-
Notifications
You must be signed in to change notification settings - Fork 288
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SNI server_hostname not supported in ssl.wrap_socket #262
Comments
Holy smokes, I finally found this. I was getting an error, unable to connect to SNI-enabled servers using a tool the relies on ws4py: [Errno 1] _ssl.c:510: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure This was from my python2.7 installation. My old system python has a ssl.py that seems to not support SNI, at all! So I rewrote my tool, to run under python3, out of desparation. But I got the same error from the newer ssl.py! I was pulling out my hair! [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:777) This was a huge breaking issue for me that cause massive downtime and nearly crashed all my servers! Oh jesus why. I changed the line in ws4py/client/init.py from:
to this:
TLS SNI enabled! Thank god! You guys should update this code and maybe drop a note in the readme for people using older versions! I wasn't able to get SNI working under python2.7 but it might be possible with a new enough compatible ssl.py installed. |
I'm no expert regarding ssl and so on. I solved the problem like this in the connect function and it works (not 100% sure if it is a good solution). Of course also adding server_hostname to ssl_options:
|
WebSocket-for-Python/ws4py/client/__init__.py
Line 214 in 961c07c
adding server_hostname in ssl_options returns an argument type error
we have to switch to SSLContext.wrap_socket or ssl.SSLSocket
The text was updated successfully, but these errors were encountered: