Skip to content

Commit

Permalink
Add ability to disable TLS 1.2 (#2243)
Browse files Browse the repository at this point in the history 
Fix for Patreon Cloudflare issues by having only TLS v1.3 or higher establish HTTPS connections

This now allows you to disable it on a per-host or global basis.  Add disabletls12 as a config option either under extractor.(host) or just under extractor.  Option is false by default.

Example:
        "patreon":
        {
            "disabletls12": true,
            "cookies": {
                "session_id": "X"
            }
        }
  • Loading branch information
@shinji257
shinji257 authored Jan 30, 2022
1 parent d33227f commit 392cf07
Showing 1 changed file with 20 additions and 6 deletions.
26 changes: 20 additions & 6 deletions gallery_dl/extractor/common.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ class Extractor():
request_interval = 0.0
request_interval_min = 0.0
request_timestamp = 0.0
disabletls12 = False

def __init__(self, match):
self.log = logging.getLogger(self.category)
Expand All @@ -62,6 +63,11 @@ def __init__(self, match):
if self._retries < 0:
self._retries = float("inf")

self._additional_adapter_options = 0
if self.config("disabletls12"):
self._additional_adapter_options |= ssl.OP_NO_TLSv1_2
self.log.info("TLS 1.2 disabled.")

self._init_session()
self._init_cookies()
self._init_proxies()
Expand Down Expand Up @@ -243,9 +249,11 @@ def _init_session(self):
platform = "Macintosh; Intel Mac OS X 11.5"

if browser == "chrome":
_emulate_browser_chrome(session, platform, source_address)
_emulate_browser_chrome(session, platform, source_address,
self._additional_adapter_options)
else:
_emulate_browser_firefox(session, platform, source_address)
_emulate_browser_firefox(session, platform, source_address,
self._additional_adapter_options)
else:
if source_address:
session.mount("https://", SourceAdapter(source_address))
Expand All @@ -264,7 +272,8 @@ def _init_session(self):
if ciphers:
if isinstance(ciphers, list):
ciphers = ":".join(ciphers)
session.mount("https://", HTTPSAdapter(ciphers))
session.mount("https://", HTTPSAdapter(ciphers,
self._additional_adapter_options))

def _init_proxies(self):
"""Update the session's proxy map"""
Expand Down Expand Up @@ -632,10 +641,11 @@ def proxy_manager_for(self, *args, **kwargs):

class HTTPSAdapter(HTTPAdapter):

def __init__(self, ciphers, source_address=None):
def __init__(self, ciphers, additional_options, source_address=None):
context = self.ssl_context = ssl.create_default_context()
context.options |= (ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3 |
ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1)
context.options |= additional_options
context.set_ecdh_curve("prime256v1")
context.set_ciphers(ciphers)
self.source_address = source_address
Expand All @@ -652,7 +662,8 @@ def proxy_manager_for(self, *args, **kwargs):
return HTTPAdapter.proxy_manager_for(self, *args, **kwargs)


def _emulate_browser_firefox(session, platform, source_address):
def _emulate_browser_firefox(session, platform, source_address,
additional_options):
headers = session.headers
headers["User-Agent"] = ("Mozilla/5.0 (" + platform + "; rv:91.0) "
"Gecko/20100101 Firefox/91.0")
Expand Down Expand Up @@ -683,11 +694,13 @@ def _emulate_browser_firefox(session, platform, source_address):
"AES128-SHA:"
"AES256-SHA:"
"DES-CBC3-SHA",
additional_options,
source_address
))


def _emulate_browser_chrome(session, platform, source_address):
def _emulate_browser_chrome(session, platform, source_address,
additional_options):
if platform.startswith("Macintosh"):
platform = platform.replace(".", "_") + "_2"

Expand Down Expand Up @@ -720,6 +733,7 @@ def _emulate_browser_chrome(session, platform, source_address):
"AES128-SHA:"
"AES256-SHA:"
"DES-CBC3-SHA",
additional_options,
source_address
))

Expand Down

0 comments on commit 392cf07

Please sign in to comment.