search

Romern / syncMyMoodle

Synchronization client for RWTH Moodle
GNU General Public License v3.0
73 stars 18 forks source link

Extern missing file throws SSL Error #82

Closed NiklasVousten closed 2 years ago

NiklasVousten commented 3 years ago

When trying to get old data from a language course, it strangely fails with an ssl error, but the file isnt available anymore, so it is not clear why it fail because of SSL.

ERROR:__main__:Error while downloading url https://www.jki.de/pool/user_upload/files/kurse/MARUGOTO/Marugoto_Grammatik_A1_NEU.pdf
Traceback (most recent call last):
  File "E:\Workspace\GIT\github.com\syncMyMoodle\.venv\lib\site-packages\urllib3\connectionpool.py", line 699, in urlopen
    httplib_response = self._make_request(
  File "E:\Workspace\GIT\github.com\syncMyMoodle\.venv\lib\site-packages\urllib3\connectionpool.py", line 382, in _make_request
    self._validate_conn(conn)
  File "E:\Workspace\GIT\github.com\syncMyMoodle\.venv\lib\site-packages\urllib3\connectionpool.py", line 1010, in _validate_conn
    conn.connect()
  File "E:\Workspace\GIT\github.com\syncMyMoodle\.venv\lib\site-packages\urllib3\connection.py", line 416, in connect
    self.sock = ssl_wrap_socket(
  File "E:\Workspace\GIT\github.com\syncMyMoodle\.venv\lib\site-packages\urllib3\util\ssl_.py", line 449, in ssl_wrap_socket
    ssl_sock = _ssl_wrap_socket_impl(
  File "E:\Workspace\GIT\github.com\syncMyMoodle\.venv\lib\site-packages\urllib3\util\ssl_.py", line 493, in _ssl_wrap_socket_impl
    return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
  File "C:\Users\Niklas\AppData\Local\Programs\Python\Python39\lib\ssl.py", line 500, in wrap_socket
    return self.sslsocket_class._create(
  File "C:\Users\Niklas\AppData\Local\Programs\Python\Python39\lib\ssl.py", line 1040, in _create
    self.do_handshake()
  File "C:\Users\Niklas\AppData\Local\Programs\Python\Python39\lib\ssl.py", line 1309, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)

This Exception creates the two following exceptions:

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "E:\Workspace\GIT\github.com\syncMyMoodle\.venv\lib\site-packages\requests\adapters.py", line 439, in send
    resp = conn.urlopen(
  File "E:\Workspace\GIT\github.com\syncMyMoodle\.venv\lib\site-packages\urllib3\connectionpool.py", line 755, in urlopen
    retries = retries.increment(
  File "E:\Workspace\GIT\github.com\syncMyMoodle\.venv\lib\site-packages\urllib3\util\retry.py", line 574, in increment
    raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='www.jki.de', port=443): Max retries exceeded with url: /pool/user_upload/files/kurse/MARUGOTO/Marugoto_Grammatik_A1_NEU.pdf (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)')))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "E:\Workspace\GIT\github.com\syncMyMoodle\syncmymoodle\__main__.py", line 913, in scanForLinks
    response = self.session.head(text)
  File "E:\Workspace\GIT\github.com\syncMyMoodle\.venv\lib\site-packages\requests\sessions.py", line 577, in head
    return self.request('HEAD', url, **kwargs)
  File "E:\Workspace\GIT\github.com\syncMyMoodle\.venv\lib\site-packages\requests\sessions.py", line 542, in request
    resp = self.send(prep, **send_kwargs)
  File "E:\Workspace\GIT\github.com\syncMyMoodle\.venv\lib\site-packages\requests\sessions.py", line 655, in send
    r = adapter.send(request, **kwargs)
  File "E:\Workspace\GIT\github.com\syncMyMoodle\.venv\lib\site-packages\requests\adapters.py", line 514, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='www.jki.de', port=443): Max retries exceeded with url: /pool/user_upload/files/kurse/MARUGOTO/Marugoto_Grammatik_A1_NEU.pdf (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)')))

Windows 10, Powershell, Python 3.9 Virtualenvironment (The same error occured in git bash)

septatrix commented 3 years ago

When trying to get old data from a language course, it strangely fails with an ssl error, but the file isnt available anymore, so it is not clear why it fail because of SSL.

Because it never established a proper connection. The reason is that the server responds with an improper certificate (as can be seen in the traceback) - in this case it probably does not list intermediate certificates. This does not occur in the browser as they implement some more rigorous fallbacks and automatically try to obtain such intermediate certificates. Trying to get the file (or any other part of the website) by other means (openssl s_client -connect www.jki.de:443, curl, wget etc.) also leads to this error.

Sadly there is no solution we can provide without compromising security. The most reasonable thing to do would be to write a mail to the webmaster of the website and ask him to use the proper certificate chain.