[mythtv-users] Important: Changes to Metadata lookup in March 2021
Jay Foster
jayf0ster at roadrunner.com
Sun Feb 28 22:26:14 UTC 2021
On 2/28/21 11:19 AM, Jay Foster wrote:
> On 2/28/21 12:13 AM, Stephen Worthington wrote:
>> On Sat, 27 Feb 2021 18:26:53 -0800, you wrote:
>>
>>> No joy here. I updated to a recent ca-certificates package, but the
>>> issue persists. I can access the https://tvmaze.com website using
>>> firefox with no problem and view the site certificate which has a common
>>> name of tvmaze.com. However, for some reason, the tvmaze.py script is
>>> trying to use tvlive.tvmaze.info instead, which does not match.
>>> Jay
>> Firefox uses its own internal certificate store, not the system wide
>> one.
>> _______________________________________________
>> mythtv-users mailing list
>> mythtv-users at mythtv.org
>> http://lists.mythtv.org/mailman/listinfo/mythtv-users
>> http://wiki.mythtv.org/Mailing_List_etiquette
>> MythTV Forums: https://forum.mythtv.org
>
> I'm not so sure this is a CA certificate issue. Smells more like a
> wrong URL (hostname) issue. I can use "wget https://api.tvmaze.com",
> which works just fine. I think this is an HTTPS SNI issue where the
> incorrect hostname is not being presented to the server resulting in the
> certificate CN mismatch (urllib3 issue).
>
> jay at mythbox:~$ /usr/share/mythtv/metadata/Television/tvmaze.py -l en -a
> US -M Monk
> /usr/local/lib/python2.7/dist-packages/urllib3/util/ssl_.py:339:
> SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject
> Name Indication) extension to TLS is not available on this platform.
> This may cause the server to present an incorrect TLS certificate, which
> can cause validation failures. You can upgrade to a newer version of
> Python to solve this. For more information, see
> https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
> SNIMissingWarning
> /usr/local/lib/python2.7/dist-packages/urllib3/util/ssl_.py:137:
> InsecurePlatformWarning: A true SSLContext object is not available. This
> prevents urllib3 from configuring SSL appropriately and may cause
> certain SSL connections to fail. You can upgrade to a newer version of
> Python to solve this. For more information, see
> https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
> InsecurePlatformWarning
> ERROR: <class 'requests.exceptions.SSLError'> :
> HTTPSConnectionPool(host='api.tvmaze.com', port=443): Max retries
> exceeded with url: /search/shows?q=Monk (Caused by
> SSLError(CertificateError("hostname 'api.tvmaze.com' doesn't match
> 'tvlive.tvmaze.info'",),))
> jay at mythbox:~$
>
> Back in September, 2017, I previously updated the metadata bindings to
> support the TVDB API v2 (https://www.mythtv.org/wiki/TheTVDB_API_v2). As
> part of this, I updated/installed the following packages from Ubuntu
> xenial (16.04):
>
> python-future_0.15.2-1_all.deb
> python-requests-cache_0.4.10-1_all.deb
> python-requests_2.9.1-3_all.deb
> python-urllib3_1.13.1-2_all.deb (this package actually installs version
> 1.22).
>
> Are these versions adequate for the new tvmaze bindings? I am
> suspicious of something wrong with urllib3 or requests. I also have two
> versions of urllib3 installed (one in /usr/lib and one in
> /usr/local/lib). The one in /usr/local/lib was installed for the TVDB
> API v2 issue and is the one being used by tvmaze.py (somehow).
>
> I upgraded these packages (in /usr/local/lib) using "pip install
> --upgrade <package>" for urllib3, chardet, requests, requests-cache,
> python-dateutil, and future. Each was successful, yet I get the same
> warnings and error with tvmaze.py. Has anyone gotten tvmaze.py to work
> with 0.28 or older? This is on Ubuntu trusty (14.04).
>
> Jay
> _______________________________________________
> mythtv-users mailing list
> mythtv-users at mythtv.org
> http://lists.mythtv.org/mailman/listinfo/mythtv-users
> http://wiki.mythtv.org/Mailing_List_etiquette
> MythTV Forums: https://forum.mythtv.org
I resolved this issue. Turns out I need a newer version of Python2.7.
Trusty only provided version 2.7.6. I was able to upgrade to version
2.7.12 using the following commands:
sudo add-apt-repository ppa:fkrull/deadsnakes-python2.7
sudo apt-get update
sudo apt-get install python2.7
The Python ssl package is built into Python since version 2.6 something
or other, so the only way to get a newer version is to upgrade Python
itself. Luckily, 2.7.12 is new enough.
Jay
More information about the mythtv-users
mailing list