エイカク
d35771f97d
* fix: patch pip distlib finder for frozen electron runtime * fix: use certifi CA bundle for runtime SSL requests * fix: configure certifi CA before core imports * fix: improve mac font fallback for dashboard text * fix: harden frozen pip patch and unify TLS connector * refactor: centralize dashboard CJK font fallback stacks * perf: reuse TLS context and avoid repeated frozen pip patch * refactor: bootstrap TLS setup before core imports * fix: use async confirm dialog for provider deletions * fix: replace native confirm dialogs in dashboard - Add shared confirm helper in dashboard/src/utils/confirmDialog.ts for async dialog usage with safe fallback. - Migrate provider, chat, config, session, platform, persona, MCP, backup, and knowledge-base delete/close confirmations to use the shared helper. - Remove scattered inline confirm handling to keep behavior consistent and avoid native blocking dialog focus/caret issues in Electron. * fix: capture runtime bootstrap logs after logger init - Add bootstrap record buffer in runtime_bootstrap for early TLS patch logs before logger is ready. - Flush buffered bootstrap logs to astrbot logger at process startup in main.py. - Include concrete exception details for TLS bootstrap failures to improve diagnosis. * fix: harden runtime bootstrap and unify confirm handling - Simplify bootstrap log buffering and add a public initialize hook for non-main startup paths. - Guard aiohttp TLS patching with feature/type checks and keep graceful fallback when internals are unavailable. - Standardize dashboard confirmation flow via shared confirm helpers across composition and options API components. * refactor: simplify runtime tls bootstrap and tighten confirm typing * refactor: align ssl helper namespace and confirm usage
51 lines
1.6 KiB
Python
51 lines
1.6 KiB
Python
import logging
|
|
import ssl
|
|
from typing import Any
|
|
|
|
import aiohttp.connector as aiohttp_connector
|
|
|
|
from astrbot.utils.http_ssl_common import build_ssl_context_with_certifi
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
def _try_patch_aiohttp_ssl_context(
|
|
ssl_context: ssl.SSLContext,
|
|
log_obj: Any | None = None,
|
|
) -> bool:
|
|
log = log_obj or logger
|
|
attr_name = "_SSL_CONTEXT_VERIFIED"
|
|
|
|
if not hasattr(aiohttp_connector, attr_name):
|
|
log.warning(
|
|
"aiohttp connector does not expose _SSL_CONTEXT_VERIFIED; skipped patch.",
|
|
)
|
|
return False
|
|
|
|
current_value = getattr(aiohttp_connector, attr_name, None)
|
|
if current_value is not None and not isinstance(current_value, ssl.SSLContext):
|
|
log.warning(
|
|
"aiohttp connector exposes _SSL_CONTEXT_VERIFIED with unexpected type; skipped patch.",
|
|
)
|
|
return False
|
|
|
|
setattr(aiohttp_connector, attr_name, ssl_context)
|
|
log.info("Configured aiohttp verified SSL context with system+certifi trust chain.")
|
|
return True
|
|
|
|
|
|
def configure_runtime_ca_bundle(log_obj: Any | None = None) -> bool:
|
|
log = log_obj or logger
|
|
|
|
try:
|
|
log.info("Bootstrapping runtime CA bundle.")
|
|
ssl_context = build_ssl_context_with_certifi(log_obj=log)
|
|
return _try_patch_aiohttp_ssl_context(ssl_context, log_obj=log)
|
|
except Exception as exc:
|
|
log.error("Failed to configure runtime CA bundle for aiohttp: %r", exc)
|
|
return False
|
|
|
|
|
|
def initialize_runtime_bootstrap(log_obj: Any | None = None) -> bool:
|
|
return configure_runtime_ca_bundle(log_obj=log_obj)
|