Merge f5351a7ea3e28f979e2e9af30e3496c5912068a9 into cd64fb966e7e9d764e622e42b177a1f13dc65ec0

2025-05-15 12:43:40 +02:00 · 2025-05-15 12:43:40 +02:00 · f25af10eb4
commit f25af10eb4
parent cd64fb966e f5351a7ea3
2 changed files with 9 additions and 9 deletions
--- a/requirements.txt
+++ b/requirements.txt
@ -7,10 +7,10 @@ lxml==5.4.0
 pygments==2.19.1
 python-dateutil==2.9.0.post0
 pyyaml==6.0.2
-httpx[http2]==0.24.1
+httpx[http2]==0.28.1
+httpx-socks[asyncio]==0.10.0
 Brotli==1.1.0
 uvloop==0.21.0
-httpx-socks[asyncio]==0.7.7
 setproctitle==1.3.6
 redis==5.2.1
 markdown-it-py==3.0.0
--- a/searx/network/client.py
+++ b/searx/network/client.py
@ -24,7 +24,7 @@ LOOP = None
 SSLCONTEXTS: Dict[Any, SSLContext] = {}


-def shuffle_ciphers(ssl_context):
+def shuffle_ciphers(ssl_context: SSLContext):
    """Shuffle httpx's default ciphers of a SSL context randomly.

    From `What Is TLS Fingerprint and How to Bypass It`_
@ -41,16 +41,16 @@ def shuffle_ciphers(ssl_context):
       https://www.zenrows.com/blog/what-is-tls-fingerprint#how-to-bypass-tls-fingerprinting

    """
-    c_list = httpx._config.DEFAULT_CIPHERS.split(':')  # pylint: disable=protected-access
+    c_list = [cipher["name"] for cipher in ssl_context.get_ciphers()]
    sc_list, c_list = c_list[:3], c_list[3:]
    random.shuffle(c_list)
    ssl_context.set_ciphers(":".join(sc_list + c_list))


-def get_sslcontexts(proxy_url=None, cert=None, verify=True, trust_env=True, http2=False):
-    key = (proxy_url, cert, verify, trust_env, http2)
+def get_sslcontexts(proxy_url=None, cert=None, verify=True, trust_env=True):
+    key = (proxy_url, cert, verify, trust_env)
    if key not in SSLCONTEXTS:
-        SSLCONTEXTS[key] = httpx.create_ssl_context(cert, verify, trust_env, http2)
+        SSLCONTEXTS[key] = httpx.create_ssl_context(verify, cert, trust_env)
    shuffle_ciphers(SSLCONTEXTS[key])
    return SSLCONTEXTS[key]

@ -120,7 +120,7 @@ def get_transport_for_socks_proxy(verify, http2, local_address, proxy_url, limit
        rdns = True

    proxy_type, proxy_host, proxy_port, proxy_username, proxy_password = parse_proxy_url(proxy_url)
-    verify = get_sslcontexts(proxy_url, None, verify, True, http2) if verify is True else verify
+    verify = get_sslcontexts(proxy_url, None, verify, True) if verify is True else verify
    return AsyncProxyTransportFixed(
        proxy_type=proxy_type,
        proxy_host=proxy_host,
@ -138,7 +138,7 @@ def get_transport_for_socks_proxy(verify, http2, local_address, proxy_url, limit


 def get_transport(verify, http2, local_address, proxy_url, limit, retries):
-    verify = get_sslcontexts(None, None, verify, True, http2) if verify is True else verify
+    verify = get_sslcontexts(None, None, verify, True) if verify is True else verify
    return httpx.AsyncHTTPTransport(
        # pylint: disable=protected-access
        verify=verify,