certificate,
+        "noinsecurewarn": args.no_insecure_warning
+    }
+
+    api_client = PrivateBin(CONFIG["server"], settings=SETTINGS)
 
     if hasattr(args, "func"):
         try: