[issue45487] SSLEOFError regression with certain servers in Python 3.10
Richard
report at bugs.python.org
Fri Oct 15 11:41:08 EDT 2021
New submission from Richard <nyuszika7h at gmail.com>:
Starting in Python 3.10, TLS connections to certain servers (e.g. websocket-cs.vudu.com:443) are failing when it worked fine on Python 3.9 and earlier on the same system.
Minimal working example:
```
#!/usr/bin/env python3
import socket
import ssl
HOST = 'websocket-cs.vudu.com'
PORT = 443
sock = socket.create_connection((HOST, PORT))
ctx = ssl.create_default_context()
ssock = ctx.wrap_socket(sock, server_hostname=HOST)
print("Connection successful")
```
Output:
```
❯ python3.9 ssl_eof_test.py
Connection successful
❯ python3.10 ssl_eof_test.py
Traceback (most recent call last):
File "/home/nyuszika7h/ssl_eof_test.py", line 11, in <module>
ssock = ctx.wrap_socket(sock, server_hostname=HOST)
File "/home/nyuszika7h/.pyenv/versions/3.10.0/lib/python3.10/ssl.py", line 512, in wrap_socket
return self.sslsocket_class._create(
File "/home/nyuszika7h/.pyenv/versions/3.10.0/lib/python3.10/ssl.py", line 1070, in _create
self.do_handshake()
File "/home/nyuszika7h/.pyenv/versions/3.10.0/lib/python3.10/ssl.py", line 1341, in do_handshake
self._sslobj.do_handshake()
ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:997)
❯ python3.11 ssl_eof_test.py
Traceback (most recent call last):
File "/home/nyuszika7h/ssl_eof_test.py", line 11, in <module>
ssock = ctx.wrap_socket(sock, server_hostname=HOST)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/nyuszika7h/.pyenv/versions/3.11-dev/lib/python3.11/ssl.py", line 517, in wrap_socket
return self.sslsocket_class._create(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/nyuszika7h/.pyenv/versions/3.11-dev/lib/python3.11/ssl.py", line 1075, in _create
self.do_handshake()
^^^^^^^^^^^^^^^^^^^
File "/home/nyuszika7h/.pyenv/versions/3.11-dev/lib/python3.11/ssl.py", line 1346, in do_handshake
self._sslobj.do_handshake()
^^^^^^^^^^^^^^^^^^^^^^^^^^^
ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:998)
```
System information:
```
❯ uname -a
Linux cadoth 5.10.0-8-amd64 #1 SMP Debian 5.10.46-5 (2021-09-23) x86_64 GNU/Linux
❯ lsb_release -d
Description: Debian GNU/Linux 11 (bullseye)
❯ openssl version
OpenSSL 1.1.1k 25 Mar 2021
❯ python3.9 -VV
Python 3.9.2 (default, Feb 28 2021, 17:03:44)
[GCC 10.2.1 20210110]
❯ python3.10 -VV
Python 3.10.0 (default, Oct 5 2021, 00:24:29) [GCC 10.2.1 20210110]
❯ python3.11 -VV
Python 3.11.0a1+ (heads/main:547d26aa08, Oct 15 2021, 17:35:52) [GCC 10.2.1 20210110]
❯ python3.9 -c 'import ssl; print(ssl.OPENSSL_VERSION)'
OpenSSL 1.1.1k 25 Mar 2021
❯ python3.10 -c 'import ssl; print(ssl.OPENSSL_VERSION)'
OpenSSL 1.1.1k 25 Mar 2021
❯ python3.11 -c 'import ssl; print(ssl.OPENSSL_VERSION)'
OpenSSL 1.1.1k 25 Mar 2021
```
----------
assignee: christian.heimes
components: SSL
messages: 404033
nosy: christian.heimes, nyuszika7h
priority: normal
severity: normal
status: open
title: SSLEOFError regression with certain servers in Python 3.10
type: behavior
versions: Python 3.10, Python 3.11
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue45487>
_______________________________________
More information about the Python-bugs-list
mailing list