Fixed Client on non standard ports

2021-07-05 17:54:02 +02:00 · 2021-07-05 17:54:02 +02:00 · c9488329b9
commit c9488329b9
parent 55c4574021
3 changed files with 30 additions and 5 deletions
--- a/client-py3/full/src/uds/rest.py
+++ b/client-py3/full/src/uds/rest.py
@ -178,18 +178,24 @@ class RestApi:
    def _open(
        url: str, certErrorCallback: typing.Optional[CertCallbackType] = None
    ) -> typing.Any:
+        print('Open')
        ctx = ssl.create_default_context()
        ctx.check_hostname = False
        ctx.verify_mode = ssl.CERT_NONE
-        ctx.load_verify_locations(certifi.where())
+        ctx.load_verify_locations(tools.getCaCertsFile())
        hostname = urllib.parse.urlparse(url)[1]
        serial = ''

+        port = ''
+        if ':' in hostname:
+            hostname, port = hostname.split(':')
+
        if url.startswith('https'):
+            port = port or '443'
            with ctx.wrap_socket(
                socket.socket(socket.AF_INET, socket.SOCK_STREAM), server_hostname=hostname
            ) as s:
-                s.connect((hostname, 443))
+                s.connect((hostname, int(port)))
                # Get binary certificate
                binCert = s.getpeercert(True)
                if binCert:
@ -231,6 +237,7 @@ class RestApi:
    def getUrl(
        url: str, certErrorCallback: typing.Optional[CertCallbackType] = None
    ) -> bytes:
+        print(url)
        with RestApi._open(url, certErrorCallback) as response:
            resp = response.read()

--- a/client-py3/full/src/uds/tools.py
+++ b/client-py3/full/src/uds/tools.py
@ -33,12 +33,14 @@ import tempfile
 import string
 import random
 import os
+import os.path
 import socket
 import stat
 import sys
 import time
 import base64
 import typing
+import certifi

 try:
    import psutil
@ -226,3 +228,20 @@ def verifySignature(script: bytes, signature: bytes) -> bool:

    # If no exception, the script was fine...
    return True
+
+def getCaCertsFile() -> str:
+    logger.debug('Certifi: %s', certifi.where())
+    logger.debug('File: %s', __file__)
+    try:
+        if os.path.exists(certifi.where()):
+            logger.debug('Certifi file exists: %s', certifi.where())
+            return certifi.where()
+    except Exception:
+        pass
+
+    if 'darwin' in sys.platform:
+        path = __file__
+        logger.debug('Certifi file: %s', path)
+        return path
+
+    return ''
--- a/client-py3/full/src/uds/tunnel.py
+++ b/client-py3/full/src/uds/tunnel.py
@ -39,7 +39,7 @@ import select
 import typing
 import logging

-import certifi
+from . import tools

 HANDSHAKE_V1 = b'\x5AMGB\xA5\x01\x00'
 BUFFER_SIZE = 1024 * 16  # Max buffer length
@ -51,7 +51,6 @@ TUNNEL_LISTENING, TUNNEL_OPENING, TUNNEL_PROCESSING, TUNNEL_ERROR = 0, 1, 2, 3

 logger = logging.getLogger(__name__)

-
 class ForwardServer(socketserver.ThreadingTCPServer):
    daemon_threads = True
    allow_reuse_address = True
@ -118,7 +117,7 @@ class ForwardServer(socketserver.ThreadingTCPServer):
            
            # Do not "recompress" data, use only "base protocol" compression
            context.options |= ssl.OP_NO_COMPRESSION
-            context.load_verify_locations(certifi.where())  # Load certifi certificates
+            context.load_verify_locations(tools.getCaCertsFile())  # Load certifi certificates

            # If ignore remote certificate
            if self.check_certificate is False: