diff --git a/specials/resolverdns.py b/specials/resolverdns.py index ec244237..73f043bb 100644 --- a/specials/resolverdns.py +++ b/specials/resolverdns.py @@ -14,6 +14,12 @@ except: import sqlite3 as sql db = os.path.join(config.get_data_path(), 'kod_db.sqlite') +if 'PROTOCOL_TLS' in ssl.__dict__: + protocol = ssl.PROTOCOL_TLS +elif 'PROTOCOL_SSLv23' in ssl.__dict__: + protocol = ssl.PROTOCOL_SSLv23 +else: + protocol = ssl.PROTOCOL_SSLv3 class CustomSocket(ssl.SSLSocket): def __init__(self, *args, **kwargs): @@ -40,7 +46,7 @@ class CipherSuiteAdapter(host_header_ssl.HostHeaderSSLAdapter): def __init__(self, domain, CF=False, *args, **kwargs): self.conn = sql.connect(db) self.cur = self.conn.cursor() - self.ssl_context = CustomContext(ssl.PROTOCOL_TLS if 'PROTOCOL_TLS' in ssl.__dict__ else ssl.PROTOCOL_SSLv3, domain) + self.ssl_context = CustomContext(protocol, domain) self.CF = CF # if cloudscrape is in action self.cipherSuite = kwargs.pop('cipherSuite', ssl._DEFAULT_CIPHERS) @@ -99,7 +105,7 @@ class CipherSuiteAdapter(host_header_ssl.HostHeaderSSLAdapter): domain = parse.netloc else: raise requests.exceptions.URLRequired - self.ssl_context = CustomContext(ssl.PROTOCOL_TLS if 'PROTOCOL_TLS' in ssl.__dict__ else ssl.PROTOCOL_SSLv3, domain) + self.ssl_context = CustomContext(protocol, domain) if self.CF: self.ssl_context.options |= (ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3 | ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1) self.ssl_context.set_ciphers(self.cipherSuite) @@ -123,7 +129,13 @@ class CipherSuiteAdapter(host_header_ssl.HostHeaderSSLAdapter): except Exception as e: logger.info('Request for ' + domain + ' with ip ' + ip + ' failed') logger.info(e) - tryFlush = True + if 'SSLError' in str(e): + # disabilito + config.set_setting("resolver_dns", False) + request.url = realUrl + ret = super(CipherSuiteAdapter, self).send(request, **kwargs) + else: + tryFlush = True if tryFlush and not flushedDns: # re-request ips and update cache logger.info('Flushing dns cache for ' + domain) return self.flushDns(request, domain, **kwargs)