From 84f4d3bc0b85d7f434da272b7b000036430d9257 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mike=20F=C3=A4hrmann?= <mike_faehrmann@web.de>
Date: Thu, 18 Jul 2019 19:42:13 +0200
Subject: [PATCH] replace urllib3's default cipher list with Firefox's (#342)

Avoids Cloudflare CAPTCHAs on both Linux in Windows without
pyOpenSSL installed.
---
 gallery_dl/extractor/common.py | 34 +++++++++++++++++-----------------
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/gallery_dl/extractor/common.py b/gallery_dl/extractor/common.py
index 80cffc134d..486b307745 100644
--- a/gallery_dl/extractor/common.py
+++ b/gallery_dl/extractor/common.py
@@ -432,23 +432,23 @@ class Extr(cls):
 http.cookiejar.MozillaCookieJar.magic_re = re.compile(
     "#( Netscape)? HTTP Cookie File", re.IGNORECASE)
 
-# Update default cipher list of urllib3 to avoid Cloudflare CAPTCHAs
-# List taken from urllib3 1.25:
-# https://github.com/urllib3/urllib3/blob/1.25/src/urllib3/util/ssl_.py
+# Replace default cipher list of urllib3
+# with the one used by Firefox to avoid Cloudflare CAPTCHAs
 from requests.packages.urllib3.util import ssl_  # noqa
 ssl_.DEFAULT_CIPHERS = (
-    "ECDHE+AESGCM:"
-    "ECDHE+CHACHA20:"
-    "DHE+AESGCM:"
-    "DHE+CHACHA20:"
-    "ECDH+AESGCM:"
-    "DH+AESGCM:"
-    "ECDH+AES:"
-    "DH+AES:"
-    "RSA+AESGCM:"
-    "RSA+AES:"
-    "!aNULL:"
-    "!eNULL:"
-    "!MD5:"
-    "!DSS"
+    "ECDHE-ECDSA-AES128-GCM-SHA256:"
+    "ECDHE-RSA-AES128-GCM-SHA256:"
+    "ECDHE-ECDSA-CHACHA20-POLY1305:"
+    "ECDHE-RSA-CHACHA20-POLY1305:"
+    "ECDHE-ECDSA-AES256-GCM-SHA384:"
+    "ECDHE-RSA-AES256-GCM-SHA384:"
+    "ECDHE-ECDSA-AES256-SHA:"
+    "ECDHE-ECDSA-AES128-SHA:"
+    "ECDHE-RSA-AES128-SHA:"
+    "ECDHE-RSA-AES256-SHA:"
+    "DHE-RSA-AES128-SHA:"
+    "DHE-RSA-AES256-SHA:"
+    "AES128-SHA:"
+    "AES256-SHA:"
+    "DES-CBC3-SHA"
 )