Correct handeling of no Cryptography

When checking passwords and in the Config
9 years ago · d239b07900
5 changed files with 32 additions and 13 deletions
--- a/interfaces/Config/templates/config_general.tmpl
+++ b/interfaces/Config/templates/config_general.tmpl
@ -147,13 +147,17 @@
                <div class="field-pair">
                    <label class="config" for="https_cert">$T('opt-https_cert')</label>
                    <input type="text" name="https_cert" id="https_cert" value="$https_cert" />
-                    <button class="btn btn-default generate_cert" title="$T('explain-new-cert')"><span class="glyphicon glyphicon-repeat"></span></button>
+                    <button class="btn btn-default generate_cert" title="$T('explain-new-cert')" <!--#if int($have_cryptography) == 0 then "disabled" else ""#-->>
+                        <span class="glyphicon glyphicon-repeat"></span>
+                    </button>
                    <span class="desc">$T('explain-https_cert')</span>
                </div>
                <div class="field-pair">
                    <label class="config" for="https_key">$T('opt-https_key')</label>
                    <input type="text" name="https_key" id="https_key" value="$https_key" />
-                    <button class="btn btn-default generate_cert" title="$T('explain-new-cert')"><span class="glyphicon glyphicon-repeat"></span></button>
+                    <button class="btn btn-default generate_cert" title="$T('explain-new-cert')" <!--#if int($have_cryptography) == 0 then "disabled" else ""#-->>
+                        <span class="glyphicon glyphicon-repeat"></span>
+                    </button>
                    <span class="desc">$T('explain-https_key')</span>
                </div>
                <div class="field-pair">
--- a/sabnzbd/init.py
+++ b/sabnzbd/init.py
@ -93,6 +93,12 @@ except:
    HAVE_SSL = False
    HAVE_SSL_CONTEXT = False

+try:
+    import cryptography
+    HAVE_CRYPTOGRAPHY = True
+except:
+    HAVE_CRYPTOGRAPHY = False
+
 # Now we can import safely
 from sabnzbd.nzbqueue import NzbQueue
 from sabnzbd.postproc import PostProcessor
--- a/sabnzbd/assembler.py
+++ b/sabnzbd/assembler.py
@ -324,25 +324,32 @@ def check_encrypted_and_unwanted_files(nzo, filepath):
            try:
                zf = rarfile.RarFile(filepath, all_names=True)
                # Check for encryption
-                if (nzo.encrypted == 0 and cfg.pause_on_pwrar()):
-                    encrypted = zf.needs_password() or is_cloaked(filepath, zf.namelist())
-                    if encrypted and not nzo.reuse:
+                if nzo.encrypted == 0 and cfg.pause_on_pwrar() and (zf.needs_password() or is_cloaked(filepath, zf.namelist())):
+                    # Load all passwords
+                    passwords = get_all_passwords(nzo)
+
+                    # if no cryptography installed, only error when no password was set
+                    if not sabnzbd.HAVE_CRYPTOGRAPHY and not passwords:
+                        logging.info(T('%s missing'), 'Python Cryptography')
+                        nzo.encrypted = 1
+                        encrypted = True
+
+                    elif sabnzbd.HAVE_CRYPTOGRAPHY:
                        # Lets test if any of the password work
-                        passwords = get_all_passwords(nzo)
                        password_hit = False
                        rarfile.UNRAR_TOOL = sabnzbd.newsunpack.RAR_COMMAND

                        for password in passwords:
                            if password:
-                                logging.debug('Trying password "%s" on job "%s"', password, nzo.final_name)
+                                logging.info('Trying password "%s" on job "%s"', password, nzo.final_name)
                                try:
                                    zf.setpassword(password)
                                    zf.testrar()
-                                    password_hit = True
+                                    password_hit = password
                                    break
                                except rarfile.RarCRCError:
                                    # On CRC error we can continue!
-                                    password_hit = True
+                                    password_hit = password
                                    break
                                except:
                                    pass
@ -350,11 +357,13 @@ def check_encrypted_and_unwanted_files(nzo, filepath):
                        # Did any work?
                        if password_hit:
                            # Don't check other files
+                            logging.info('Password "%s" matches for job "%s"', password_hit, nzo.final_name)
                            nzo.encrypted = -1
                            encrypted = False
                        else:
                            # Encrypted and none of them worked
                            nzo.encrypted = 1
+                            encrypted = True
                    else:
                        # Don't check other files
                        nzo.encrypted = -1
--- a/sabnzbd/interface.py
+++ b/sabnzbd/interface.py
@ -1610,6 +1610,7 @@ class ConfigGeneral(object):
        conf['restart_req'] = sabnzbd.RESTART_REQ

        conf['have_ssl'] = sabnzbd.HAVE_SSL
+        conf['have_cryptography'] = sabnzbd.HAVE_CRYPTOGRAPHY

        wlist = []
        interfaces = globber_full(sabnzbd.DIR_INTERFACES)
--- a/sabnzbd/misc.py
+++ b/sabnzbd/misc.py
@ -1156,14 +1156,13 @@ else:

 def create_https_certificates(ssl_cert, ssl_key):
    """ Create self-signed HTTPS certificates and store in paths 'ssl_cert' and 'ssl_key' """
-    try:
-        from sabnzbd.utils.certgen import generate_key, generate_local_cert
-    except:
-        logging.warning(T('%s missing'), 'Python Cryptography')
+    if not sabnzbd.HAVE_CRYPTOGRAPHY:
+        logging.error(T('%s missing'), 'Python Cryptography')
        return False

    # Save the key and certificate to disk
    try:
+        from sabnzbd.utils.certgen import generate_key, generate_local_cert
        private_key = generate_key(key_size=2048, output_file=ssl_key)
        cert = generate_local_cert(private_key, days_valid=356*10, output_file=ssl_cert, LN=u'SABnzbd', ON=u'SABnzbd', CN=u'SABnzbd')
        logging.info('Self-signed certificates generated successfully')