Mercurial Repositories > eric / file diff

diff: src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/insecureSslTls.py

src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/insecureSslTls.py

branch
eric7
changeset 9221
bf71ee032bb4
parent 9209
b99e7fd55fd3
child 9653
e67609152c5e
--- a/src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/insecureSslTls.py	Wed Jul 13 11:16:20 2022 +0200
+++ b/src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/insecureSslTls.py	Wed Jul 13 14:55:47 2022 +0200
@@ -21,7 +21,7 @@
 def getChecks():
     """
     Public method to get a dictionary with checks handled by this module.
-    
+
     @return dictionary containing checker lists containing checker function and
         list of codes
     @rtype dict
@@ -40,7 +40,7 @@
 def checkInsecureSslProtocolVersion(reportError, context, config):
     """
     Function to check for use of insecure SSL protocol version.
-    
+
     @param reportError function to be used to report errors
     @type func
     @param context security context object
@@ -50,48 +50,47 @@
     """
     insecureProtocolVersions = (
         config["insecure_ssl_protocol_versions"]
-        if config and "insecure_ssl_protocol_versions" in config else
-        SecurityDefaults["insecure_ssl_protocol_versions"]
+        if config and "insecure_ssl_protocol_versions" in config
+        else SecurityDefaults["insecure_ssl_protocol_versions"]
     )
-    
-    if context.callFunctionNameQual == 'ssl.wrap_socket':
-        if context.checkCallArgValue('ssl_version', insecureProtocolVersions):
+
+    if context.callFunctionNameQual == "ssl.wrap_socket":
+        if context.checkCallArgValue("ssl_version", insecureProtocolVersions):
             reportError(
-                context.getLinenoForCallArg('ssl_version') - 1,
-                context.getOffsetForCallArg('ssl_version'),
+                context.getLinenoForCallArg("ssl_version") - 1,
+                context.getOffsetForCallArg("ssl_version"),
                 "S502.1",
                 "H",
                 "H",
             )
-    
-    elif context.callFunctionNameQual == 'pyOpenSSL.SSL.Context':
-        if context.checkCallArgValue('method', insecureProtocolVersions):
+
+    elif context.callFunctionNameQual == "pyOpenSSL.SSL.Context":
+        if context.checkCallArgValue("method", insecureProtocolVersions):
             reportError(
-                context.getLinenoForCallArg('method') - 1,
-                context.getOffsetForCallArg('method'),
+                context.getLinenoForCallArg("method") - 1,
+                context.getOffsetForCallArg("method"),
                 "S502.2",
                 "H",
                 "H",
             )
-    
+
     elif (
-        context.callFunctionNameQual != 'ssl.wrap_socket' and
-        context.callFunctionNameQual != 'pyOpenSSL.SSL.Context'
+        context.callFunctionNameQual != "ssl.wrap_socket"
+        and context.callFunctionNameQual != "pyOpenSSL.SSL.Context"
     ):
-        if context.checkCallArgValue('method', insecureProtocolVersions):
+        if context.checkCallArgValue("method", insecureProtocolVersions):
             reportError(
-                context.getLinenoForCallArg('method') - 1,
-                context.getOffsetForCallArg('method'),
+                context.getLinenoForCallArg("method") - 1,
+                context.getOffsetForCallArg("method"),
                 "S502.3",
                 "H",
                 "H",
             )
-        
-        elif context.checkCallArgValue('ssl_version',
-                                       insecureProtocolVersions):
+
+        elif context.checkCallArgValue("ssl_version", insecureProtocolVersions):
             reportError(
-                context.getLinenoForCallArg('ssl_version') - 1,
-                context.getOffsetForCallArg('ssl_version'),
+                context.getLinenoForCallArg("ssl_version") - 1,
+                context.getOffsetForCallArg("ssl_version"),
                 "S502.3",
                 "H",
                 "H",
@@ -101,7 +100,7 @@
 def checkInsecureSslDefaults(reportError, context, config):
     """
     Function to check for SSL use with insecure defaults specified.
-    
+
     @param reportError function to be used to report errors
     @type func
     @param context security context object
@@ -111,10 +110,10 @@
     """
     insecureProtocolVersions = (
         config["insecure_ssl_protocol_versions"]
-        if config and "insecure_ssl_protocol_versions" in config else
-        SecurityDefaults["insecure_ssl_protocol_versions"]
+        if config and "insecure_ssl_protocol_versions" in config
+        else SecurityDefaults["insecure_ssl_protocol_versions"]
     )
-    
+
     for default in context.functionDefDefaultsQual:
         val = default.split(".")[-1]
         if val in insecureProtocolVersions:
@@ -130,7 +129,7 @@
 def checkSslWithoutVersion(reportError, context, config):
     """
     Function to check for SSL use with no version specified.
-    
+
     @param reportError function to be used to report errors
     @type func
     @param context security context object
@@ -139,8 +138,8 @@
     @type dict
     """
     if (
-        context.callFunctionNameQual == 'ssl.wrap_socket' and
-        context.checkCallArgValue('ssl_version') is None
+        context.callFunctionNameQual == "ssl.wrap_socket"
+        and context.checkCallArgValue("ssl_version") is None
     ):
         # checkCallArgValue() returns False if the argument is found
         # but does not match the supplied value (or the default None).

Mercurial Repository: eric

eric ide

mercurial