mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-24 10:33:47 +03:00
Fixes #5216
This commit is contained in:
parent
c382321134
commit
eda669e10b
|
@ -278,6 +278,7 @@ else:
|
||||||
buffer = buffer
|
buffer = buffer
|
||||||
|
|
||||||
try:
|
try:
|
||||||
from pkg_resources import parse_version as LooseVersion
|
from packaging import version
|
||||||
|
LooseVersion = version.parse
|
||||||
except ImportError:
|
except ImportError:
|
||||||
from distutils.version import LooseVersion
|
from distutils.version import LooseVersion
|
||||||
|
|
|
@ -2166,7 +2166,6 @@ def _setKnowledgeBaseAttributes(flushAll=True):
|
||||||
kb.testType = None
|
kb.testType = None
|
||||||
kb.threadContinue = True
|
kb.threadContinue = True
|
||||||
kb.threadException = False
|
kb.threadException = False
|
||||||
kb.tlsSNI = {}
|
|
||||||
kb.uChar = NULL
|
kb.uChar = NULL
|
||||||
kb.udfFail = False
|
kb.udfFail = False
|
||||||
kb.unionDuplicates = False
|
kb.unionDuplicates = False
|
||||||
|
|
|
@ -20,7 +20,7 @@ from thirdparty import six
|
||||||
from thirdparty.six import unichr as _unichr
|
from thirdparty.six import unichr as _unichr
|
||||||
|
|
||||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||||
VERSION = "1.6.10.8"
|
VERSION = "1.6.11.2"
|
||||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||||
|
|
|
@ -63,19 +63,21 @@ class HTTPSConnection(_http_client.HTTPSConnection):
|
||||||
|
|
||||||
# Reference(s): https://docs.python.org/2/library/ssl.html#ssl.SSLContext
|
# Reference(s): https://docs.python.org/2/library/ssl.html#ssl.SSLContext
|
||||||
# https://www.mnot.net/blog/2014/12/27/python_2_and_tls_sni
|
# https://www.mnot.net/blog/2014/12/27/python_2_and_tls_sni
|
||||||
if re.search(r"\A[\d.]+\Z", self.host or "") is None and kb.tlsSNI.get(self.host) is not False and hasattr(ssl, "SSLContext"):
|
if hasattr(ssl, "SSLContext"):
|
||||||
for protocol in (_ for _ in _protocols if _ >= ssl.PROTOCOL_TLSv1):
|
for protocol in (_ for _ in _protocols if _ >= ssl.PROTOCOL_TLSv1):
|
||||||
try:
|
try:
|
||||||
sock = create_sock()
|
sock = create_sock()
|
||||||
if protocol not in _contexts:
|
if protocol not in _contexts:
|
||||||
_contexts[protocol] = ssl.SSLContext(protocol)
|
_contexts[protocol] = ssl.SSLContext(protocol)
|
||||||
|
if self.cert_file and self.key_file:
|
||||||
|
_contexts[protocol].load_cert_chain(certfile=self.cert_file, keyfile=self.key_file)
|
||||||
try:
|
try:
|
||||||
# Reference(s): https://askubuntu.com/a/1263098
|
# Reference(s): https://askubuntu.com/a/1263098
|
||||||
# https://askubuntu.com/a/1250807
|
# https://askubuntu.com/a/1250807
|
||||||
_contexts[protocol].set_ciphers("DEFAULT@SECLEVEL=1")
|
_contexts[protocol].set_ciphers("DEFAULT@SECLEVEL=1")
|
||||||
except ssl.SSLError:
|
except ssl.SSLError:
|
||||||
pass
|
pass
|
||||||
result = _contexts[protocol].wrap_socket(sock, do_handshake_on_connect=True, server_hostname=self.host)
|
result = _contexts[protocol].wrap_socket(sock, do_handshake_on_connect=True, server_hostname=self.host if re.search(r"\A[\d.]+\Z", self.host or "") is None else None)
|
||||||
if result:
|
if result:
|
||||||
success = True
|
success = True
|
||||||
self.sock = result
|
self.sock = result
|
||||||
|
@ -88,14 +90,11 @@ class HTTPSConnection(_http_client.HTTPSConnection):
|
||||||
self._tunnel_host = None
|
self._tunnel_host = None
|
||||||
logger.debug("SSL connection error occurred for '%s' ('%s')" % (_lut[protocol], getSafeExString(ex)))
|
logger.debug("SSL connection error occurred for '%s' ('%s')" % (_lut[protocol], getSafeExString(ex)))
|
||||||
|
|
||||||
if kb.tlsSNI.get(self.host) is None:
|
elif hasattr(ssl, "wrap_socket"):
|
||||||
kb.tlsSNI[self.host] = success
|
|
||||||
|
|
||||||
if not success:
|
|
||||||
for protocol in _protocols:
|
for protocol in _protocols:
|
||||||
try:
|
try:
|
||||||
sock = create_sock()
|
sock = create_sock()
|
||||||
_ = ssl.wrap_socket(sock, self.key_file, self.cert_file, ssl_version=protocol)
|
_ = ssl.wrap_socket(sock, keyfile=self.key_file, certfile=self.cert_file, ssl_version=protocol)
|
||||||
if _:
|
if _:
|
||||||
success = True
|
success = True
|
||||||
self.sock = _
|
self.sock = _
|
||||||
|
|
Loading…
Reference in New Issue
Block a user