TypeError: 'SSLCertVerificationError' object is not iterable

zamirTo1 commented 4 years ago

Hey, I'm running this command and getting: github-backup $ORGANIZATION -P -t $ACCESS_TOKEN -o . --all -O -R $REPO

2020-10-20T15:42:30.277186: Backing up user XXXXXXX to /Users/Backup/
2020-10-20T15:42:30.277497: Requesting https://api.github.com/user?per_page=100&page=1
Traceback (most recent call last):
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 1319, in do_open
    h.request(req.get_method(), req.selector, req.data, headers,
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/http/client.py", line 1230, in request
    self._send_request(method, url, body, headers, encode_chunked)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/http/client.py", line 1276, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/http/client.py", line 1225, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/http/client.py", line 1004, in _send_output
    self.send(msg)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/http/client.py", line 944, in send
    self.connect()
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/http/client.py", line 1399, in connect
    self.sock = self._context.wrap_socket(self.sock,
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/ssl.py", line 500, in wrap_socket
    return self.sslsocket_class._create(
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/ssl.py", line 1040, in _create
    self.do_handshake()
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/ssl.py", line 1309, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1108)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/github_backup/github_backup.py", line 519, in _get_response
    r = urlopen(request)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 222, in urlopen
    return opener.open(url, data, timeout)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 525, in open
    response = self._open(req, data)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 542, in _open
    result = self._call_chain(self.handle_open, protocol, protocol +
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 502, in _call_chain
    result = func(*args)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 1362, in https_open
    return self.do_open(http.client.HTTPSConnection, req,
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 1322, in do_open
    raise URLError(err)
urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1108)>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/Library/Frameworks/Python.framework/Versions/3.8/bin/github-backup", line 42, in <module>
    main()
  File "/Library/Frameworks/Python.framework/Versions/3.8/bin/github-backup", line 31, in main
    authenticated_user = get_authenticated_user(args)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/github_backup/github_backup.py", line 654, in get_authenticated_user
    data = retrieve_data(args, template, single_request=True)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/github_backup/github_backup.py", line 502, in retrieve_data
    return list(retrieve_data_gen(args, template, query_args, single_request))
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/github_backup/github_backup.py", line 457, in retrieve_data_gen
    r, errors = _get_response(request, auth, template)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/github_backup/github_backup.py", line 524, in _get_response
    log_warning(e.reason)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/github_backup/github_backup.py", line 86, in log_warning
    for msg in message:
TypeError: 'SSLCertVerificationError' object is not iterable

bfoz commented 3 years ago

Did you ever find a fix for this? I'm seeing the same problem now.

zamirTo1 commented 3 years ago

Hey, Yes, If you are using Python3, go to github_backup.py and add import ssl and overwrite _get_response function:

def _get_response(request, auth, template):
    retry_timeout = 3
    errors = []
    ctx = ssl.create_default_context()
    ctx.check_hostname = False
    ctx.verify_mode = ssl.CERT_NONE
    # We'll make requests in a loop so we can
    # delay and retry in the case of rate-limiting
    while True:
        should_continue = False
        try:
            r = urlopen(request, context=ctx)
        except HTTPError as exc:
            errors, should_continue = _request_http_error(exc, auth, errors)  # noqa
            r = exc
        except URLError as e:
            log_warning(e.reason)
            should_continue = _request_url_error(template, retry_timeout)
            if not should_continue:
                raise
        except socket.error as e:
            log_warning(e.strerror)
            should_continue = _request_url_error(template, retry_timeout)
            if not should_continue:
                raise

        if should_continue:
            continue

        break
    return r, errors

cole-seph-work commented 3 years ago

Confirmed @zamirTo1 's fix works!

josegonzalez commented 3 years ago

Pull requests welcome.

xloem commented 2 months ago

Looked into this and found the following:

the solution above has likely not been submitted because it disabled https security
people likely don't discover their system is not configured because the popular requests package that is usually used in python, itself uses the certifi package for all requests, which embeds a certificate chain within python without regarding to the operating system
hence a better solution would be to import certifi and pass cafile=certifi.where() rather than creating an insecure context

Ideally a warning would be displayed if this procedure is necessary.

xloem commented 2 months ago

Found this discussion: https://github.com/psf/requests/issues/2966

josegonzalez / python-github-backup

TypeError: 'SSLCertVerificationError' object is not iterable #162