SSL workaround

2012-08-30 12:30:25 +02:00 · 2012-08-30 12:30:25 +02:00 · 702b56d594
commit 702b56d594
parent 9f7888e6b5
2 changed files with 12 additions and 0 deletions
--- a/modules/ing/browser.py
+++ b/modules/ing/browser.py
@ -36,10 +36,12 @@ class Ing(BaseBrowser):
             '.*accountDetail.jsf.*':         AccountHistory,
             '.*displayTRHistoriqueLA.*':     AccountHistory
            }
+    HASH = "fba557b387cccc3d71ba038f9ef1de4d71541d7954744c79f6a7ff5f3cd4dc12"

    def __init__(self, *args, **kwargs):
        self.birthday = kwargs.pop('birthday', None)
        BaseBrowser.__init__(self, *args, **kwargs)
+        self.lowsslcheck(self.DOMAIN, self.HASH)

    def home(self):
        self.location('https://secure.ingdirect.fr/public/displayLogin.jsf')
--- a/weboob/tools/browser/browser.py
+++ b/weboob/tools/browser/browser.py
@ -28,6 +28,8 @@ import sys
 import re
 import tempfile
 from threading import RLock
+import ssl
+import hashlib
 import time
 import urllib
 import urllib2
@ -397,6 +399,14 @@ class StandardBrowser(mechanize.Browser):
        except ControlNotFoundError:
            return

+    def lowsslcheck(self, domain, hash):
+        certs = ssl.get_server_certificate((domain,  443))
+        certhash = hashlib.sha256(certs).hexdigest()
+        self.logger.debug('Found %s as certificat hash' % certhash)
+        if certhash != hash:
+            raise ssl.SSLError()
+
+    
 class BaseBrowser(StandardBrowser):
    """
    Base browser class to navigate on a website.