From 85f25c90bbf8fe4078e12033803d36dddc6a0e8e Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 1 Nov 2022 23:12:32 +0100 Subject: [PATCH] Fixes #5216 --- lib/core/compat.py | 3 ++- lib/core/option.py | 1 - lib/core/settings.py | 2 +- lib/request/httpshandler.py | 13 ++++++------- 4 files changed, 9 insertions(+), 10 deletions(-) diff --git a/lib/core/compat.py b/lib/core/compat.py index c1998109f..7275ea07d 100644 --- a/lib/core/compat.py +++ b/lib/core/compat.py @@ -278,6 +278,7 @@ else: buffer = buffer try: - from pkg_resources import parse_version as LooseVersion + from packaging import version + LooseVersion = version.parse except ImportError: from distutils.version import LooseVersion diff --git a/lib/core/option.py b/lib/core/option.py index 306af7422..4e0d15104 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -2166,7 +2166,6 @@ def _setKnowledgeBaseAttributes(flushAll=True): kb.testType = None kb.threadContinue = True kb.threadException = False - kb.tlsSNI = {} kb.uChar = NULL kb.udfFail = False kb.unionDuplicates = False diff --git a/lib/core/settings.py b/lib/core/settings.py index 3d1214051..c9335e17b 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -20,7 +20,7 @@ from thirdparty import six from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.6.10.8" +VERSION = "1.6.11.0" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/request/httpshandler.py b/lib/request/httpshandler.py index 998fbd2c8..15bb41ff4 100644 --- a/lib/request/httpshandler.py +++ b/lib/request/httpshandler.py @@ -63,19 +63,21 @@ class HTTPSConnection(_http_client.HTTPSConnection): # Reference(s): https://docs.python.org/2/library/ssl.html#ssl.SSLContext # https://www.mnot.net/blog/2014/12/27/python_2_and_tls_sni - if re.search(r"\A[\d.]+\Z", self.host or "") is None and kb.tlsSNI.get(self.host) is not False and hasattr(ssl, "SSLContext"): + if hasattr(ssl, "SSLContext"): for protocol in (_ for _ in _protocols if _ >= ssl.PROTOCOL_TLSv1): try: sock = create_sock() if protocol not in _contexts: _contexts[protocol] = ssl.SSLContext(protocol) + if self.cert_file and self.key_file: + _contexts[protocol].load_cert_chain(certfile=self.cert_file, keyfile=self.key_file) try: # Reference(s): https://askubuntu.com/a/1263098 # https://askubuntu.com/a/1250807 _contexts[protocol].set_ciphers("DEFAULT@SECLEVEL=1") except ssl.SSLError: pass - result = _contexts[protocol].wrap_socket(sock, do_handshake_on_connect=True, server_hostname=self.host) + result = _contexts[protocol].wrap_socket(sock, do_handshake_on_connect=True, server_hostname=self.host if re.search(r"\A[\d.]+\Z", self.host or "") is None else None) if result: success = True self.sock = result @@ -88,14 +90,11 @@ class HTTPSConnection(_http_client.HTTPSConnection): self._tunnel_host = None logger.debug("SSL connection error occurred for '%s' ('%s')" % (_lut[protocol], getSafeExString(ex))) - if kb.tlsSNI.get(self.host) is None: - kb.tlsSNI[self.host] = success - - if not success: + elif hasattr(ssl, "wrap_socket"): for protocol in _protocols: try: sock = create_sock() - _ = ssl.wrap_socket(sock, self.key_file, self.cert_file, ssl_version=protocol) + _ = ssl.wrap_socket(sock, keyfile=self.key_file, certfile=self.cert_file, ssl_version=protocol) if _: success = True self.sock = _