diff options
author | morpheus65535 <[email protected]> | 2021-10-10 23:31:38 -0400 |
---|---|---|
committer | morpheus65535 <[email protected]> | 2021-10-10 23:31:38 -0400 |
commit | d851c16da7e7063fb5ad89993a5933de2bfd88f1 (patch) | |
tree | 928010fc09304192ccbb997ffc8313ed43110193 | |
parent | 9fff275f1ced4f77d297aa1775ca72b6067e1c83 (diff) | |
download | bazarr-0.9.10-beta.11.tar.gz bazarr-0.9.10-beta.11.zip |
Added a settings to disable SSL certificate validation for Podnapisi. Be careful as it's causing a security risk for a man in the middle (MitM) attack. #1565v0.9.10-beta.11
-rw-r--r-- | bazarr/config.py | 3 | ||||
-rw-r--r-- | bazarr/get_providers.py | 1 | ||||
-rw-r--r-- | frontend/src/Settings/Providers/list.ts | 12 | ||||
-rw-r--r-- | libs/subliminal_patch/providers/podnapisi.py | 8 |
4 files changed, 22 insertions, 2 deletions
diff --git a/bazarr/config.py b/bazarr/config.py index a4b200f30..57e0d3ef0 100644 --- a/bazarr/config.py +++ b/bazarr/config.py @@ -134,6 +134,9 @@ defaults = { 'username': '', 'password': '' }, + 'podnapisi': { + 'verify_ssl': 'True' + }, 'legendasdivx': { 'username': '', 'password': '', diff --git a/bazarr/get_providers.py b/bazarr/get_providers.py index f020250a0..fa23b40cc 100644 --- a/bazarr/get_providers.py +++ b/bazarr/get_providers.py @@ -147,6 +147,7 @@ def get_providers_auth(): 'podnapisi' : { 'only_foreign': False, # fixme 'also_foreign': False, # fixme + 'verify_ssl': settings.podnapisi.getboolean('verify_ssl') }, 'subscene' : { 'username' : settings.subscene.username, diff --git a/frontend/src/Settings/Providers/list.ts b/frontend/src/Settings/Providers/list.ts index 1cb4ba177..d9e65e9f0 100644 --- a/frontend/src/Settings/Providers/list.ts +++ b/frontend/src/Settings/Providers/list.ts @@ -135,7 +135,17 @@ export const ProviderList: Readonly<ProviderInfo[]> = [ use_hash: "Use Hash", }, }, - { key: "podnapisi" }, + { + key: "podnapisi", + name: "Podnapisi", + defaultKey: { + verify_ssl: true, + }, + keyNameOverride: { + verify_ssl: + "Verify SSL certificate (disabling introduce a MitM attack risk)", + }, + }, { key: "regielive", name: "RegieLive", diff --git a/libs/subliminal_patch/providers/podnapisi.py b/libs/subliminal_patch/providers/podnapisi.py index 2044228c5..9952240df 100644 --- a/libs/subliminal_patch/providers/podnapisi.py +++ b/libs/subliminal_patch/providers/podnapisi.py @@ -109,10 +109,12 @@ class PodnapisiSubtitle(_PodnapisiSubtitle): return matches + class PodnapisiAdapter(HTTPAdapter): def init_poolmanager(self, connections, maxsize, block=False): ctx = ssl.create_default_context() ctx.set_ciphers('DEFAULT@SECLEVEL=1') + ctx.check_hostname = False self.poolmanager = poolmanager.PoolManager( num_pools=connections, maxsize=maxsize, @@ -121,6 +123,7 @@ class PodnapisiAdapter(HTTPAdapter): ssl_context=ctx ) + class PodnapisiProvider(_PodnapisiProvider, ProviderSubtitleArchiveMixin): languages = ({Language('por', 'BR'), Language('srp', script='Latn'), Language('srp', script='Cyrl')} | {Language.fromalpha2(l) for l in language_converters['alpha2'].codes}) @@ -130,12 +133,14 @@ class PodnapisiProvider(_PodnapisiProvider, ProviderSubtitleArchiveMixin): server_url = 'https://podnapisi.net/subtitles/' only_foreign = False also_foreign = False + verify_ssl = True subtitle_class = PodnapisiSubtitle hearing_impaired_verifiable = True - def __init__(self, only_foreign=False, also_foreign=False): + def __init__(self, only_foreign=False, also_foreign=False, verify_ssl=True): self.only_foreign = only_foreign self.also_foreign = also_foreign + self.verify_ssl = verify_ssl if only_foreign: logger.info("Only searching for foreign/forced subtitles") @@ -145,6 +150,7 @@ class PodnapisiProvider(_PodnapisiProvider, ProviderSubtitleArchiveMixin): def initialize(self): super().initialize() self.session.mount('https://', PodnapisiAdapter()) + self.session.verify = self.verify_ssl def list_subtitles(self, video, languages): if video.is_special: |