Skip to content

Commit

Permalink
Merge pull request #791 from blacklanternsecurity/fix-ssl-issues
Browse files Browse the repository at this point in the history
Fix SSL Verification Errors
  • Loading branch information
TheTechromancer authored Oct 18, 2023
2 parents c2ed0a6 + 5e3a57a commit 2f08f7f
Showing 1 changed file with 13 additions and 8 deletions.
21 changes: 13 additions & 8 deletions bbot/core/helpers/web.py
Original file line number Diff line number Diff line change
Expand Up @@ -132,7 +132,10 @@ class WebHelper:
def __init__(self, parent_helper):
self.parent_helper = parent_helper
self.http_debug = self.parent_helper.config.get("http_debug", False)
self._ssl_context_noverify = None
self.ssl_verify = self.parent_helper.config.get("ssl_verify", False)
if self.ssl_verify is False:
self.ssl_verify = self.ssl_context_noverify()
self.web_client = self.AsyncClient(persist_cookies=False)

def AsyncClient(self, *args, **kwargs):
Expand Down Expand Up @@ -453,7 +456,7 @@ async def curl(self, *args, **kwargs):
curl_command.append("--path-as-is")

# respect global ssl verify settings
if self.ssl_verify == False:
if self.ssl_verify is not True:
curl_command.append("-k")

headers = kwargs.get("headers", {})
Expand Down Expand Up @@ -563,13 +566,15 @@ def is_spider_danger(self, source_event, url):
return False

def ssl_context_noverify(self):
ssl_context = ssl.create_default_context()
ssl_context.check_hostname = False
ssl_context.verify_mode = ssl.CERT_NONE
ssl_context.options &= ~ssl.OP_NO_SSLv2 & ~ssl.OP_NO_SSLv3
ssl_context.set_ciphers("ALL:@SECLEVEL=0")
ssl_context.options |= 0x4 # Add the OP_LEGACY_SERVER_CONNECT option
return ssl_context
if self._ssl_context_noverify is None:
ssl_context = ssl.create_default_context()
ssl_context.check_hostname = False
ssl_context.verify_mode = ssl.CERT_NONE
ssl_context.options &= ~ssl.OP_NO_SSLv2 & ~ssl.OP_NO_SSLv3
ssl_context.set_ciphers("ALL:@SECLEVEL=0")
ssl_context.options |= 0x4 # Add the OP_LEGACY_SERVER_CONNECT option
self._ssl_context_noverify = ssl_context
return self._ssl_context_noverify

@asynccontextmanager
async def _acatch(self, url, raise_error):
Expand Down

0 comments on commit 2f08f7f

Please sign in to comment.