search

RDFLib / sparqlwrapper

A wrapper for a remote SPARQL endpoint
https://sparqlwrapper.readthedocs.io/
Other
526 stars 122 forks source link

TLS changes in Python 3.10, insecure endpoint #217

Open milan252525 opened 2 years ago

milan252525 commented 2 years ago

I'm trying to use this library with the latest Python version (3.10.4).

There were several changes to TLS settings of Python 3.10 (Issue43998)

The problem is I'm querying SPARQL endpoint with now insecure cipher settings. I attached an SSL error bellow. The endpoint is https://rpp-opendata.egon.gov.cz/odrpp/sparql.

This can be fixed by editing the library to pass SSLContextto urllib.request.ulropen in the following way:

in SPARQLWrapper._query():

import ssl

ctx = ssl.create_default_context()
ctx.set_ciphers("DEFAULT")

try:
            if self.timeout:
                response = urlopener(request, timeout=self.timeout, context=ctx)
            else:
                response = urlopener(request, context=ctx)
            return response, self.returnFormat
...

But this obviously requires changing library code. Would it be possible to update the library to accept a context from outside?

Error:

Traceback (most recent call last):
  File "path1\venv\lib\site-packages\flask\app.py", line 2077, in wsgi_app
    response = self.full_dispatch_request()
  File "path1\venv\lib\site-packages\flask\app.py", line 1525, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "path1\venv\lib\site-packages\flask\app.py", line 1523, in full_dispatch_request
    rv = self.dispatch_request()
  File "path1\venv\lib\site-packages\flask\app.py", line 1509, in dispatch_request
    return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
  File "path1\app\controller\routes.py", line 79, in main_page
    recommended = app.requester.get_services_by_keywords(keywords, limit=16)
  File "path1\app\model\service_requester.py", line 108, in get_services_by_keywords
    results = sparql.query().convert()
  File "path1\venv\lib\site-packages\SPARQLWrapper\Wrapper.py", line 1112, in query
    return QueryResult(self._query())
  File "path1\venv\lib\site-packages\SPARQLWrapper\Wrapper.py", line 1078, in _query
    response = urlopener(request)
  File "path2\Python310\lib\urllib\request.py", line 216, in urlopen
    return opener.open(url, data, timeout)
  File "path2\Python310\lib\urllib\request.py", line 519, in open
    response = self._open(req, data)
  File "path2\Python310\lib\urllib\request.py", line 536, in _open
    result = self._call_chain(self.handle_open, protocol, protocol +
  File "path2\Python310\lib\urllib\request.py", line 496, in _call_chain
    result = func(*args)
  File "path2\Python310\lib\urllib\request.py", line 1391, in https_open
    return self.do_open(http.client.HTTPSConnection, req,
  File "path2\Python310\lib\urllib\request.py", line 1351, in do_open
    raise URLError(err)
urllib.error.URLError: <urlopen error [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:997)>