Improve MikroTik connection by supporting legacy SSL protocols
Adds a custom SSL context to `httpx.AsyncClient` to allow connections to MikroTik devices using older TLS versions and cipher suites, specifically addressing SSL handshake failures. Replit-Commit-Author: Agent Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528 Replit-Commit-Checkpoint-Type: full_checkpoint Replit-Commit-Event-Id: c7f10319-c117-454c-bfc1-1bd3a59078cd Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/jFtLBWL
This commit is contained in:
marco370
parent
5bb3c01ce8
commit
ed197d8fb1
@ -5,6 +5,7 @@ Più veloce e affidabile di SSH per 10+ router
|
||||
|
||||
import httpx
|
||||
import asyncio
|
||||
import ssl
|
||||
from typing import List, Dict, Optional
|
||||
from datetime import datetime
|
||||
import hashlib
|
||||
@ -34,11 +35,27 @@ class MikroTikManager:
|
||||
"Authorization": f"Basic {auth}",
|
||||
"Content-Type": "application/json"
|
||||
}
|
||||
|
||||
# SSL context per MikroTik (supporta protocolli TLS legacy)
|
||||
ssl_context = None
|
||||
if protocol == "https":
|
||||
ssl_context = ssl.create_default_context()
|
||||
ssl_context.check_hostname = False
|
||||
ssl_context.verify_mode = ssl.CERT_NONE
|
||||
# Abilita protocolli TLS legacy per MikroTik (TLS 1.0+)
|
||||
try:
|
||||
ssl_context.minimum_version = ssl.TLSVersion.TLSv1
|
||||
except AttributeError:
|
||||
# Python < 3.7 fallback
|
||||
pass
|
||||
# Abilita cipher suite legacy per compatibilità
|
||||
ssl_context.set_ciphers('DEFAULT@SECLEVEL=1')
|
||||
|
||||
self.clients[key] = httpx.AsyncClient(
|
||||
base_url=f"{protocol}://{router_ip}:{port}",
|
||||
headers=headers,
|
||||
timeout=self.timeout,
|
||||
verify=False # Disable SSL verification for self-signed certs
|
||||
verify=ssl_context if ssl_context else True
|
||||
)
|
||||
return self.clients[key]
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user