Added host verification to uds client (so urls are approved at least

first time by users)
2016-01-08 09:34:20 +01:00 · 2016-01-08 09:34:20 +01:00 · 4be5d8d6e5
commit 4be5d8d6e5
parent b9929566f6
3 changed files with 28 additions and 1 deletions
--- a/client/src/UDSClient.py
+++ b/client/src/UDSClient.py
@ -201,6 +201,23 @@ def done(data):
    QtGui.QMessageBox.critical(None, 'Notice', six.text_type(data.data), QtGui.QMessageBox.Ok)
    sys.exit(0)

+# Ask user to aprobe endpoint
+def approveHost(host, parentWindow=None):
+    settings = QtCore.QSettings()
+    settings.beginGroup('endpoints')
+
+    approved = settings.value(host, False).toBool()
+
+    errorString = '<p>The host <b>{}</b> needs to be approve:</p>'.format(host)
+    errorString += '<p>Only approve UDS servers that you trust to avoid security issues.</p>'
+
+    if approved or QtGui.QMessageBox.warning(parentWindow, 'ACCESS Warning', errorString, QtGui.QMessageBox.Yes | QtGui.QMessageBox.No) == QtGui.QMessageBox.Yes:
+        settings.setValue(host, True)
+        approved = True
+
+    settings.endGroup()
+    return approved
+
 if __name__ == "__main__":
    logger.debug('Initializing connector')
    # Initialize app
@ -242,8 +259,15 @@ if __name__ == "__main__":

    try:
        logger.debug('Starting execution')
+
+        # Approbe before going on
+        if approveHost(host) is False:
+            raise Exception('Host {} was not approved'.format(host))
+
        win = UDSClient()
        win.show()
+
+
        win.start()

        exitVal = app.exec_()
--- a/client/src/uds/init.py
+++ b/client/src/uds/init.py
@ -34,7 +34,7 @@ from __future__ import unicode_literals
 # On centos, old six release does not includes byte2int, nor six.PY2
 import six

-VERSION = '1.9.0'
+VERSION = '2.0.0'

 __title__ = 'udclient'
 __version__ = VERSION
--- a/client/src/uds/rest.py
+++ b/client/src/uds/rest.py
@ -91,6 +91,7 @@ class RestRequest(QObject):
    @pyqtSlot(QNetworkReply, list)
    def _sslError(self, reply, errors):
        settings = QSettings()
+        settings.beginGroup('ssl')
        cert = errors[0].certificate()
        digest = six.text_type(cert.digest().toHex())

@ -107,6 +108,8 @@ class RestRequest(QObject):
            settings.setValue(digest, True)
            reply.ignoreSslErrors()

+        settings.endGroup()
+
    def get(self):
        request = QNetworkRequest(self.url)
        request.setRawHeader('User-Agent', osDetector.getOs() + " - UDS Connector " + VERSION)