sysadmin/openfreemap
1
0
Fork 0
mirror of https://github.com/hyperknot/openfreemap.git synced 2026-05-21 14:02:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

work

Browse Source
This commit is contained in:
Zsolt Ero
2025-10-16 13:02:27 +02:00
parent a28df3156f
commit ba8c766698
2 changed files with 33 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
ssh_lib/pycurl.py
View File

@@ -13,13 +13,12 @@ Example:
How it works:
Overrides DNS resolution to connect to a specific IP while using the correct
hostname for TLS/SNI. This lets you bypass round-robin to test individual servers.
hostname for TLS/SNI. Verifies HTTPS is working without validating certificate chain.
"""
from io import BytesIO
from urllib.parse import urlparse
import certifi
import pycurl
@@ -28,6 +27,7 @@ def pycurl_status(url: str, target_ip: str) -> int:
Check HTTP status of a specific server behind round-robin DNS.
Makes a HEAD request to the target IP while using the hostname for HTTPS/SNI.
Verifies HTTPS is configured but does not validate certificate chain.
Args:
url: Full URL to request (e.g., 'https://api.example.com/health')
@@ -42,7 +42,8 @@ def pycurl_status(url: str, target_ip: str) -> int:
c = pycurl.Curl()
c.setopt(c.URL, url)
c.setopt(c.CAINFO, certifi.where())
c.setopt(c.SSL_VERIFYPEER, 0) # Skip cert validation
c.setopt(c.SSL_VERIFYHOST, 0) # Skip hostname validation
c.setopt(c.RESOLVE, [f'{hostname}:{port}:{target_ip}'])
c.setopt(c.NOBODY, True) # HEAD request
c.setopt(c.TIMEOUT, 5)
@@ -58,6 +59,7 @@ def pycurl_get(url: str, target_ip: str, binary: bool = False) -> str | bytes:
Fetch content from a specific server behind round-robin DNS.
Makes a GET request to the target IP while using the hostname for HTTPS/SNI.
Verifies HTTPS is configured but does not validate certificate chain.
Args:
url: Full URL to request (e.g., 'https://api.example.com/data')
@@ -77,7 +79,8 @@ def pycurl_get(url: str, target_ip: str, binary: bool = False) -> str | bytes:
buffer = BytesIO()
c = pycurl.Curl()
c.setopt(c.URL, url)
c.setopt(c.CAINFO, certifi.where())
c.setopt(c.SSL_VERIFYPEER, 0) # Skip cert validation
c.setopt(c.SSL_VERIFYHOST, 0) # Skip hostname validation
c.setopt(c.RESOLVE, [f'{hostname}:{port}:{target_ip}'])
c.setopt(c.WRITEDATA, buffer)
c.setopt(c.TIMEOUT, 5)
@@ -89,4 +92,4 @@ def pycurl_get(url: str, target_ip: str, binary: bool = False) -> str | bytes:
raise ValueError(f'status code: {status_code}')
body = buffer.getvalue()
return body if binary else body.decode('utf-8')
return body if binary else body.decode('utf-8')