Opened 17 months ago
Closed 16 months ago
#32527 closed defect (fixed)
urllib needs a SSL context to work with openssl 3.x
Reported by: | Thierry Monteil | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | sage-9.5 |
Component: | packages: standard | Keywords: | |
Cc: | Merged in: | ||
Authors: | Thierry Monteil | Reviewers: | Matthias Koeppe |
Report Upstream: | N/A | Work issues: | |
Branch: | 1d88693 (Commits, GitHub, GitLab) | Commit: | 1d88693ddf1758ae4fa7ccb6949161b52200e591 |
Dependencies: | Stopgaps: |
Description (last modified by )
Whith OpenSSL 3.x installed from Sage, we get the following error:
sage: oeis(42) <repr(<sage.databases.oeis.OEISSequence at 0x7f1fd4483e50>) failed: OSError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)> Error fetching https://oeis.org/search?q=A000042&n=1&fmt=text.>
This is due to the fact that we do not pass any SSL context to urllib.
The current branch also force https in the URL that are fetched by Sage, except:
src/sage/finance/stock.py
which is broken anyway #25473src/sage/combinat/matrices/hadamard_matrix.py
sincehttp://neilsloane.com/hadamard/
does not provide https connectionssrc/sage/combinat/designs/ext_rep.py
since neitherhttp://designtheory.org
norhttp://www.maths.qmul.ac.uk/~lsoicher/designtheory.org/
provide https connections.
Change History (8)
comment:1 Changed 17 months ago by
comment:3 Changed 17 months ago by
Branch: | → u/tmonteil/urllib_needs_a_ssl_context_to_work_with_openssl_3_x |
---|
comment:4 Changed 17 months ago by
Commit: | → 01c63814b4756555805769a0281b16b18336d1b2 |
---|---|
Description: | modified (diff) |
Status: | new → needs_review |
New commits:
01c6381 | #32527 : add a SSL context where needed
|
comment:5 Changed 17 months ago by
Commit: | 01c63814b4756555805769a0281b16b18336d1b2 → 1d88693ddf1758ae4fa7ccb6949161b52200e591 |
---|
Branch pushed to git repo; I updated commit sha1. This was a forced push. New commits:
1d88693 | #32527 : add a SSL context where needed
|
comment:6 Changed 17 months ago by
Reviewers: | → Matthias Koeppe |
---|---|
Status: | needs_review → positive_review |
This seems to work well, tested locally with ./sage -tp --optional=sage,internet src/sage/arith/misc.py src/sage/combinat/designs/covering_design.py src/sage/databases/ src/sage/doctest/external.py src/sage/graphs/isgci.py src/sage/interfaces/mathematica.py src/sage/misc/ src/sage/repl
There are a bunch of failures
sage -t --random-seed=0 src/sage/databases/oeis.py # 4 doctests failed sage -t --random-seed=0 src/sage/databases/findstat.py # 4 doctests failed
that come from absurdly rigid doctests. Fixing them is outside of the scope of this ticket.
comment:7 Changed 17 months ago by
Thanks for the review. Also tested on a bare VM with only Sage-shipped packages (including Python 3 and Openssl 3.0.0).
comment:8 Changed 16 months ago by
Branch: | u/tmonteil/urllib_needs_a_ssl_context_to_work_with_openssl_3_x → 1d88693ddf1758ae4fa7ccb6949161b52200e591 |
---|---|
Resolution: | → fixed |
Status: | positive_review → closed |
I think this is the same problem that we faced in #29418/#30950 (for
sage-system-python
)