[tor-bugs] #11127 [BridgeDB]: reCaptcha verification is hardcoded to use plaintext HTTP

[Tor Bug Tracker & Wiki]

#11127: reCaptcha verification is hardcoded to use plaintext HTTP
--------------------------+----------------------------
     Reporter:  isis      |      Owner:  isis
         Type:  defect    |     Status:  needs_review
     Priority:  major     |  Milestone:
    Component:  BridgeDB  |    Version:
   Resolution:            |   Keywords:  bridgedb-https
Actual Points:            |  Parent ID:
       Points:            |
--------------------------+----------------------------
Changes (by isis):

 * status:  new => needs_review


Comment:

 I wrote
 [https://gitweb.torproject.org/user/isis/bridgedb.git/shortlog/refs/heads/fix/11127
 -recaptcha-ssl a Twisted reCaptcha client which only uses SSL]. It also
 does full certificate chain verification, and cert hostname verification
 on a per-request basis.

 It's much faster. And it has full unittest coverage. :)

 I left the methods for creating the
 `bridgedb.crypto.SSLVerifyingContextFactory` and
 `twisted.web.client.Agent` separate from the main reCaptcha API functions,
 so we can use them for other requests. (For example, there is another
 blocking HTTP request in `bridgedb.[R|c]aptcha.Recaptcha.get()`, which
 obtains the CAPTCHA image and challenge string from the reCaptcha server,
 that could easily benefit from this as well.) Possible this SSL client-
 side stuff should be separate somewhere, but for now I just put it all in
 `bridgedb.txrecaptcha` (except for
 `bridgedb.crypto.SSLVerifyingContextFactory`.

 Please review!

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11127#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online