From fc0a279129a8d3d80f6006565091c29ce5b0dda6 Mon Sep 17 00:00:00 2001 From: "Jorge Alberto Diaz Orozco (Akiel)" Date: Mon, 5 Feb 2024 20:15:01 +0100 Subject: [PATCH 1/2] Stop allowing the usage of the library without certificate it is insecure and should be avoided --- outline_vpn/outline_vpn.py | 18 ++++++++++++++---- test_outline_vpn.py | 8 +++++++- 2 files changed, 21 insertions(+), 5 deletions(-) diff --git a/outline_vpn/outline_vpn.py b/outline_vpn/outline_vpn.py index 64836d0..bfe1e11 100644 --- a/outline_vpn/outline_vpn.py +++ b/outline_vpn/outline_vpn.py @@ -28,6 +28,10 @@ class OutlineServerErrorException(Exception): pass +class OutlineLibraryException(Exception): + pass + + class _FingerprintAdapter(requests.adapters.HTTPAdapter): """ This adapter injected into the requests session will check that the @@ -52,7 +56,7 @@ class OutlineVPN: An Outline VPN connection """ - def __init__(self, api_url: str, cert_sha256: str = None): + def __init__(self, api_url: str, cert_sha256: str): self.api_url = api_url if cert_sha256: @@ -60,7 +64,9 @@ def __init__(self, api_url: str, cert_sha256: str = None): session.mount("https://", _FingerprintAdapter(cert_sha256)) self.session = session else: - self.session = requests.Session() + raise OutlineLibraryException( + "No certificate SHA256 provided. Running without certificate is no longer supported." + ) def get_keys(self): """Get all keys in the outline server""" @@ -96,7 +102,9 @@ def get_keys(self): raise OutlineServerErrorException("Unable to retrieve keys") def get_key(self, key_id: str) -> OutlineKey: - response = self.session.get(f"{self.api_url}/access-keys/{key_id}", verify=False) + response = self.session.get( + f"{self.api_url}/access-keys/{key_id}", verify=False + ) if response.status_code == 200: key = response.json() @@ -148,7 +156,9 @@ def create_key(self, key_name=None) -> OutlineKey: def delete_key(self, key_id: str) -> bool: """Delete a key""" - response = self.session.delete(f"{self.api_url}/access-keys/{key_id}", verify=False) + response = self.session.delete( + f"{self.api_url}/access-keys/{key_id}", verify=False + ) return response.status_code == 204 def rename_key(self, key_id: str, name: str): diff --git a/test_outline_vpn.py b/test_outline_vpn.py index 1411a38..02403a0 100644 --- a/test_outline_vpn.py +++ b/test_outline_vpn.py @@ -7,7 +7,7 @@ import pytest -from outline_vpn.outline_vpn import OutlineVPN +from outline_vpn.outline_vpn import OutlineVPN, OutlineLibraryException @pytest.fixture @@ -24,6 +24,12 @@ def client() -> OutlineVPN: return client +def test_no_cert_sha256_raises_exception(): + """Test that the client raises an exception if the cert sha256 is not provided""" + with pytest.raises(OutlineLibraryException): + OutlineVPN(api_url="https://aaa", cert_sha256="") + + def test_get_keys(client: OutlineVPN): # pylint: disable=W0621 """Test for the get keys method""" assert len(client.get_keys()) >= 1 From 35b10805e5a3928bdb0760449debb97bf6d4110f Mon Sep 17 00:00:00 2001 From: "Jorge Alberto Diaz Orozco (Akiel)" Date: Mon, 5 Feb 2024 20:15:34 +0100 Subject: [PATCH 2/2] Bump version to 5.0.0 --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 846e79c..b545d75 100644 --- a/setup.py +++ b/setup.py @@ -5,7 +5,7 @@ setup( name="outline-vpn-api", - version="4.1.0", + version="5.0.0", packages=["outline_vpn"], url="https://github.com/jadolg/outline-vpn-api/", license="MIT",