diff options
| author | Jesusaves <cpntb1@ymail.com> | 2021-05-09 19:38:09 -0300 |
|---|---|---|
| committer | Jesusaves <cpntb1@ymail.com> | 2021-05-09 19:38:09 -0300 |
| commit | 45d6cbc1f98efcb1e54784111fb26b31c54efe8c (patch) | |
| tree | 3c7b526150454766a03da6bc72afd344e35bc99f | |
| parent | cd45f4cef59cf5dffe10ecf071baf397882dc4ab (diff) | |
| download | renpy-45d6cbc1f98efcb1e54784111fb26b31c54efe8c.tar.gz renpy-45d6cbc1f98efcb1e54784111fb26b31c54efe8c.tar.bz2 renpy-45d6cbc1f98efcb1e54784111fb26b31c54efe8c.tar.xz renpy-45d6cbc1f98efcb1e54784111fb26b31c54efe8c.zip | |
Add SSL support
| -rw-r--r-- | game/client.rpy | 2 | ||||
| -rw-r--r-- | game/core.rpy | 67 | ||||
| -rw-r--r-- | game/renpy.rpy | 4 | ||||
| -rw-r--r-- | game/update.rpy | 4 |
4 files changed, 72 insertions, 5 deletions
diff --git a/game/client.rpy b/game/client.rpy index 8a80ad4..459711c 100644 --- a/game/client.rpy +++ b/game/client.rpy @@ -38,7 +38,7 @@ init 2 python: "world": persistent.serverlist[idx]["UUID"]} PWD="" try: - r=requests.post(VAULT_HOST+"/world_pass", json=auth, timeout=15.0) + r=vault.post(VAULT_HOST+"/world_pass", json=auth, timeout=15.0) if r.status_code != 200: stdout("Get World Auth - Returned error code %d" % r.status_code) else: diff --git a/game/core.rpy b/game/core.rpy index 1e29da0..bd0a44c 100644 --- a/game/core.rpy +++ b/game/core.rpy @@ -8,7 +8,7 @@ init -3 python: renpy.add_python_directory("python-extra") import requests, zlib, base64, sys, copy, uuid, time, json, traceback - import os.path, os, shutil, subprocess, hashlib, zipfile + import os.path, os, shutil, subprocess, hashlib, zipfile, ssl, datetime # non-free imports import _renpysteam as steam import discord_rpc @@ -49,9 +49,11 @@ init -3 python: ############################################################################# # ["themanaworld.org", "germantmw.de", "moubootaurlegends.org"] if config.developer: - VAULT_HOST = "http://localhost:13370" + VAULT_HOST = "https://localhost:13370" + VAULT_CERT = "http://localhost/launcher/cert.pem" else: VAULT_HOST = "http://api.tmw2.org:13370" + VAULT_CERT = "http://tmw2.org/launcher/cert.pem" ############################################################################# # Encodes something to md5 @@ -135,6 +137,67 @@ init -3 python: stdout("dlsearch: r is None") return r + ################### + # Vault SSL wrapper + vault=requests.Session() + vault.cert = get_path("cert.pem") + vault.verify = get_path("cert.pem") + + ############################################################################ + ## Retrieve the Vault certificate. Otherwise, we cannot proceed. + ## From here and until the end of this code block, + ## ALL ERRORS ARE FATAL + def build_vault(): + while True: + try: + # Certificate exists, so validate it + if (os.path.exists(get_path("cert.pem"))): + stdout("PEM Certificate: Validating...") + cert=get_path("cert.pem") + x509=ssl._ssl._test_decode_cert(cert) + stdout("Expires on: %s" % str(x509["notAfter"])) + date=x509["notAfter"].split(" ") + year=0 + ## Attempt to retrieve year + for arg in date: + if len(arg) != 4: + continue + try: + year=int(arg) + break + except: + continue + ## If year was found and is after today, keep going + if (year+1) == datetime.datetime.utcnow().year: + stdout("Expires on: %04d\nCertificate is good, continue." % year) + else: + stdout("Year not found, expiring, or invalid, fetch a new one") + os.remove(cert) + + ###################################### + # Certificate does not exist, fetch it + if (not os.path.exists(get_path("cert.pem"))): + stdout("PEM Certificate not found; Fetching from %s" % VAULT_CERT) + r = requests.get(VAULT_CERT) + if (r.status_code != 200): + raise Exception("\nFailed to fetch Vault SSL Certificate.\b\n Returned HTTP error %d.\n\nClick \"Ignore\" to retry.\n\n" % r.status_code) + # Save it + with open(get_path("cert.pem"), 'wb') as fd: + for chunk in r.iter_content(chunk_size=128): + fd.write(chunk) + # Presumably all good, so do not continue and break the loop + stdout("PEM Download OK") + break + + break + except: + traceback.print_exc() + raise + stdout("Automatically retry in 5 seconds...") + time.sleep(5.0) + ## End FATAL mode + ############################################################# + ######### Done with pre-init label splashscreen: show TMW2 at truecenter with fade diff --git a/game/renpy.rpy b/game/renpy.rpy index 6b3bafc..b6e5b86 100644 --- a/game/renpy.rpy +++ b/game/renpy.rpy @@ -27,11 +27,15 @@ screen loading(): # The game starts here. label start: + $ statusmsg="Validating SSL Certificates..." scene black show screen loading call before_main_menu + # Build the Vault PEM, blocking and fatal + $ build_vault() + # Run updater $ renpy.invoke_in_thread(CONFIGURE_LAUNCHER) diff --git a/game/update.rpy b/game/update.rpy index 9bcadf1..8074d04 100644 --- a/game/update.rpy +++ b/game/update.rpy @@ -179,7 +179,7 @@ init python: status_update("Waiting for Vault reply...", 85) ## Request the Vault for the ticket validation - r = requests.post(VAULT_HOST+"/steam_auth", json=auth, timeout=15.0) + r = vault.post(VAULT_HOST+"/steam_auth", json=auth, timeout=15.0) ## Ticket error, we die here. if (r.status_code == 406): @@ -196,7 +196,7 @@ init python: status_update("Rate limited! Trying again 5s...", 85) time.sleep(5.0) status_update("Rate limited! Trying again...", 85) - r = requests.post(VAULT_HOST+"/steam_auth", json=auth, timeout=15.0) + r = vault.post(VAULT_HOST+"/steam_auth", json=auth, timeout=15.0) ## If still unsucessful, give up on Steam Auth if (r.status_code != 200): |