Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Could not connect to Exasol: [SSL: LENGTH_MISMATCH] length mismatch (_ssl.c:1129) #88

Closed
RomantsovArtur opened this issue Feb 22, 2022 · 4 comments
Closed

Could not connect to Exasol: [SSL: LENGTH_MISMATCH] length mismatch (_ssl.c:1129) #88

RomantsovArtur opened this issue Feb 22, 2022 · 4 comments

Comments

@RomantsovArtur
Copy link

RomantsovArtur commented Feb 22, 2022
edited
Loading

Hey, on the latest 0.24.0 version we encounter some strange bug

`

SSLError Traceback (most recent call last)
File /opt/conda/lib/python3.9/site-packages/pyexasol/connection.py:667, in ExaConnection._init_ws(self)
666 try:
--> 667 self._ws = websocket.create_connection(f'{ws_prefix}{ipaddr}:{port}', **ws_options)
668 except Exception as e:

File /opt/conda/lib/python3.9/site-packages/websocket/core.py:606, in create_connection(url, timeout, class, **options)
605 websock.settimeout(timeout if timeout is not None else getdefaulttimeout())
--> 606 websock.connect(url, **options)
607 return websock

File /opt/conda/lib/python3.9/site-packages/websocket/_core.py:249, in WebSocket.connect(self, url, **options)
248 self.sock_opt.timeout = options.get('timeout', self.sock_opt.timeout)
--> 249 self.sock, addrs = connect(url, self.sock_opt, proxy_info(**options),
250 options.pop('socket', None))
252 try:

File /opt/conda/lib/python3.9/site-packages/websocket/_http.py:136, in connect(url, options, proxy, socket)
135 if HAVE_SSL:
--> 136 sock = _ssl_socket(sock, options.sslopt, hostname)
137 else:

File /opt/conda/lib/python3.9/site-packages/websocket/_http.py:274, in _ssl_socket(sock, user_sslopt, hostname)
273 check_hostname = sslopt.get('check_hostname', True)
--> 274 sock = _wrap_sni_socket(sock, sslopt, hostname, check_hostname)
276 return sock

File /opt/conda/lib/python3.9/site-packages/websocket/_http.py:250, in _wrap_sni_socket(sock, sslopt, hostname, check_hostname)
248 context.set_ecdh_curve(sslopt['ecdh_curve'])
--> 250 return context.wrap_socket(
251 sock,
252 do_handshake_on_connect=sslopt.get('do_handshake_on_connect', True),
253 suppress_ragged_eofs=sslopt.get('suppress_ragged_eofs', True),
254 server_hostname=hostname,
255 )

File /opt/conda/lib/python3.9/ssl.py:500, in SSLContext.wrap_socket(self, sock, server_side, do_handshake_on_connect, suppress_ragged_eofs, server_hostname, session)
494 def wrap_socket(self, sock, server_side=False,
495 do_handshake_on_connect=True,
496 suppress_ragged_eofs=True,
497 server_hostname=None, session=None):
498 # SSLSocket class handles server_hostname encoding before it calls
499 # ctx._wrap_socket()
--> 500 return self.sslsocket_class._create(
501 sock=sock,
502 server_side=server_side,
503 do_handshake_on_connect=do_handshake_on_connect,
504 suppress_ragged_eofs=suppress_ragged_eofs,
505 server_hostname=server_hostname,
506 context=self,
507 session=session
508 )

File /opt/conda/lib/python3.9/ssl.py:1040, in SSLSocket._create(cls, sock, server_side, do_handshake_on_connect, suppress_ragged_eofs, server_hostname, context, session)
1039 raise ValueError("do_handshake_on_connect should not be specified for non-blocking sockets")
-> 1040 self.do_handshake()
1041 except (OSError, ValueError):

File /opt/conda/lib/python3.9/ssl.py:1309, in SSLSocket.do_handshake(self, block)
1308 self.settimeout(None)
-> 1309 self._sslobj.do_handshake()
1310 finally:

