Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(py): fix SSL for python > 3.8 #3

Merged
merged 2 commits into from
May 14, 2024
Merged

fix(py): fix SSL for python > 3.8 #3

merged 2 commits into from
May 14, 2024

Conversation

timo8042
Copy link

@timo8042 timo8042 commented Nov 6, 2023

Fix error "ssl.SSLError: Cannot create a client socket with a PROTOCOL_TLS_SERVER context " display on Python3.10

@timo8042 timo8042 mentioned this pull request Nov 6, 2023
Closed
@MrAsterisco
Copy link
Owner

Hey @timo8042 ! Thanks for creating this!

Would you mind pointing to the documentation you used to get to this change? What I'm a bit worried about is compatibility with the previous versions of Pythons, which worked with version 3.8. If we merge this and it's not compatible with the existing installation, people will get angry. 😃

@LeLunZ
Copy link

LeLunZ commented May 13, 2024

@MrAsterisco I have the same problem as @timo8042
With newer python versions its not working anymore.

But I just installed 3.8 for testing, and his code also works for me on 3.8 and 3.11.

Here more information about the issue:
CLIENT_AUTH seems to set PROTOCOL_TLS_SERVER which is used for servers (?) see here. I haven't worked with the ssl library. But here is a issue about the confusing behaviour: python/cpython#96972
I think we need to set SERVER_AUTH instead of CLIENT_AUTH, because we want a (mqtt) client not a server (?)

These lines are needed because SERVER_AUTH sets other defaults.

        ssl_context.check_hostname = False
        ssl_context.verify_mode = ssl.CERT_NONE

General question:
why not just upgrade the python package and the homebridge package. Users with python3.8 can always install the old version if they want. (and 3.8 end of life is in 5 months)
I thinks it would be better that new users have a seamless experience with installing the package, and dont need to build python3.8 from source.
Its more of a theoretical question, as I did test it on 3.8 and it worked.

@MrAsterisco
Copy link
Owner

@LeLunZ well... when I raised that comment, the situation was different, but my concerns were never answered 😃 I'm okay with merging this now, also considering you tested it (which is great, btw, thank you!).

I will move forward with the merge. We will then also need a corresponding PR on the Homebridge plugin.

@MrAsterisco MrAsterisco self-requested a review May 14, 2024 07:43
@MrAsterisco MrAsterisco merged commit 2242619 into MrAsterisco:master May 14, 2024
This was referenced May 14, 2024
Closed
Merged
@MrAsterisco
Copy link
Owner

@LeLunZ I cannot tag you on the plugin repo, because you never contributed there. I opened a PR that you can use to test whether the plugin works with the updated Python package.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MrAsterisco MrAsterisco MrAsterisco approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@timo8042 @MrAsterisco @LeLunZ