From 702b56d594a2d7f7619bdad254ae780f95306d9f Mon Sep 17 00:00:00 2001 From: Florent Date: Thu, 30 Aug 2012 12:30:25 +0200 Subject: [PATCH] SSL workaround --- modules/ing/browser.py | 2 ++ weboob/tools/browser/browser.py | 10 ++++++++++ 2 files changed, 12 insertions(+) diff --git a/modules/ing/browser.py b/modules/ing/browser.py index 9ca598fb..42dc1368 100644 --- a/modules/ing/browser.py +++ b/modules/ing/browser.py @@ -36,10 +36,12 @@ class Ing(BaseBrowser): '.*accountDetail.jsf.*': AccountHistory, '.*displayTRHistoriqueLA.*': AccountHistory } + HASH = "fba557b387cccc3d71ba038f9ef1de4d71541d7954744c79f6a7ff5f3cd4dc12" def __init__(self, *args, **kwargs): self.birthday = kwargs.pop('birthday', None) BaseBrowser.__init__(self, *args, **kwargs) + self.lowsslcheck(self.DOMAIN, self.HASH) def home(self): self.location('https://secure.ingdirect.fr/public/displayLogin.jsf') diff --git a/weboob/tools/browser/browser.py b/weboob/tools/browser/browser.py index 255a93a5..7d9c55a8 100644 --- a/weboob/tools/browser/browser.py +++ b/weboob/tools/browser/browser.py @@ -28,6 +28,8 @@ import sys import re import tempfile from threading import RLock +import ssl +import hashlib import time import urllib import urllib2 @@ -397,6 +399,14 @@ class StandardBrowser(mechanize.Browser): except ControlNotFoundError: return + def lowsslcheck(self, domain, hash): + certs = ssl.get_server_certificate((domain, 443)) + certhash = hashlib.sha256(certs).hexdigest() + self.logger.debug('Found %s as certificat hash' % certhash) + if certhash != hash: + raise ssl.SSLError() + + class BaseBrowser(StandardBrowser): """ Base browser class to navigate on a website.