When pip installing the standard package I get the below error when self.sesison is used or at _detect_authentication_target_url(). After a bit of searching I found this which resolves the issue for me for connecting to my institution's VPN. I'm running on ubuntu 22.04 w/ python3.10, urllib3=1.26.16, requests=2.31.0.
openconnect-sso -s vpn.foo.bar
[info ] Authenticating to VPN endpoint [openconnect_sso.app] address=vpn.foo.bar name=
Traceback (most recent call last):
File "/home/bryce/.local/lib/python3.10/site-packages/urllib3/connectionpool.py", line 714, in urlopen
httplib_response = self._make_request(
File "/home/bryce/.local/lib/python3.10/site-packages/urllib3/connectionpool.py", line 403, in _make_request
self._validate_conn(conn)
File "/home/bryce/.local/lib/python3.10/site-packages/urllib3/connectionpool.py", line 1053, in _validate_conn
conn.connect()
File "/home/bryce/.local/lib/python3.10/site-packages/urllib3/connection.py", line 419, in connect
self.sock = ssl_wrap_socket(
File "/home/bryce/.local/lib/python3.10/site-packages/urllib3/util/ssl_.py", line 449, in ssl_wrap_socket
ssl_sock = _ssl_wrap_socket_impl(
File "/home/bryce/.local/lib/python3.10/site-packages/urllib3/util/ssl_.py", line 493, in _ssl_wrap_socket_impl
return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
File "/usr/lib/python3.10/ssl.py", line 513, in wrap_socket
return self.sslsocket_class._create(
File "/usr/lib/python3.10/ssl.py", line 1071, in _create
self.do_handshake()
File "/usr/lib/python3.10/ssl.py", line 1342, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: UNSAFE_LEGACY_RENEGOTIATION_DISABLED] unsafe legacy renegotiation disabled (_ssl.c:1007)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
.......
line 87, in _start_authentication
response = self.session.post(self.host.vpn_url, request)
-------OR-------
Traceback (most recent call last):
...
line 42, in authenticate
self._detect_authentication_target_url()
For what it's worth, this is essentially a duplicate of #126, which does the same, but in a slightly different manner. The root cause is OpenSSL 3 disabling legacy renegotiation by default, I believe.
When pip installing the standard package I get the below error when self.sesison is used or at _detect_authentication_target_url(). After a bit of searching I found this which resolves the issue for me for connecting to my institution's VPN. I'm running on ubuntu 22.04 w/ python3.10, urllib3=1.26.16, requests=2.31.0.