EOF occurred in violation of protocol
maimorag opened this issue · 4 comments
Describe the bug
I'm trying to connect to an account using self-signed certificate, by using NoVerifyHTTPAdapter in BaseProtocol.HTTP_ADAPTER_CLS .
When I access account.inbox.parent I get "EOF occurred in violation of protocol" locally (and "Connection reset by peer" from external server):
Traceback (most recent call last):
File "/usr/local/lib/python3.10/site-packages/cached_property.py", line 70, in __get__
return obj_dict[name]
KeyError: 'inbox'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.10/site-packages/cached_property.py", line 70, in __get__
return obj_dict[name]
KeyError: 'root'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.10/site-packages/urllib3/connectionpool.py", line 715, in urlopen
httplib_response = self._make_request(
File "/usr/local/lib/python3.10/site-packages/urllib3/connectionpool.py", line 404, in _make_request
self._validate_conn(conn)
File "/usr/local/lib/python3.10/site-packages/urllib3/connectionpool.py", line 1058, in _validate_conn
conn.connect()
File "/usr/local/lib/python3.10/site-packages/urllib3/connection.py", line 419, in connect
self.sock = ssl_wrap_socket(
File "/usr/local/lib/python3.10/site-packages/urllib3/util/ssl_.py", line 449, in ssl_wrap_socket
ssl_sock = _ssl_wrap_socket_impl(
File "/usr/local/lib/python3.10/site-packages/urllib3/util/ssl_.py", line 493, in _ssl_wrap_socket_impl
return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
File "/usr/local/lib/python3.10/ssl.py", line 513, in wrap_socket
return self.sslsocket_class._create(
File "/usr/local/lib/python3.10/ssl.py", line 1104, in _create
self.do_handshake()
File "/usr/local/lib/python3.10/ssl.py", line 1375, in do_handshake
self._sslobj.do_handshake()
ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:1007)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.10/site-packages/requests/adapters.py", line 486, in send
resp = conn.urlopen(
File "/usr/local/lib/python3.10/site-packages/urllib3/connectionpool.py", line 799, in urlopen
retries = retries.increment(
File "/usr/local/lib/python3.10/site-packages/urllib3/util/retry.py", line 592, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host=serverlink, port=443): Max retries exceeded with url: /ews/exchange.asmx (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1007)')))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/usr/local/lib/python3.10/site-packages/requests/sessions.py", line 589, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.10/site-packages/requests/sessions.py", line 703, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python3.10/site-packages/requests/adapters.py", line 517, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='hosy', port=443): Max retries exceeded with url: /ews/exchange.asmx (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1007)')))
I managed to connect to the server with curl:
I didn't encountered this issue when using 5.0.3. another step I tried to add to the docker image the flag "SSL_OP_IGNORE_UNEXPECTED_EOF" it didn't help.
To Reproduce
from exchangelib import Credentials, Account
from exchangelib.protocol import BaseProtocol, NoVerifyHTTPAdapter
BaseProtocol.HTTP_ADAPTER_CLS = NoVerifyHTTPAdapter
credentials = Credentials("john@example.com", "topsecret")
account = Account("john@example.com", credentials=credentials, autodiscover=True)
account.inbox.all()
Expected behavior
getting valid response
Additional context
For example, Python and exchangelib versions.
python 3.10
exchangelib- 5.2.1
This is an issue with SSL certificates between your host system and the Exchange server, and not a problem with exchangelib as such. You would most likely get the same error if you did just:
import requests
requests.get("https://hosy/ews/exchange.asmx")
The reason curl works is because you connected to port 80, not 443, so there was no SSL certificate to validate. Try curl -vvv https://hosy/ews/exchange.asmx
instead.
Hey @ecederstrand,
Thank you for your quick response!
is there any way to pass this?
if I try connecting using another server I get the Connection reset by peer':
Traceback (most recent call last): File "<string>", line 12790, in get_folder_by_path File "/usr/local/lib/python3.10/site-packages/cached_property.py", line 74, in __get__ return obj_dict.setdefault(name, self.func(obj)) File "/usr/local/lib/python3.10/site-packages/exchangelib/account.py", line 286, in inbox return self.root.get_default_folder(Inbox) File "/usr/local/lib/python3.10/site-packages/cached_property.py", line 74, in __get__ return obj_dict.setdefault(name, self.func(obj)) File "/usr/local/lib/python3.10/site-packages/exchangelib/account.py", line 350, in root return Root.get_distinguished(account=self) File "/usr/local/lib/python3.10/site-packages/exchangelib/folders/roots.py", line 145, in get_distinguished return cls._get_distinguished( File "/usr/local/lib/python3.10/site-packages/exchangelib/folders/base.py", line 221, in _get_distinguished return cls.resolve(account=folder.account, folder=folder) File "/usr/local/lib/python3.10/site-packages/exchangelib/folders/base.py", line 525, in resolve folders = list(FolderCollection(account=account, folders=[folder]).resolve()) File "/usr/local/lib/python3.10/site-packages/exchangelib/folders/collections.py", line 335, in resolve yield from self.__class__(account=self.account, folders=resolveable_folders).get_folders( File "/usr/local/lib/python3.10/site-packages/exchangelib/folders/collections.py", line 403, in get_folders yield from GetFolder(account=self.account).call( File "/usr/local/lib/python3.10/site-packages/exchangelib/services/get_folder.py", line 51, in _elems_to_objs for folder, elem in zip(self.folders, elems): File "/usr/local/lib/python3.10/site-packages/exchangelib/services/common.py", line 278, in _chunked_get_elements yield from self._get_elements(payload=payload_func(chunk, **kwargs)) File "/usr/local/lib/python3.10/site-packages/exchangelib/services/common.py", line 326, in _get_elements raise e File "/usr/local/lib/python3.10/site-packages/exchangelib/services/common.py", line 299, in _get_elements yield from self._response_generator(payload=payload) File "/usr/local/lib/python3.10/site-packages/exchangelib/services/common.py", line 262, in _response_generator response = self._get_response_xml(payload=payload) File "/usr/local/lib/python3.10/site-packages/exchangelib/services/common.py", line 395, in _get_response_xml r = self._get_response(payload=payload, api_version=api_version) File "/usr/local/lib/python3.10/site-packages/exchangelib/services/common.py", line 346, in _get_response r, session = post_ratelimited( File "/usr/local/lib/python3.10/site-packages/exchangelib/util.py", line 841, in post_ratelimited raise ErrorTimeoutExpired(f"Reraised from {e.__class__.__name__}({e})") exchangelib.errors.ErrorTimeoutExpired: Reraised from ConnectionError(('Connection aborted.', ConnectionResetError(104, 'Connection reset by peer')))
I tried to follow #455 but the retry policy hasn't work as well
In your last stack trace it looks like the server is not accepting connections. It's not possible from the stack trace to see why - it could be network issues, firewall issues, connecting to the wrong server, or something else.
Regarding the SSL certificate issue, I think you will get better help in a forum dedicated to SSL certificate validation.
ok thank you!