SSLEOFError
ed-alertedh opened this issue · 3 comments
I just tried pipwin install numpy and got the following error:
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='www.lfd.uci.edu', port=443): Max retries exceeded with url: /~gohlke/pythonlibs/ (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:748)'),))
I'm using pipwin 0.3.2 on python 3.6.2, Win 10 x64
I wonder if this is simply a bug or if Gohlke has put countermeasures in place... TBH I've never really understood why you'd make such a great public resource but then try to hinder access to it. I can only guess that he fears opening it up to automated install/package managers would cause a flood of extra traffic.
Yes, these issues keep popping up. I wish there was a simple api/set of links from Gohlke's side. Though I must admit, I haven't discussed this with him and this project lives independently. I might have done something in this regard but since I am not using Windows anymore, I just try to accept PRs here.
Do you have ideas for this particular issue? I don't think I will be able to look/fix this in this week.
I might look into it in my spare time to see if there's an easy fix - maybe next week since my computer is not actually set up at home atm
Ended up spending a little time on this in my lunch break. Some potential leads in this thread: psf/requests#3006 (comment)
I'm no expert on SSL but I suspect the latest python packages are not allowing the use of older ciphers, leaving the server no options so it terminates the connection:
https://www.ssllabs.com/ssltest/analyze.html?d=www.lfd.uci.edu
Universities are ironically often awful at managing IT. I'll have to see if there's a workaround to force python to play nice with this server.
edit: I can pull the cache with the following:
import ssl
import requests
from requests.adapters import HTTPAdapter
from urllib3.poolmanager import PoolManager
from urllib3.util.ssl_ import create_urllib3_context
CIPHERS ='RSA+3DES:ECDH+3DES:DH+3DES'
class DESAdapter(HTTPAdapter):
def init_poolmanager(self, connections, maxsize, block=False, *args, **kwargs):
context = create_urllib3_context(ciphers=CIPHERS)
kwargs['ssl_context'] = context
self.poolmanager = PoolManager(
num_pools=connections, maxsize=maxsize,
block=block, ssl_version=ssl.PROTOCOL_SSLv3, *args, **kwargs)
def build_cache():
"""
Get current data from the website http://www.lfd.uci.edu/~gohlke/pythonlibs/
Returns
-------
Dictionary containing package details
"""
data = {}
s = requests.Session()
s.mount(MAIN_URL, DESAdapter())
soup = RoboBrowser(session=s)
Important detail: apparently some servers don't handle a long list of ciphers well (> 255 bytes). I initially tried using the recommended list of ciphers from requests v2.11 but the server kept closing the connection:
CIPHERS = (
'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+HIGH:'
'DH+HIGH:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+HIGH:RSA+3DES:!aNULL:'
'!eNULL:!MD5'
)
https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance