Recursion error in certstream-python

[Fitblip]

See https://twitter.com/PaulWebSec/status/927800636703461376, and https://pastebin.com/6VXsfM7G (line 42).

It seems as though we're tripping Python's built-in stack overflow protection for some reason. The exact cause is unclear right now, but this seems to be a transient issue (as it happened a few hours into the run).

Relevant line (for google's indexes):

[ERROR:websocket] 2017-11-06 20:40:08,625 - error from callback <bound method CertStreamClient._on_error of <certstream.core.CertStreamClient object at 0x7fda0c028780>>: maximum recursion depth exceeded while calling a Python object

[ameygat]

+1 In morning I have run in my linuxmint VM where it run proper, on other server where Ubuntu VM it gives same error right now. I am running into error immediately when started the program.

[Fitblip]

Hey @ameygat - thanks for the data point! I've pushed an update (https://github.com/CaliDog/certstream-python/commit/e7dd15eec14a9ab4769c5de965d2d5f7ec9aa712). Let me know if you still encounter this error!

Otherwise have a great rest of your week! Thanks for trying out CertStream :)

[evuori]

Works like a charm now, confirmed! Thanks

[Fitblip]

@evuori - perfect! Thanks for the confirmation!

[ameygat]

I am still facing issue after upgrade. I have done pip install certstream --upgrade then running a script. I am getting different error.

:~/phishing_catcher$ ./catch_phishing.py
certificate_update: 0cert [00:00, ?cert/s][ERROR:root] 2017-11-09 09:50:18,341 - Error connecting to CertStream - [Errno 1] _ssl.c:510: error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error - Sleeping for a few seconds and trying again...
[ERROR:root] 2017-11-09 09:50:24,364 - Error connecting to CertStream - [Errno 1] _ssl.c:510: error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error - Sleeping for a few seconds and trying again...
^C[INFO:root] 2017-11-09 09:50:27,111 - Kill command received, exiting!!

Funny thing is similar behavior for this error also , I am getting error on ubuntu VM and not getting the error on the linuxmint VM. Not sure OS is related to issue or not.

[Fitblip]

@ameygat I've seen this issue before, it's usually caused by running an older version of python 2 which doesn't have TLS SNI support, which Heroku uses to ship the right certificate to the right request.

Can you try running it with python 3?

[ameygat]

But both VM I am running python 2 only where the code is running its 2.7.12 and where it is not running python 2.7.6 could it be due to the python version ?

[evuori]

@ameygat just go with python3 man

[Fitblip]

See my comment before, if you're running python 2.7.6 you won't be able to connect. Python added support for SNI in python 2.7.9.

You'll need at least python 2.7.9 to connect to certstream.

[ameygat]

@evuori I dont wanna go in python 2 Vs python3 but my other code are in python 2 so not shifting to python 3.

@Fitblip thanks for explaination.