Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#17368 - [python] 2.6.4 timeouts on ssl connection
Attached to Project:
Arch Linux
Opened by Ari Caldeira (aricaldeira) - Thursday, 03 December 2009, 18:58 GMT
Last edited by Allan McRae (Allan) - Sunday, 06 December 2009, 00:06 GMT
Opened by Ari Caldeira (aricaldeira) - Thursday, 03 December 2009, 18:58 GMT
Last edited by Allan McRae (Allan) - Sunday, 06 December 2009, 00:06 GMT
|
DetailsDescription: Python 2.6.4 timeouts on ssl connection
Additional info: * package version(s): python-2.6.4-1 Steps to reproduce: I'm trying the following code: def conectar_servico(soap, arquivo_certificado, senha): host = 'homologacao.nfe.fazenda.sp.gov.br' post = '/nfeweb/services/nfestatusservico.asmx' #_separa_certificado(arquivo_certificado, senha) chave = 'key.pem' certificado = 'cert.pem' try: con = HTTPSConnection(host, key_file=chave, cert_file=certificado, timeout=2.0, strict=True) con.set_debuglevel(2) con.request('POST', post, soap.xml, soap.header) resp = con.getresponse() print resp.status print resp.read() con.close() except Exception, e: print e soap.headers is the following dict: {'SOAPAction': '"http://www.portalfiscal.inf.br/nfe/wsdl/NfeStatusServico/nfeStatusServicoNF"', 'Connection': 'keep-alive', 'Content-Type': 'text/xml; charset=utf-8', 'Keep-Alive': '300'} soap.xml is the following string: '<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><nfeStatusServicoNF xmlns="http://www.portalfiscal.inf.br/nfe/wsdl/NfeStatusServico"><nfeCabecMsg><?xml version="1.0" encoding="utf-8" standalone="no"?><cabecMsg xmlns="http://www.portalfiscal.inf.br/nfe" versao="1.02"><versaoDados>1.07</versaoDados></cabecMsg></nfeCabecMsg><nfeDadosMsg><?xml version="1.0" encoding="utf-8"?><consStatServ xmlns="http://www.portalfiscal.inf.br/nfe" versao="1.07"><tpAmb>2</tpAmb><cUF>35</cUF><xServ>STATUS</xServ></consStatServ></nfeDadosMsg></nfeStatusServicoNF></soap:Body></soap:Envelope>' The exact same code works fine on an freshly installed and updated Ubuntu 9.10. The traceback is the following: Traceback (most recent call last): File "teste.py", line 98, in <module> testar_soap() File "teste.py", line 94, in testar_soap conectar_servico(j, u'certificado.pfx', u'xxxx') File "/nfe/soap.py", line 130, in conectar_servico resp = con.getresponse() File "/usr/lib/python2.6/httplib.py", line 974, in getresponse response.begin() File "/usr/lib/python2.6/httplib.py", line 391, in begin version, status, reason = self._read_status() File "/usr/lib/python2.6/httplib.py", line 349, in _read_status line = self.fp.readline() File "/usr/lib/python2.6/socket.py", line 397, in readline data = recv(1) File "/usr/lib/python2.6/ssl.py", line 96, in <lambda> self.recv = lambda buflen=1024, flags=0: SSLSocket.recv(self, buflen, flags) File "/usr/lib/python2.6/ssl.py", line 222, in recv raise x ssl.SSLError: The read operation timed out Changing or omitting strict parameter has no effect, as well as omitting or changing the value of the timeout parameter. I thought it may have something to do with applied patches or compile flags, so I got all the files from abs, edited the PKGBUILD, commented out all the patch-applying and left the ./configure line only as: ./configure --prefix=/usr Run makepkg, pacman -U the resulting package, and it broke libxml2 with the following error: File "/usr/lib/python2.6/site-packages/libxml2.py", line 1, in <module> import libxml2mod ImportError: libpython2.6.so.1.0: cannot open shared object file: No such file or directory I'll keep trying to solve this, if I find something new, I'll post it here. Thanks! |
This task depends upon
Just an update: I just create a VirtualBox VM, installed a fresh-from-ftp archlinux, installed python, python-lxml and pyopenssl, and the problem persisted.
Then I tried to remove python-lxml and pyopenssl, and install them via easy_install, just in case, and the problem persisted.
I guess I'll seek for the patches Ubuntu applies, and try to find out something that could be related to this issue.
Thank you!
Pardus applies this patch:
https://svn.pardus.org.tr/pardus/2009/devel/system/base/python/files/python-2.6.2-ssl_handshake_timeout.patch
Note sure I like it...
I tried your patch, and it didn't work, so I checked the issues immediate dependencies.
Ubuntu is using openssl version 0.9.8g, and I had access to a debian machine that has openssl 0.9.8k, and where the code works.
So I hacked the openssl PKGBUILD to create a vanilla openssl version 0.9.8k, and the code started to work!
Then I tried a vanilla openssl version 0.9.8l and it stopped working again.
Well, for now, the code is working, so my problem is solved, but the bug remains.
From here I really don't know where to go... Should I file another bug report? Report it upstream to python?
Thank you!
I checked out the CHANGES file in version 0.9.8l source, and it seems that is the only change that was made, so it must be it.
If I understood it correctly, I must find a way to set the SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION if I want openssl to behave the old way.
I have no idea how to do this :-) but I guess the problem is solved, since it's not really a bug.
So, for now, I'm putting openssl in pacman.conf IgnorePkg.