marco/ids.alfacom.it
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve MikroTik connection by supporting legacy SSL protocols

Browse Source 
Adds a custom SSL context to `httpx.AsyncClient` to allow connections to MikroTik devices using older TLS versions and cipher suites, specifically addressing SSL handshake failures.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: c7f10319-c117-454c-bfc1-1bd3a59078cd
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/jFtLBWL
This commit is contained in:
marco370 2025-11-25 17:58:02 +00:00
parent 5bb3c01ce8
commit ed197d8fb1
1 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
python_ml/mikrotik_manager.py
View File

@ -5,6 +5,7 @@ Più veloce e affidabile di SSH per 10+ router
import httpx import httpx
import asyncio import asyncio
import ssl
from typing import List, Dict, Optional from typing import List, Dict, Optional
from datetime import datetime from datetime import datetime
import hashlib import hashlib
@ -34,11 +35,27 @@ class MikroTikManager:
"Authorization": f"Basic {auth}", "Authorization": f"Basic {auth}",
"Content-Type": "application/json" "Content-Type": "application/json"
} }
# SSL context per MikroTik (supporta protocolli TLS legacy)
ssl_context = None
if protocol == "https":
ssl_context = ssl.create_default_context()
ssl_context.check_hostname = False
ssl_context.verify_mode = ssl.CERT_NONE
# Abilita protocolli TLS legacy per MikroTik (TLS 1.0+)
try:
ssl_context.minimum_version = ssl.TLSVersion.TLSv1
except AttributeError:
# Python < 3.7 fallback
pass
# Abilita cipher suite legacy per compatibilità
ssl_context.set_ciphers('DEFAULT@SECLEVEL=1')
self.clients[key] = httpx.AsyncClient( self.clients[key] = httpx.AsyncClient(
base_url=f"{protocol}://{router_ip}:{port}", base_url=f"{protocol}://{router_ip}:{port}",
headers=headers, headers=headers,
timeout=self.timeout, timeout=self.timeout,
verify=False # Disable SSL verification for self-signed certs verify=ssl_context if ssl_context else True
) )
return self.clients[key] return self.clients[key]