search

outon / HomeAssistant-AEMET

AEMET: Home Assistant Custom Weather Component
MIT License
11 stars 7 forks source link

Error retrieve data from AEMET #1

Closed dave-code-ruiz closed 5 years ago

dave-code-ruiz commented 5 years ago

sep 03 09:29:03 hassbian hass[1221]: 2019-09-03 09:29:03 ERROR (SyncWorker_9) [custom_components.aemet.aemet] Unable to retrieve data from AEMET. HTTPSConnectionPool(host='opendata.aemet.es', port=443): Max retries exceeded with url: /opendata/api/observacion/convencional/todas?api_key=eyJhXXX7meUo (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_ske_dhe', 'dh key too small')])"))) sep 03 09:29:05 hassbian hass[1221]: 2019-09-03 09:29:05 ERROR (MainThread) [homeassistant.components.weather] aemet: Error on device update!

my configuration.yaml:

weather:
    platform: aemet
    name: AEMET
    api_key: eyJhbGXXX
    latitude: !secret latitude_home
    longitude: !secret longitude_home
    cache_dir: /home/homeassistant/.homeassistant/aemetcache

Don't work for me, i renew my api_key but same error

outon commented 5 years ago

Hola,

I think your api_key is too short, mine is about 292 characters.

You should go to: https://opendata.aemet.es/centrodedescargas/inicio

image

There you should click on button "Solicitar" in "Obtención de API key" section and in the next screen you will enter your email.

You should receive an email from opendata_apikey@aemet.es with your api key.

image

As you can see... it is a quite long text.

Please review your email (spam folder too) and check that you received the email with your api key.

Un saludo.

outon commented 5 years ago

Sorry, I forgot to mention that there is an intermediate email to verify that your email is correct before sending the API KEY.

So, you have to click on confirmation emaili to receive your api key in a second email.

image

dave-code-ruiz commented 5 years ago

Sorry, i do exactly this and my api_key i receive from AEMET email have 285 characters

outon commented 5 years ago

As you can see on error reported... your key is too small.

SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_ske_dhe', '**dh key too small**')])")))

My old key was 292 characters and the new one that I just request is also 292 characters.

Are you sure you copied whole api key?

dave-code-ruiz commented 5 years ago

i dont know why i received an email from opendata_apikey@aemet.es with api_key with 285 characters, i make me crazy, but i sure i copy all characters, paste it on notepad++ and i see "col 285" i repeat proccess , receive new diferent key but same size.

dont worry, i try other thinks, and posted it later

outon commented 5 years ago

I will try with other mail address to see if this key length depends on your email.

For sure, error message is regarding key length. I will improve code to trap this error message and get a better user experience.

dave-code-ruiz commented 5 years ago

i try with other email address and now 282 characters, 3 characters less, my new address have 3 characters less than the other

I think email address is in the characters to the api key

dave-code-ruiz commented 5 years ago

Now i try with other address, and now i have 298 characters, and i receive same ERROR Unable to retrieve data from AEMET. HTTPSConnectionPool(host='opendata.aemet.es', port=443): Max retries exceeded with url: /opendata/api/observacion/convencional/todas?api_key=eyJhbGciOiJIUzI1.... ...WCvk7wtav9AtXbYRJF-Eor6jsgPDuBLnMFcWeLg (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_ske_dhe', 'dh key too small')])")))

dave-code-ruiz commented 5 years ago

I think is possible the error is : Max retries exceeded with url: /opendata/api/observacion/convencional/todas?api_key=xx or certificate ssl for https that changed 27/03/2019. I work with certificates and when i receive "bad handshake" normally is that https certificate is changed (sorry my english)

outon commented 5 years ago

Hola,

Cambio al castellano que quizás estemos más cómodos. English follows.

¿Puedes realizar la siguiente prueba?

Accede a la url:

https://opendata.aemet.es/opendata/api/observacion/convencional/todas?api_key=***pon aquí tu api_key***

Entonces te tendría que devolver algo similar a esto:

{
  "descripcion" : "exito",
  "estado" : 200,
  "datos" : "https://opendata.aemet.es/opendata/sh/a0ac0bc0",
  "metadatos" : "https://opendata.aemet.es/opendata/sh/55c2971b"
}

Indícame qué te muestra a ti. Sospecho que no es un "estado" : 200

Can you do the following test?

Go to the url:

https://opendata.aemet.es/opendata/api/observacion/convencional/todas?api_key=***put your api key here***

Then you' d have to get something similar to that:

{
  "descripcion" : "exito",
  "estado" : 200,
  "datos" : "https://opendata.aemet.es/opendata/sh/a0ac0bc0",
  "metadatos" : "https://opendata.aemet.es/opendata/sh/55c2971b"
}

Tell me what it shows you. I suspect it is not a "estado" : 200

dave-code-ruiz commented 5 years ago

Mucho mas comodo, jejeje

Recibo un "exito" 200, desde el movil, tengo que probar en hass con un curl o algo asi pero me llevara mas tiempo porque no recuerdo la instrccion exacta

{ "descripcion" : "exito", "estado" : 200, "datos" : "https://opendata.aemet.es/opendata/sh/30f2cb00", "metadatos" : "https://opendata.aemet.es/opendata/sh/55c2971b" }

I receive 200 exito, in my phone, i try in my hass with curl and post it

outon commented 5 years ago

Si usando la API_KEY recibes una contestación correcta con un "estado": 200 significa que no hay errores en tu API KEY.

