Skip to content
This repository was archived by the owner on Nov 23, 2017. It is now read-only.

Don't pass ssl certivicate error to loop.call_exception_handler() #404

Open
asvetlov opened this issue Aug 26, 2016 · 3 comments
Open

Don't pass ssl certivicate error to loop.call_exception_handler() #404

asvetlov opened this issue Aug 26, 2016 · 3 comments
Assignees

Comments

@asvetlov
Copy link

The following code prints uncaught handler exception but shouldn't

import asyncio
import contextlib
import aiohttp

async def main(url):
    async with aiohttp.ClientSession() as session:
        with contextlib.suppress(Exception):
            async with session.get(url):
                await response.read()

url = 'https://wrong.host.badssl.com'
loop = asyncio.get_event_loop()
loop.run_until_complete(main(url))

Exception is raised, everything is correct except printing non-catched exception in SSL protocol callback.

With PYTHONASYNCIODEBUG enabled the output is:

<asyncio.sslproto.SSLProtocol object at 0x7f10e2212470>: SSL handshake failed on verifying the certificate
Traceback (most recent call last):
  File "/usr/lib/python3.5/asyncio/sslproto.py", line 568, in _on_handshake_complete
    raise handshake_exc
  File "/usr/lib/python3.5/asyncio/sslproto.py", line 201, in feed_ssldata
    self._sslobj.do_handshake()
  File "/usr/lib/python3.5/ssl.py", line 638, in do_handshake
    match_hostname(self.getpeercert(), self.server_hostname)
  File "/usr/lib/python3.5/ssl.py", line 297, in match_hostname
    % (hostname, ', '.join(map(repr, dnsnames))))
ssl.CertificateError: hostname 'wrong.host.badssl.com' doesn't match either of '*.badssl.com', 'badssl.com'
Exception in callback None
handle: <Handle cancelled _SelectorSocketTransport._read_ready() created at /usr/lib/python3.5/asyncio/selector_events.py:232>
source_traceback: Object created at (most recent call last):
  File "3.py", line 13, in <module>
    loop.run_until_complete(main(url))
  File "/usr/lib/python3.5/asyncio/base_events.py", line 375, in run_until_complete
    self.run_forever()
  File "/usr/lib/python3.5/asyncio/base_events.py", line 345, in run_forever
    self._run_once()
  File "/usr/lib/python3.5/asyncio/base_events.py", line 1304, in _run_once
    handle._run()
  File "/usr/lib/python3.5/asyncio/events.py", line 125, in _run
    self._callback(*self._args)
  File "/usr/lib/python3.5/asyncio/selector_events.py", line 232, in add_reader
    handle = events.Handle(callback, args, self)
Traceback (most recent call last):
  File "/usr/lib/python3.5/asyncio/events.py", line 125, in _run
    self._callback(*self._args)
  File "/usr/lib/python3.5/asyncio/selector_events.py", line 669, in _read_ready
    self._protocol.data_received(data)
  File "/usr/lib/python3.5/asyncio/sslproto.py", line 493, in data_received
    ssldata, appdata = self._sslpipe.feed_ssldata(data)
  File "/usr/lib/python3.5/asyncio/sslproto.py", line 201, in feed_ssldata
    self._sslobj.do_handshake()
  File "/usr/lib/python3.5/ssl.py", line 638, in do_handshake
    match_hostname(self.getpeercert(), self.server_hostname)
  File "/usr/lib/python3.5/ssl.py", line 297, in match_hostname
    % (hostname, ', '.join(map(repr, dnsnames))))
ssl.CertificateError: hostname 'wrong.host.badssl.com' doesn't match either of '*.badssl.com', 'badssl.com'
@1st1
Copy link
Member

1st1 commented Sep 15, 2016

Do you want to fix this before 3.6 b2?

@1st1
Copy link
Member

1st1 commented Oct 5, 2016

@asvetlov ping

1 similar comment
@1st1
Copy link
Member

1st1 commented Nov 8, 2016

@asvetlov ping

asvetlov added a commit that referenced this issue Nov 11, 2016
Don't pass ssl certivicate error to loop.call_exception_handler()
Handle ssl.CertificateError only because ssl.SSLError may be raised not only on connection establishment.
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants