[mythtv-users] Important: Changes to Metadata lookup in March 2021

Jay Foster jayf0ster at roadrunner.com
Sun Feb 28 19:19:02 UTC 2021


On 2/28/21 12:13 AM, Stephen Worthington wrote:
> On Sat, 27 Feb 2021 18:26:53 -0800, you wrote:
>
>> No joy here.  I updated to a recent ca-certificates package, but the
>> issue persists.  I can access the https://tvmaze.com website using
>> firefox with no problem and view the site certificate which has a common
>> name of tvmaze.com.  However, for some reason, the tvmaze.py script is
>> trying to use tvlive.tvmaze.info instead, which does not match.
>> Jay
> Firefox uses its own internal certificate store, not the system wide
> one.
> _______________________________________________
> mythtv-users mailing list
> mythtv-users at mythtv.org
> http://lists.mythtv.org/mailman/listinfo/mythtv-users
> http://wiki.mythtv.org/Mailing_List_etiquette
> MythTV Forums: https://forum.mythtv.org

I'm not so sure this is a CA certificate issue.  Smells more like a 
wrong URL (hostname) issue. I can use "wget https://api.tvmaze.com", 
which works just fine.  I think this is an HTTPS SNI issue where the 
incorrect hostname is not being presented to the server resulting in the 
certificate CN mismatch (urllib3 issue).

jay at mythbox:~$ /usr/share/mythtv/metadata/Television/tvmaze.py -l en -a 
US -M Monk
/usr/local/lib/python2.7/dist-packages/urllib3/util/ssl_.py:339: 
SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject 
Name Indication) extension to TLS is not available on this platform. 
This may cause the server to present an incorrect TLS certificate, which 
can cause validation failures. You can upgrade to a newer version of 
Python to solve this. For more information, see 
https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
   SNIMissingWarning
/usr/local/lib/python2.7/dist-packages/urllib3/util/ssl_.py:137: 
InsecurePlatformWarning: A true SSLContext object is not available. This 
prevents urllib3 from configuring SSL appropriately and may cause 
certain SSL connections to fail. You can upgrade to a newer version of 
Python to solve this. For more information, see 
https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
   InsecurePlatformWarning
ERROR: <class 'requests.exceptions.SSLError'> : 
HTTPSConnectionPool(host='api.tvmaze.com', port=443): Max retries 
exceeded with url: /search/shows?q=Monk (Caused by 
SSLError(CertificateError("hostname 'api.tvmaze.com' doesn't match 
'tvlive.tvmaze.info'",),))
jay at mythbox:~$

Back in September, 2017, I previously updated the metadata bindings to 
support the TVDB API v2 (https://www.mythtv.org/wiki/TheTVDB_API_v2). As 
part of this, I updated/installed the following packages from Ubuntu 
xenial (16.04):

python-future_0.15.2-1_all.deb
python-requests-cache_0.4.10-1_all.deb
python-requests_2.9.1-3_all.deb
python-urllib3_1.13.1-2_all.deb (this package actually installs version 
1.22).

Are these versions adequate for the new tvmaze bindings?  I am 
suspicious of something wrong with urllib3 or requests.  I also have two 
versions of urllib3 installed (one in /usr/lib and one in 
/usr/local/lib).  The one in /usr/local/lib was installed for the TVDB 
API v2 issue and is the one being used by tvmaze.py (somehow).

I upgraded these packages (in /usr/local/lib) using "pip install 
--upgrade <package>" for urllib3, chardet, requests, requests-cache, 
python-dateutil, and future.  Each was successful, yet I get the same 
warnings and error with tvmaze.py.  Has anyone gotten tvmaze.py to work 
with 0.28 or older?  This is on Ubuntu trusty (14.04).

Jay


More information about the mythtv-users mailing list