Voy a revisar el código por si puedo detectar el error.

dave-code-ruiz commented 5 years ago

Buenas, he realizado varias pruebas y si utilizo "curl" recibo el mismo error, he buscado por internet y he encontrado esto: I have done several tests and if I use "curl" I receive the same error, I searched the internet and found this: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907788

Message #21 received at 907788-done@bugs.debian.org (full text, mbox, reply):

From: Alessandro Ghedini ghedo@debian.org To: 907788-done@bugs.debian.org Subject: Re: Bug#907788: "dh key too small" since openssl upgrade Date: Wed, 3 Oct 2018 22:55:30 +0100 [Message part 1 (text/plain, inline)] On Sat, Sep 29, 2018 at 06:33:02PM +0200, Sebastian Andrzej Siewior wrote:

control: unblock 907015 by 907788

On 2018-09-02 09:59:11 [+0200], VA wrote:

Since openssl upgrade to 1.1.1~~pre9-1, curl is not able anymore to do requests to some sites. For example:

% curl https://www.credit-cooperatif.coop/ curl: (35) error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small

It used to work with curl, and it still works with wget (which uses gnutls).

I suspect it's related to #907015.

I would close that if I were the curl maintainer. The remote site in the example uses a small DH key [0]. If you can't get owner to upgrade the site and want still to access the site I suggest to remove CipherString = DEFAULT@SECLEVEL=2 from /etc/ssl/openssl.cnf.

[0] https://www.ssllabs.com/ssltest/analyze.html?d=www.credit-cooperatif.coop [signature.asc (application/pgp-signature, inline)]

, parece que a partir de una versión de openssl no se puede usar curl para https, he probado a realizar la llamada con wget y ahora si me devuelve un codigo 200 de "exito" it seems that from a version of openssl you cannot use curl for https, I have tried to make the call with wget and now return to me a 200 code "exito"

pi@hassbian:/home/homeassistant/.homeassistant $ sudo curl https://opendata.aemet.es/opendata/api/observacion/convencional/todas?api_key=eyJhbGciOiJ...meUo > /dev/null   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (35) error:141A318A:SSL routines:tls_process_ske_dhe:**dh key too small**
pi@hassbian:/home/homeassistant/.homeassistant $ sudo wget --output-document - https://opendata.aemet.es/opendata/api/observacion/convencional/todas?api_key=eyJhbGciO...meUo > /dev/null
--2019-09-04 10:55:39--  https://opendata.aemet.es/opendata/api/observacion/convencional/todas?api_key=eyJhbGci...m27meUo
Resolviendo opendata.aemet.es (opendata.aemet.es)... 212.128.97.177
Conectando con opendata.aemet.es (opendata.aemet.es)[212.128.97.177]:443... conectado.
Petición HTTP enviada, esperando respuesta... 200 OK
Longitud: 175 [application/json]
Grabando a: “STDOUT”

-                                                      100%[=========================================================================================================================>]     175  --.-KB/s    en 0s

2019-09-04 10:55:40 (41,6 MB/s) - escritos a stdout [175/175]

cualquier avance me cuentas, gracias por todo

Any progress tell me, thanks for everything

dave-code-ruiz commented 5 years ago

Creo que lo he resuelto, he modificado la siguiente funcion:

def _api_request(data_url: str, api_key: str = None):
        """Load data from AEMET.
        :param data_url: API call url
        :param api_key: API private key
        :return: json with AEMET response
        """

        _LOGGER.debug("Loading data from %s", data_url)

        requests.packages.urllib3.util.ssl_.DEFAULT_CIPHERS += 'HIGH:!DH:!aNULL'
        try:
            requests.packages.urllib3.contrib.pyopenssl.DEFAULT_SSL_CIPHER_LIST += 'HIGH:!DH:!aNULL'
        except AttributeError:
            # no pyopenssl support used / needed / available
            pass

        params = {"api_key": api_key}
        try:
            if api_key is None:
                response = requests.get(data_url)
            else:
                response = requests.get(data_url, params=params)
        except (ConnectionError, HTTPError, Timeout, ValueError) as error:
            _LOGGER.error("Unable to retrieve data from AEMET. %s", error)
            return []
        aemet_response = response.json()

        return aemet_response

le he añadido el código siguiente, buscando en internet:

https://www.codesd.com/item/python-requests-exceptions-sslerror-key-dh-too-small.html

requests.packages.urllib3.util.ssl_.DEFAULT_CIPHERS += 'HIGH:!DH:!aNULL'
        try:
            requests.packages.urllib3.contrib.pyopenssl.DEFAULT_SSL_CIPHER_LIST += 'HIGH:!DH:!aNULL'
        except AttributeError:
            # no pyopenssl support used / needed / available
            pass
outon commented 5 years ago

Podrías indicarme la versión de tu HASS y sobre qué sistema operativo está instalado.

Realizaré un cambio con el código propuesto pero debo asegurar que no rompe otros entornos.

dave-code-ruiz commented 5 years ago

Hassbian 0.98.1

System Health arch armv7l dev false docker false hassio false os_name Linux python_version 3.7.3 timezone Europe/Madrid version 0.98.1 virtualenv true Lovelace mode storage resources 2 views 11

saulmayo commented 4 years ago

I have the same problem. My Home Assistant is 0.101.3

Making the request by browsing to the API I get a 200

If I run curl I get error:

curl: (35) error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small

If I run wget it works.