From 4f9dc653f1094f9a7eb395d6124b969ae7002d75 Mon Sep 17 00:00:00 2001 From: thegamecracks <61257169+thegamecracks@users.noreply.github.com> Date: Mon, 25 Mar 2024 01:23:45 -0400 Subject: [PATCH] feat: add error message for self-signed certs --- src/dumdum/client/app.py | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/src/dumdum/client/app.py b/src/dumdum/client/app.py index 39fbe50..55b78c9 100644 --- a/src/dumdum/client/app.py +++ b/src/dumdum/client/app.py @@ -34,6 +34,18 @@ def has_exception( return isinstance(exc, base) +def is_self_signed_certificate_exception(exc: BaseException) -> bool: + def predicate(exc: BaseException) -> bool: + if not isinstance(exc, ssl.SSLCertVerificationError): + return False + # https://www.openssl.org/docs/man1.0.2/man1/verify.html + return exc.verify_code == 18 + + if not isinstance(exc, BaseExceptionGroup): + exc = BaseExceptionGroup("", [exc]) + return exc.subgroup(predicate) is not None + + class ClientStoreFactory(Protocol): def __call__(self) -> ContextManager[ClientStore]: ... @@ -190,6 +202,14 @@ def _on_connection_lost(self, event: Event) -> None: "The server is unable to use SSL encryption. If you still want to " "connect using an insecure connection, you must turn off SSL.", ) + elif is_self_signed_certificate_exception(exc): + log.info("Cannot connect to server, self-signed certificate must be provided") + messagebox.showerror( + "Cannot Upgrade SSL", + "The server is using a self-signed certificate. In order to " + "connect, you must download their certificate from a trusted " + "source and then specify it in the certificate field.", + ) elif isinstance(exc, BaseExceptionGroup) and len(exc.exceptions) == 1: first_exception = exc.exceptions[0] log.error("Lost connection with server", exc_info=exc)