Opened 2 years ago
Last modified 6 days ago
#30950 needs_review defect
sage-download-file: Proper initialization of SSL certificates
Reported by: | mkoeppe | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | build | Keywords: | |
Cc: | jhpalmieri, dimpase, etn40ff, tmonteil | Merged in: | |
Authors: | Thierry Monteil | Reviewers: | |
Report Upstream: | N/A | Work issues: | |
Branch: | u/tmonteil/sage_download_file__proper_initialization_of_ssl_certificates (Commits, GitHub, GitLab) | Commit: | f0ded5546d77b51a0ea1da252cd2444bef7c1207 |
Dependencies: | Stopgaps: |
Description (last modified by )
Change History (21)
comment:2 Changed 2 years ago by
This is affecting upstream URLs that are https.
You can test by replacing upstream/mirror_list
by something that always fails to force download from the upstream URL.
comment:3 Changed 2 years ago by
I put a print statement in sage-system-python
to say what Python it's using (2nd line below). I removed the attrs
tarball and modified mirror_list
to only include https sites. I see this at the top of the attrs
log file:
[attrs-19.3.0] Found local metadata for attrs-19.3.0 [attrs-19.3.0] PYTHON=/usr/bin/python3 [attrs-19.3.0] Attempting to download package attrs-19.3.0.tar.gz from mirrors [attrs-19.3.0] https://mirror.csclub.uwaterloo.ca/sage/spkg/upstream/attrs/attrs-19.3.0.tar.gz [attrs-19.3.0] [......................................................................] [attrs-19.3.0] attrs-19.3.0
comment:4 Changed 2 years ago by
I then modified sage_bootstrap/download/mirror_list.py
:
-
build/sage_bootstrap/download/mirror_list.py
diff --git a/build/sage_bootstrap/download/mirror_list.py b/build/sage_bootstrap/download/mirror_list.py index 12868bf608..3a4b9d22fc 100644
a b class MirrorList(object): 200 200 pass 201 201 for mirror in self.mirrors: 202 202 yield mirror 203 # If all else fails: Try the packages we host ourselves204 yield 'http://sagepad.org/'205 203 206 204 @property 207 205 def fastest(self):
and changed mirror_list
to include just a nonsense site. Then
Found local metadata for attrs-19.3.0 PYTHON=/usr/bin/python3 Attempting to download package attrs-19.3.0.tar.gz from mirrors http://uw.edu/spkg/upstream/attrs/attrs-19.3.0.tar.gz [xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx] ERROR [transfer|run:135]: [Errno socket error] [Errno socket error] [Errno 404] Not Found: '//www.washington.edu/spkg/upstream/attrs/attrs-19.3.0.tar.gz' Attempting to download from https://pypi.io/packages/source/a/attrs/attrs-19.3.0.tar.gz [......................................................................] attrs-19.3.0 ====================================================
comment:5 Changed 2 years ago by
This looks promising... I'm surprised that this seems to be working now. I don't think we changed anything. You don't have SAGE_DOWNLOAD_FILE_OPTIONS
set in your global environment by any chance?
comment:6 Changed 2 years ago by
I may be too optimistic, and it may depend, for example, on the version of OS X. Does the version of Python 3 depend on the version of Xcode, or the OS version, or something else? Anyway, this testing was done on Big Sur, although the same version of Python (3.8.2) is present on 10.15.7. The previous problems were reported with Python 3.7, I think.
I don't set any environment variables with names starting "SAGE".
comment:8 Changed 2 years ago by
You can have Python3 installed in Homebrew, Python3 installed from python.org, and system-provided Python3.
comment:9 Changed 2 years ago by
In my testing, it's the system-provided Python 3, /usr/bin/python3
.
comment:10 Changed 2 years ago by
Cc: | etn40ff added |
---|
comment:11 Changed 23 months ago by
Milestone: | sage-9.3 → sage-9.4 |
---|
Sage development has entered the release candidate phase for 9.3. Setting a new milestone for this ticket based on a cursory review of ticket status, priority, and last modification date.
comment:12 Changed 18 months ago by
Milestone: | sage-9.4 → sage-9.5 |
---|
comment:13 Changed 17 months ago by
Cc: | tmonteil added |
---|
comment:14 Changed 17 months ago by
Description: | modified (diff) |
---|
comment:15 Changed 16 months ago by
Branch: | → u/tmonteil/sage_download_file__proper_initialization_of_ssl_certificates |
---|
comment:16 Changed 16 months ago by
Authors: | → Thierry Monteil |
---|---|
Commit: | → f0ded5546d77b51a0ea1da252cd2444bef7c1207 |
Status: | new → needs_review |
Could you please tell if the proposed branch fixes your issue on MacOS ?
New commits:
f0ded55 | #30950 : add a default SSL context for sage_bootstrap/download
|
comment:17 Changed 16 months ago by
comment:18 Changed 14 months ago by
Milestone: | sage-9.5 → sage-9.6 |
---|
Stalled in needs_review
or needs_info
; likely won't make it into Sage 9.5.
comment:19 Changed 10 months ago by
Milestone: | sage-9.6 → sage-9.7 |
---|
comment:20 Changed 5 months ago by
Milestone: | sage-9.7 → sage-9.8 |
---|
comment:21 Changed 6 days ago by
Milestone: | sage-9.8 |
---|
Edit: hold on, trying again after editing
build/bin/sage-system-python
.Is this necessary? I'm not sure how to test, but here's what I did: with #29719 (new flint), I used
flint
was downloaded properly. Since that worked, I tried a pip package:That also worked. What should I be testing?