summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authormorpheus65535 <[email protected]>2021-10-10 23:31:38 -0400
committermorpheus65535 <[email protected]>2021-10-10 23:31:38 -0400
commitd851c16da7e7063fb5ad89993a5933de2bfd88f1 (patch)
tree928010fc09304192ccbb997ffc8313ed43110193
parent9fff275f1ced4f77d297aa1775ca72b6067e1c83 (diff)
downloadbazarr-d851c16da7e7063fb5ad89993a5933de2bfd88f1.tar.gz
bazarr-d851c16da7e7063fb5ad89993a5933de2bfd88f1.zip
Added a settings to disable SSL certificate validation for Podnapisi. Be careful as it's causing a security risk for a man in the middle (MitM) attack. #1565v0.9.10-beta.11
-rw-r--r--bazarr/config.py3
-rw-r--r--bazarr/get_providers.py1
-rw-r--r--frontend/src/Settings/Providers/list.ts12
-rw-r--r--libs/subliminal_patch/providers/podnapisi.py8
4 files changed, 22 insertions, 2 deletions
diff --git a/bazarr/config.py b/bazarr/config.py
index a4b200f30..57e0d3ef0 100644
--- a/bazarr/config.py
+++ b/bazarr/config.py
@@ -134,6 +134,9 @@ defaults = {
'username': '',
'password': ''
},
+ 'podnapisi': {
+ 'verify_ssl': 'True'
+ },
'legendasdivx': {
'username': '',
'password': '',
diff --git a/bazarr/get_providers.py b/bazarr/get_providers.py
index f020250a0..fa23b40cc 100644
--- a/bazarr/get_providers.py
+++ b/bazarr/get_providers.py
@@ -147,6 +147,7 @@ def get_providers_auth():
'podnapisi' : {
'only_foreign': False, # fixme
'also_foreign': False, # fixme
+ 'verify_ssl': settings.podnapisi.getboolean('verify_ssl')
},
'subscene' : {
'username' : settings.subscene.username,
diff --git a/frontend/src/Settings/Providers/list.ts b/frontend/src/Settings/Providers/list.ts
index 1cb4ba177..d9e65e9f0 100644
--- a/frontend/src/Settings/Providers/list.ts
+++ b/frontend/src/Settings/Providers/list.ts
@@ -135,7 +135,17 @@ export const ProviderList: Readonly<ProviderInfo[]> = [
use_hash: "Use Hash",
},
},
- { key: "podnapisi" },
+ {
+ key: "podnapisi",
+ name: "Podnapisi",
+ defaultKey: {
+ verify_ssl: true,
+ },
+ keyNameOverride: {
+ verify_ssl:
+ "Verify SSL certificate (disabling introduce a MitM attack risk)",
+ },
+ },
{
key: "regielive",
name: "RegieLive",
diff --git a/libs/subliminal_patch/providers/podnapisi.py b/libs/subliminal_patch/providers/podnapisi.py
index 2044228c5..9952240df 100644
--- a/libs/subliminal_patch/providers/podnapisi.py
+++ b/libs/subliminal_patch/providers/podnapisi.py
@@ -109,10 +109,12 @@ class PodnapisiSubtitle(_PodnapisiSubtitle):
return matches
+
class PodnapisiAdapter(HTTPAdapter):
def init_poolmanager(self, connections, maxsize, block=False):
ctx = ssl.create_default_context()
ctx.set_ciphers('DEFAULT@SECLEVEL=1')
+ ctx.check_hostname = False
self.poolmanager = poolmanager.PoolManager(
num_pools=connections,
maxsize=maxsize,
@@ -121,6 +123,7 @@ class PodnapisiAdapter(HTTPAdapter):
ssl_context=ctx
)
+
class PodnapisiProvider(_PodnapisiProvider, ProviderSubtitleArchiveMixin):
languages = ({Language('por', 'BR'), Language('srp', script='Latn'), Language('srp', script='Cyrl')} |
{Language.fromalpha2(l) for l in language_converters['alpha2'].codes})
@@ -130,12 +133,14 @@ class PodnapisiProvider(_PodnapisiProvider, ProviderSubtitleArchiveMixin):
server_url = 'https://podnapisi.net/subtitles/'
only_foreign = False
also_foreign = False
+ verify_ssl = True
subtitle_class = PodnapisiSubtitle
hearing_impaired_verifiable = True
- def __init__(self, only_foreign=False, also_foreign=False):
+ def __init__(self, only_foreign=False, also_foreign=False, verify_ssl=True):
self.only_foreign = only_foreign
self.also_foreign = also_foreign
+ self.verify_ssl = verify_ssl
if only_foreign:
logger.info("Only searching for foreign/forced subtitles")
@@ -145,6 +150,7 @@ class PodnapisiProvider(_PodnapisiProvider, ProviderSubtitleArchiveMixin):
def initialize(self):
super().initialize()
self.session.mount('https://', PodnapisiAdapter())
+ self.session.verify = self.verify_ssl
def list_subtitles(self, video, languages):
if video.is_special: