import re, json, datetime
+try:
+ import aia
+ aia_session = aia.AIASession()
+ # aia is broken on capath systems, needs cafile to work
+ aia_session._context.load_verify_locations(cafile='/etc/ssl/certs/ca-certificates.crt')
+ aia_session._trusted = {
+ aia.openssl_get_cert_info(ca_der)["subject"]: ca_der
+ for ca_der in aia_session._context.get_ca_certs(True)
+ }
+ print("aia loaded")
+except ImportError as e:
+ print(repr(e))
+ aia = None
+
hostmask_regex = re.compile(r'^(.*)!(.*)@(.*)$')
def parser_hostmask(hostmask):
else:
return "%.2f%siB" % (b, table[i])
-def goturl(url):
- output = []
- for _, group in other_regexes:
- for regex in group:
- if regex.match(url):
- return None
+def _do_request(url, try_aia=False):
+ """Returns the HTTPResponse object, or a string on error"""
request = urllib2.Request(url, headers={'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36'})
- opener = urllib2.build_opener(SmartRedirectHandler())
+ if try_aia:
+ opener = urllib2.build_opener(urllib2.HTTPSHandler(context=aia_session.ssl_context_from_url(url)), SmartRedirectHandler())
+ else:
+ opener = urllib2.build_opener(SmartRedirectHandler())
# Send request and handle errors
try:
except urllib2.HTTPError as e:
return 'Request error: %s %s' % (e.code, e.reason)
except urllib2.URLError as e:
- return 'Request error: %s' % (e.reason)
+ if "certificate verify failed: unable to get local issuer certificate" in str(e.reason):
+ if aia: # Retry with AIA enabled
+ return _do_request(url, True)
+ else:
+ lib.parent.log('urls', '?', 'If the site is not serving the certificate chain, installing the aia library might make this request work: pip install aia')
+ return 'Request error: site may have broken TLS configuration (%s)' % (e.reason)
+ else:
+ return 'Request error: %s' % (e.reason)
except TimeoutError as e:
return 'Request error: request timed out'
except Exception as e:
return 'Unknown error: %s %r' % (type(e).__name__, e.args)
+ return response
+
+
+def goturl(url):
+ output = []
+ for _, group in other_regexes:
+ for regex in group:
+ if regex.match(url):
+ return None
+
+ response = _do_request(url)
+ if isinstance(response, stringbase):
+ return response
+
# Try to add type and length headers to reply
c_type = response.getheader('Content-Type', '').split(';', 1)[0]
c_len = response.getheader('Content-Length')