-
Notifications
You must be signed in to change notification settings - Fork 307
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pycurl 7.45.3 wheel not working for https in debian/ubuntu systems #834
Comments
It looks like it's probably a problem with the wheels we started producing with 7.45.3. As a workaround, you could probably do: |
In case anyone ends up here as well: QUICK WAY TO FIX IN YOUR PYTHON CODE (basically recreate the function that implements CURL_CA_BUNDLE_AUTODETECT as per https://github.com/curl/curl/blob/9e2ee704940e4e8ba38ba770b86a79ec091990bf/CMakeLists.txt#L999):
and then later on:
Is a quick way to replicate the functionality of CURL_CA_BUNDLE_AUTODETECT and get your code working. |
pycurl/pycurl#834 TYPE: hotfix
pycurl 7.45.3 returns error code 77 (CURLE_SSL_CACERT_BADFILE) for TLS connections on Debian-based systems: pycurl/pycurl#834
Also affects Google Colab. As a workaround, set:
c = pycurl.Curl()
c.setopt(pycurl.CAINFO, "/etc/ssl/certs/ca-certificates.crt");
c.setopt(pycurl.CAPATH, "/etc/ssl/certs/"); |
What did you try to do?
Using pycurl 7.45.3 to get the content of an https page.
What happened?
pycurl 7.45.3 does not work in debian bullseye with python 3.8 in its default configuration. it is looking for ca-certificate bundle in /etc/pki/tls/certs/ca-bundle.crt instead of /etc/ssl/certs/ca-certificates.crt.
Note: dependencies installes as needed with 7.45.2 to have a more comparable setup.
docker run --rm python:3.8-slim-bullseye bash -c 'apt-get update && apt-get install -y libcurl4-openssl-dev libssl-dev gcc && pip install pycurl==7.45.3 && python -c "import pycurl; curl = pycurl.Curl(); curl.setopt(pycurl.URL, \"https://www.google.com\"); curl.perform()"'
What did you expect to happen?
pycurl working on debian bullseye with python 3.8 as it did in 7.45.2
docker run --rm python:3.8-slim-bullseye bash -c 'apt-get update && apt-get install -y libcurl4-openssl-dev libssl-dev gcc && pip install pycurl==7.45.2 && python -c "import pycurl; curl = pycurl.Curl(); curl.setopt(pycurl.URL, \"https://www.google.com\"); curl.perform()"'
Workaround
Symlinking /etc/ssl/certs/ca-certificates.crt to /etc/pki/tls/certs/ca-bundle.crt makes pycurl work:
docker run --rm python:3.8-slim-bullseye bash -c 'mkdir -p /etc/pki/tls/certs/ && ln -s /etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt && pip install pycurl==7.45.3 && python -c "import pycurl; curl = pycurl.Curl(); curl.setopt(pycurl.URL, \"https://www.google.com\"); curl.perform()"'
What is the PycURL version?
PycURL/7.45.3 libcurl/7.61.1 OpenSSL/1.1.1k zlib/1.2.11 brotli/1.0.6 libidn2/2.2.0 libpsl/0.20.2 (+libidn2/2.2.0) libssh/0.9.6/openssl/zlib nghttp2/1.33.0
What is your Python version?
Python 3.8.18
What is your operating system and its version?
Debian Bullseye
Other versions
If your report references any software besides PycURL, for example pip,
what are the versions of this software?
pip --version
Is this the most recent PycURL release?
Yes
Did you check libcurl behavior?
Yes,
docker run --rm python:3.8-slim-bullseye bash -c 'apt-get update && apt-get install curl && curl https://www.google.com'
is working as expected.The text was updated successfully, but these errors were encountered: