import re, json, datetime
+try:
+ import aia
+ aia_session = aia.AIASession()
+ # aia is broken on capath systems, needs cafile to work
+ aia_session._context.load_verify_locations(cafile='/etc/ssl/certs/ca-certificates.crt')
+ aia_session._trusted = {
+ aia.openssl_get_cert_info(ca_der)["subject"]: ca_der
+ for ca_der in aia_session._context.get_ca_certs(True)
+ }
+ print("aia loaded")
+except ImportError as e:
+ print(repr(e))
+ aia = None
+
hostmask_regex = re.compile(r'^(.*)!(.*)@(.*)$')
def parser_hostmask(hostmask):
line = ''
responses = process_line(line)
+ send_response(bot, chan, responses)
+
+def send_response(bot, chan, responses):
if len(responses) > 0:
if lib.parent.cfg.getboolean('urls', 'multiline'):
for r in responses:
else:
return "%.2f%siB" % (b, table[i])
-def goturl(url):
- output = []
- for _, group in other_regexes:
- for regex in group:
- if regex.match(url):
- return None
- request = urllib2.Request(url, headers={'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36'})
- opener = urllib2.build_opener(SmartRedirectHandler())
+def _do_request(url, try_aia=False):
+ """Returns the HTTPResponse object, or a string on error"""
+ request = urllib2.Request(url, headers={'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36', 'Sec-Ch-Ua': '"Chromium";v="116", "Not)A;Brand";v="24", "Google Chrome";v="116"', 'Sec-Ch-Ua-Mobile': '?0', 'Sec-Ch-Ua-Platform': '"Linux"', 'Sec-Fetch-Dest': 'document', 'Sec-Fetch-Mode': 'navigate', 'Sec-Fetch-Site': 'same-origin', 'Sec-Fetch-User': '?1', 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7', 'Accept-Language': 'en-US,en;q=0.9', 'Cache-Control': 'no-cache', 'Pragma': 'no-cache', 'Upgrade-Insecure-Requests': '1'})
+ if try_aia:
+ opener = urllib2.build_opener(urllib2.HTTPSHandler(context=aia_session.ssl_context_from_url(url)), SmartRedirectHandler())
+ else:
+ opener = urllib2.build_opener(SmartRedirectHandler())
# Send request and handle errors
try:
except urllib2.HTTPError as e:
return 'Request error: %s %s' % (e.code, e.reason)
except urllib2.URLError as e:
- return 'Request error: %s' % (e.reason)
+ if "certificate verify failed: unable to get local issuer certificate" in str(e.reason):
+ if aia: # Retry with AIA enabled
+ return _do_request(url, True)
+ else:
+ lib.parent.log('urls', '?', 'If the site is not serving the certificate chain, installing the aia library might make this request work: pip install aia')
+ return 'Request error: site may have broken TLS configuration (%s)' % (e.reason)
+ else:
+ return 'Request error: %s' % (e.reason)
except TimeoutError as e:
return 'Request error: request timed out'
except Exception as e:
return 'Unknown error: %s %r' % (type(e).__name__, e.args)
+ return response
+
+
+def goturl(url):
+ output = []
+ for _, group in other_regexes:
+ for regex in group:
+ if regex.match(url):
+ return None
+
+ response = _do_request(url)
+ if isinstance(response, stringbase):
+ return response
+
# Try to add type and length headers to reply
c_type = response.getheader('Content-Type', '').split(';', 1)[0]
c_len = response.getheader('Content-Length')
re.compile(r'https?://(?:[^/\s.]+\.)+[^/\s.]+(?:/\S+)?'),
)
other_regexes = (
+ (lambda x: '', (re.compile(r"""https?://(?:www\.)?(?:twitter|x)\.com/""", re.I),)), # skip twitter
+ (lambda x: '', (re.compile(r"""https?://(?:www\.)?reddit\.com/""", re.I),)), # skip new-reddit
)
regexes = other_regexes + (
(goturl, url_regex),