Message409050
Problems emerged when Requests phased out PyOpenSSL as their default backend https://github.com/psf/requests/blob/main/HISTORY.md#2240-2020-06-17
Suddenly my script wasn't able to connect to a remote server that it had been working with for years.
All connection attempts with Python built-in SSL module, with various certificate or TLS configurations tested, result in a blunt ConnectionResetError during `do_handshake()`
This leads me to believe Python SSL module is maybe incompatible [with some IIS thing] in some perhaps fixable way, because going with PyOpenSSL backend via `urllib3.contrib.pyopenssl.inject_into_urllib3()`
I can provide the real server name in a private email if any maintainers is interested in doing a debug run in some more thorough way that I'm unable to, let me know.
Example test:
```
$ ipython
Python 3.9.9 (main, Dec 21 2021, 17:21:49)
Type 'copyright', 'credits' or 'license' for more information
IPython 7.29.0 -- An enhanced Interactive Python. Type '?' for help.
In [1]: import ssl
In [2]: context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
In [3]: import socket
In [4]: context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT, verify_mode=ssl.CERT_NONE)
In [5]: conn = context.wrap_socket(socket.socket(socket.AF_INET), server_hostname="webapi.remote")
In [6]: conn.connect(("webapi.remote", 52100))
---------------------------------------------------------------------------
ConnectionResetError Traceback (most recent call last)
<ipython-input-6-f778062c5e51> in <module>
----> 1 conn.connect(("webapi.remote", 52100))
/usr/lib/python3.9/ssl.py in connect(self, addr)
1340 """Connects to remote ADDR, and then wraps the connection in
1341 an SSL channel."""
-> 1342 self._real_connect(addr, False)
1343
1344 def connect_ex(self, addr):
/usr/lib/python3.9/ssl.py in _real_connect(self, addr, connect_ex)
1331 self._connected = True
1332 if self.do_handshake_on_connect:
-> 1333 self.do_handshake()
1334 return rc
1335 except (OSError, ValueError):
/usr/lib/python3.9/ssl.py in do_handshake(self, block)
1307 if timeout == 0.0 and block:
1308 self.settimeout(None)
-> 1309 self._sslobj.do_handshake()
1310 finally:
1311 self.settimeout(timeout)
ConnectionResetError: [Errno 104] Connection reset by peer
``` |
|
Date |
User |
Action |
Args |
2021-12-22 19:02:14 | lkraav | set | recipients:
+ lkraav, christian.heimes |
2021-12-22 19:02:14 | lkraav | set | messageid: <1640199734.31.0.675782620401.issue46156@roundup.psfhosted.org> |
2021-12-22 19:02:14 | lkraav | link | issue46156 messages |
2021-12-22 19:02:14 | lkraav | create | |
|