Mercurial Repositories > eric / annotate
eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/certificateValidation.py@cd41c844862f (annotated)
eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/certificateValidation.py
Fri, 22 Jan 2021 16:48:43 +0100
- author
- Detlev Offenbach <detlev@die-offenbachs.de>
- date
- Fri, 22 Jan 2021 16:48:43 +0100
- changeset 7998
- cd41c844862f
- parent 7923
- 91e843545d9a
- child 8222
- 5994b80b8760
- permissions
- -rw-r--r--
Editor
- added functionality to insert docstring templates via the context menu (cursor placed on first line of function definition) or after entering the docstring start string (e.g. """ for Python)
|
7613
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
1 | # -*- coding: utf-8 -*- |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
2 | |
|
7923
91e843545d9a
Updated copyright for 2021.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
3 | # Copyright (c) 2020 - 2021 Detlev Offenbach <detlev@die-offenbachs.de> |
|
7613
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
4 | # |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
5 | |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
6 | """ |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
7 | Module implementing checks for switched off certificate validation. |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
8 | """ |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
9 | |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
10 | # |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
11 | # This is a modified version of the one found in the bandit package. |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
12 | # |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
13 | # Original Copyright 2014 Hewlett-Packard Development Company, L.P. |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
14 | # |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
15 | # SPDX-License-Identifier: Apache-2.0 |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
16 | # |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
17 | |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
18 | |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
19 | def getChecks(): |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
20 | """ |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
21 | Public method to get a dictionary with checks handled by this module. |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
22 | |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
23 | @return dictionary containing checker lists containing checker function and |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
24 | list of codes |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
25 | @rtype dict |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
26 | """ |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
27 | return { |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
28 | "Call": [ |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
29 | (checkNoCertificateValidation, ("S501",)), |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
30 | ], |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
31 | } |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
32 | |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
33 | |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
34 | def checkNoCertificateValidation(reportError, context, config): |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
35 | """ |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
36 | Function to check for switched off certificate validation. |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
37 | |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
38 | @param reportError function to be used to report errors |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
39 | @type func |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
40 | @param context security context object |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
41 | @type SecurityContext |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
42 | @param config dictionary with configuration data |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
43 | @type dict |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
44 | """ |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
45 | http_verbs = ('get', 'options', 'head', 'post', 'put', 'patch', 'delete') |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
46 | if ( |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
47 | 'requests' in context.callFunctionNameQual and |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
48 | context.callFunctionName in http_verbs |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
49 | ): |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
50 | if context.checkCallArgValue('verify', 'False'): |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
51 | reportError( |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
52 | context.getLinenoForCallArg('verify') - 1, |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
53 | context.getOffsetForCallArg('verify'), |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
54 | "S501", |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
55 | "H", |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
56 | "H" |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
57 | ) |
