From: Oleg Broytman <phd@phdru.name>
Date: Tue, 20 Aug 2024 22:30:28 +0000 (+0300)
Subject: Feat(bkmk_rcurl): Lower SSL security settings
X-Git-Tag: 6.1.0~12
X-Git-Url: https://git.phdru.name/?a=commitdiff_plain;h=d9d9b186a3bdac84dcc0d1f8d5e7afd94571fe6e;p=bookmarks_db.git

Feat(bkmk_rcurl): Lower SSL security settings
---

diff --git a/Robots/bkmk_rcurl.py b/Robots/bkmk_rcurl.py
index d59f4b4..a144805 100644
--- a/Robots/bkmk_rcurl.py
+++ b/Robots/bkmk_rcurl.py
@@ -32,8 +32,10 @@ class robot_curl(robot_base):
 
         # Do not follow redirects
         curl.setopt(pycurl.FOLLOWLOCATION, 0)
-        # Verify that we've got the right site; harmless on a non-SSL connect.
-        curl.setopt(pycurl.SSL_VERIFYHOST, 2)
+        # Lower security settings - we need to get as musch as possible
+        curl.setopt(pycurl.SSL_CIPHER_LIST, 'ALL:@SECLEVEL=1')
+        curl.setopt(pycurl.SSL_VERIFYHOST, 0)
+        curl.setopt(pycurl.SSL_VERIFYPEER, 0)
         curl.setopt(curl.CAINFO, certifi.where())
         # Set timeouts to avoid hanging too long
         if url.startswith('ftp://'):