curl_cffi
curl_cffi copied to clipboard
lexiforest
TLS Version not changing
I'm trying to get 771 at the ja3 fingerprint but its not working, the curl_cffi asks me for an integer and I've tried what it allows me but the 772 never changes to 771 so I assume the TLS version is not changing no matter what I do, or something else...
from curl_cffi import CurlOpt, requests
response = requests.get("https://tools.scrapfly.io/api/fp/ja3",
curl_options={
CurlOpt.SSLVERSION: 6, #tried also, 0, 1 ...
})
print(response.text)
I've looked to use CURL_SSLVERSION_MAX_TLSv1_2 as well but I dont find any way to do that with curl_cffi.
Versions curl_cffi 0.6.3b1 Kubuntu 12 Python 3.11.6
ok I'll close this, I would say its a bug of scrapfly or something because here I get 771: https://check.ja3.zone/
ok at https://check.ja3.zone/ I get 771 but the TLS version is still 1.3, when what I want is 1.2, for example using this code it uses 1.2 how can I do this with curl_cffi?:
import requests
from requests.adapters import HTTPAdapter
from requests.packages.urllib3.poolmanager import PoolManager
import ssl
from urllib3.util.ssl_ import create_urllib3_context
class ForceTLS12Adapter(HTTPAdapter):
def init_poolmanager(self, *args, **kwargs):
context = create_urllib3_context(ssl_version=ssl.PROTOCOL_TLSv1_2)
self.poolmanager = PoolManager(*args, ssl_context=context, **kwargs)
s = requests.Session()
s.mount('https://', ForceTLS12Adapter())
response = s.get('https://check.ja3.zone/')
print(response.text)
Sorry, this won't work, as curl_cffi does not use urllib3 under the hood. The reason is probably that TLS version is fixed in upstream curl-impersonate. Anyway, TLS 1.3 is preferred to TLS 1.2.
Sorry, this won't work, as curl_cffi does not use urllib3 under the hood. The reason is probably that TLS version is fixed in upstream curl-impersonate. Anyway, TLS 1.3 is preferred to TLS 1.2.
Hi, here https://github.com/yifeikong/curl_cffi/issues/30 you suggested that putting in CURL_SSLVERSION_MAX_TLSv1_2 will work. Getting mixed signals, is changing TLS versions not supported by this library?
I would like it to be supported because I'm trying to achieve an specific ja3 fingerprint so not being allowed to change the TLS version is breaking my ja3.
Hi, here #30 you suggested that putting in CURL_SSLVERSION_MAX_TLSv1_2 will work. Getting mixed signals, is changing TLS versions not supported by this library?
This SHOULD work theoretically, but I havn't tried that in practice. If it does not work, it's probably because TLS version is fixed by the patch.
I'm trying to achieve an specific ja3 fingerprint
You can follow the updates of the pinned issue, customized fingerprints support is tracked there.
Just rechecked this issue, there are two TLS versions: the request one and the negotiated one:
"tls_version_record": "771",
"tls_version_negotiated": "772",
See: https://tls.peet.ws/api/all, which is more clear.
It seems that the TLS version is indeed fixed to 771, which is TLS v1.2. Luckily, most modern apps use the same version. However, if you are trying to impersonate a very old app, then it won't work, now.