Issue with urllib2 python package - no SNI within HTTPS request

Hi,

since couple of days there’s no posibility to run HTML.ElementFromURL for CloudFlare servers.

Log from plugin:
2018-11-05 11:18:42,009 (7feb0a676700) : CRITICAL (runtime:889) - Exception (most recent call last):
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Versions/2/Python/Framework/components/runtime.py”, line 843, in handle_request
result = f(**d)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Library/Plex Media Server/Plug-ins/Serialnet.bundle/Contents/Code/init.py”, line 45, in GetShows
page = HTML.ElementFromURL(main_url,errors=‘replace’,encoding=‘utf-8’,timeout=90,cacheTime=3600*12)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Versions/2/Python/Framework/api/parsekit.py”, line 482, in ElementFromURL
method=method,
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Versions/2/Python/Framework/api/networkkit.py”, line 67, in _http_request
req = self._core.networking.http_request(url, *args, **kwargs)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Versions/2/Python/Framework/components/networking.py”, line 370, in http_request
return HTTPRequest(self._core, url, data, h, url_cache, encoding, errors, timeout, immediate, sleep, opener, follow_redirects, method)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Versions/2/Python/Framework/components/networking.py”, line 141, in init
self.load()
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Versions/2/Python/Framework/components/networking.py”, line 181, in load
f = self._opener.open(req, timeout=self._timeout)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/urllib2_new.py”, line 444, in open
response = meth(req, response)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/urllib2_new.py”, line 557, in http_response
‘http’, request, response, code, msg, hdrs)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/urllib2_new.py”, line 476, in error
result = self._call_chain(*args)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/urllib2_new.py”, line 416, in _call_chain
result = func(*args)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Versions/2/Python/Framework/components/networking.py”, line 96, in http_error_301
result = urllib2.HTTPRedirectHandler.http_error_301(self, req, fp, code, msg, headers)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/urllib2_new.py”, line 652, in http_error_302
return self.parent.open(new, timeout=req.timeout)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/urllib2_new.py”, line 438, in open
response = self._open(req, data)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/urllib2_new.py”, line 456, in _open
‘_open’, req)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/urllib2_new.py”, line 416, in _call_chain
result = func(*args)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/urllib2_new.py”, line 1225, in https_open
return self.do_open(httplib.HTTPSConnection, req)
File “/share/CACHEDEV2_DATA/.qpkg/PlexMediaServer/Resources/Plug-ins-ecd600442/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/urllib2_new.py”, line 1192, in do_open
raise URLError(err)
URLError: <urlopen error [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:590)>

openssl checks:

1. without servername:
   ~> openssl s_client -connect serialnet.pl:443
   CONNECTED(00000003)
   139779610109840:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:769:

no peer certificate available

No client certificate CA names sent

SSL handshake has read 7 bytes and written 289 bytes

New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1541413940
Timeout : 300 (sec)
Verify return code: 0 (ok)

2. with servername:
   ~>
   openssl s_client -connect serialnet.pl:443 -servername serialnet.pl
   CONNECTED(00000003)
   …
   subject=/OU=Domain Control Validated/OU=PositiveSSL Multi-Domain/CN=sni46361.cloudflaressl.com
   issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2

No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: ECDH, P-256, 256 bits

SSL handshake has read 5296 bytes and written 436 bytes

New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-GCM-SHA256
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-GCM-SHA256
Session-ID: D0FE56D51530E7558B55D8FB43B1D8008BEA2D9F981D20B119DB1B4F03E3A2DF
Session-ID-ctx:
Master-Key: 734EFF1D98E66D96564D9C730B57571DD3C2DA7CF5005C3136C6EA9EAA75412A24FF269AB2456E6CC24D9A90CD5CC227
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
TLS session ticket lifetime hint: 64800 (seconds)
TLS session ticket:
0000 - 00 58 32 d8 08 f6 d4 06-86 f1 fb 82 0c d9 17 b3 .X2…
0010 - e6 2b 53 f8 b3 20 7c 57-a4 5c 1a db 8d fd a4 f0 .+S… |W…
0020 - 62 d8 4e d5 8f 14 eb 09-18 da ae cb c4 2e 4e 2a b.N…N*
0030 - 43 d4 2f 0b 16 10 52 15-b2 2b 58 f8 c9 de 76 34 C./…R…+X…v4
0040 - 1c ca 48 20 17 d2 fe 51-5e 8d e0 b5 f5 48 ff 8a …H …Q^…H…
0050 - d1 39 25 9b cd 92 2b e0-09 58 a6 58 8e d7 ce f3 .9%…+…X.X…
0060 - 7c bd 11 19 32 03 65 c9-b4 82 8f d3 6c dd 0c 34 |…2.e…l…4
0070 - 14 3e 32 a2 4e 73 8f 9d-58 ba bc a5 6d 2a a9 22 .>2.Ns…X…m*."
0080 - a2 e7 17 07 e8 11 73 d1-2f 7e 5a 91 fb a0 d2 fc …s./~Z…
0090 - ea a1 b3 32 c3 ae 98 96-fb aa bd d5 6e 82 8b 71 …2…n…q
00a0 - 87 b7 dd c6 5b 4d c0 fa-61 8c 37 22 fb 35 b1 01 …[M…a.7".5…

Start Time: 1541413962
Timeout   : 300 (sec)
Verify return code: 0 (ok)

DONE

Do I have to wait until Plex introduce new version of Python or urllib2 components or there’s workaround that can be implemented?

First of all, next time, please format your post with code tags to make reading a tad more easy

And now for your Q:

PMS is running Python V 2.7.12, and this issue was AFAICT fixed in V2.7.13
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878232

When that’s said, I would not expect an update to PMS for this, since Plex is phasing out the framework!
https://www.plex.tv/blog/subtitles-and-sunsets-big-improvements-little-housekeeping/

Sorry for that it’s code thing - I’m new to that community and just wanted to ask one question. Isn’t it possible to implement new Python before sunset?

It took almost 3 years to het it updated to v12

I’m about 99.99 % sure Plex do not wanna rock the boat, when it’s heading towards EOL

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.