SSLError: [SSL: LENGTH_MISMATCH] length mismatch (_ssl.c:1129)

During handling of the above exception, another exception occurred:

ExaConnectionFailedError Traceback (most recent call last)
Input In [2], in
----> 1 get_ipython().run_cell_magic('helios_sql', '', '*')

File /opt/conda/lib/python3.9/site-packages/IPython/core/interactiveshell.py:2257, in InteractiveShell.run_cell_magic(self, magic_name, line, cell)
2255 with self.builtin_trap:
2256 args = (magic_arg_s, cell)
-> 2257 result = fn(*args, **kwargs)
2258 return result

File ~/.ipython/profile_default/startup/init.py:107, in SQLMagics.helios_sql(self, _, cell)
105 @cast(Callable, cell_magic)
106 def helios_sql(self, _: str, cell: str) -> pd.DataFrame:
--> 107 with get_exasol_connection() as con, con.execute(cell) as st:
108 return pd.DataFrame(st.fetchmany(1000))

File ~/.ipython/profile_default/startup/init.py:27, in get_exasol_connection()
25 if not Path(config_path).exists():
26 raise FileNotFoundError("Sorry, your Helios connection has not yet been configured")
---> 27 return pyexasol.connect_local_config("helios", config_path)

File /opt/conda/lib/python3.9/site-packages/pyexasol/init.py:86, in connect_local_config(config_section, config_path, kwargs)
83 conf = ExaLocalConfig(config_path)
84 conf_args = conf.get_args(config_section)
---> 86 return connect({**conf_args, **kwargs})

File /opt/conda/lib/python3.9/site-packages/pyexasol/init.py:68, in connect(**kwargs)
63 def connect(**kwargs) -> ExaConnection:
64 """
65 Constructor of connection objects
66 Please check ExaConnection object for list of arguments
67 """
---> 68 return ExaConnection(**kwargs)

File /opt/conda/lib/python3.9/site-packages/pyexasol/connection.py:184, in ExaConnection.init(self, dsn, user, password, schema, autocommit, snapshot_transactions, connection_timeout, socket_timeout, query_timeout, compression, encryption, fetch_dict, fetch_mapper, fetch_size_bytes, lower_ident, quote_ident, json_lib, verbose_error, debug, debug_logdir, udf_output_bind_address, udf_output_connect_address, udf_output_dir, http_proxy, client_name, client_version, client_os_username, protocol_version, websocket_sslopt, access_token, refresh_token)
181 self._init_meta()
183 self._init_logger()
--> 184 self._init_ws()
186 self._login()
187 self.get_attr()

File /opt/conda/lib/python3.9/site-packages/pyexasol/connection.py:674, in ExaConnection._init_ws(self)
671 failed_attempts += 1
673 if failed_attempts == len(dsn_items):
--> 674 raise ExaConnectionFailedError(self, 'Could not connect to Exasol: ' + str(e))
675 else:
676 self._ws.settimeout(self.options['socket_timeout'])

ExaConnectionFailedError:
(
message => Could not connect to Exasol: [SSL: LENGTH_MISMATCH] length mismatch (_ssl.c:1129)
dsn => *:8888
user => *
schema =>
session_id =>
)
`
@RomantsovArtur
Copy link
Author

If we downgrade to the 0.23.3 it works perfectly fine. We have no other changes than except upgrade to 0.24.0 and can reproduce the issue

@RomantsovArtur
Copy link
Author

Could you please take a look?

@littleK0i
Copy link
Collaborator

It happens because of: #84

Now encryption is enabled by default.

How it can be fixed:

  • Update OpenSSL. You probably have a very old OpenSSL version which is no longer "safe" to use.
  • Set encryption=False in connection options explicitly.
  • You can rollback to 0.23.3 and pin this version in dependencies until you can fix the environment.

I'll pin this issue. I expect a lot of customers to encounter it.

@littleK0i littleK0i pinned this issue Feb 22, 2022
@RomantsovArtur
Copy link
Author

Thank you for the info! 🎉

I'm closing this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@littleK0i @RomantsovArtur