[mythtv-users] Important: Changes to Metadata lookup in March 2021

Jay Foster jayf0ster at roadrunner.com
Sun Feb 28 22:26:14 UTC 2021 

On 2/28/21 11:19 AM, Jay Foster wrote:
> On 2/28/21 12:13 AM, Stephen Worthington wrote:
>> On Sat, 27 Feb 2021 18:26:53 -0800, you wrote:
>>
>>> No joy here.  I updated to a recent ca-certificates package, but the
>>> issue persists.  I can access the https://tvmaze.com website using
>>> firefox with no problem and view the site certificate which has a common
>>> name of tvmaze.com.  However, for some reason, the tvmaze.py script is
>>> trying to use tvlive.tvmaze.info instead, which does not match.
>>> Jay
>> Firefox uses its own internal certificate store, not the system wide
>> one.
>> _______________________________________________
>> mythtv-users mailing list
>> mythtv-users at mythtv.org
>> http://lists.mythtv.org/mailman/listinfo/mythtv-users
>> http://wiki.mythtv.org/Mailing_List_etiquette
>> MythTV Forums: https://forum.mythtv.org
> 
> I'm not so sure this is a CA certificate issue.  Smells more like a 
> wrong URL (hostname) issue. I can use "wget https://api.tvmaze.com", 
> which works just fine.  I think this is an HTTPS SNI issue where the 
> incorrect hostname is not being presented to the server resulting in the 
> certificate CN mismatch (urllib3 issue).
> 
> jay at mythbox:~$ /usr/share/mythtv/metadata/Television/tvmaze.py -l en -a 
> US -M Monk
> /usr/local/lib/python2.7/dist-packages/urllib3/util/ssl_.py:339: 
> SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject 
> Name Indication) extension to TLS is not available on this platform. 
> This may cause the server to present an incorrect TLS certificate, which 
> can cause validation failures. You can upgrade to a newer version of 
> Python to solve this. For more information, see 
> https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
>    SNIMissingWarning
> /usr/local/lib/python2.7/dist-packages/urllib3/util/ssl_.py:137: 
> InsecurePlatformWarning: A true SSLContext object is not available. This 
> prevents urllib3 from configuring SSL appropriately and may cause 
> certain SSL connections to fail. You can upgrade to a newer version of 
> Python to solve this. For more information, see 
> https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
>    InsecurePlatformWarning
> ERROR: <class 'requests.exceptions.SSLError'> : 
> HTTPSConnectionPool(host='api.tvmaze.com', port=443): Max retries 
> exceeded with url: /search/shows?q=Monk (Caused by 
> SSLError(CertificateError("hostname 'api.tvmaze.com' doesn't match 
> 'tvlive.tvmaze.info'",),))
> jay at mythbox:~$
> 
> Back in September, 2017, I previously updated the metadata bindings to 
> support the TVDB API v2 (https://www.mythtv.org/wiki/TheTVDB_API_v2). As 
> part of this, I updated/installed the following packages from Ubuntu 
> xenial (16.04):
> 
> python-future_0.15.2-1_all.deb
> python-requests-cache_0.4.10-1_all.deb
> python-requests_2.9.1-3_all.deb
> python-urllib3_1.13.1-2_all.deb (this package actually installs version 
> 1.22).
> 
> Are these versions adequate for the new tvmaze bindings?  I am 
> suspicious of something wrong with urllib3 or requests.  I also have two 
> versions of urllib3 installed (one in /usr/lib and one in 
> /usr/local/lib).  The one in /usr/local/lib was installed for the TVDB 
> API v2 issue and is the one being used by tvmaze.py (somehow).
> 
> I upgraded these packages (in /usr/local/lib) using "pip install 
> --upgrade <package>" for urllib3, chardet, requests, requests-cache, 
> python-dateutil, and future.  Each was successful, yet I get the same 
> warnings and error with tvmaze.py.  Has anyone gotten tvmaze.py to work 
> with 0.28 or older?  This is on Ubuntu trusty (14.04).
> 
> Jay
> _______________________________________________
> mythtv-users mailing list
> mythtv-users at mythtv.org
> http://lists.mythtv.org/mailman/listinfo/mythtv-users
> http://wiki.mythtv.org/Mailing_List_etiquette
> MythTV Forums: https://forum.mythtv.org
I resolved this issue.  Turns out I need a newer version of Python2.7. 
Trusty only provided version 2.7.6.  I was able to upgrade to version 
2.7.12 using the following commands:

sudo add-apt-repository ppa:fkrull/deadsnakes-python2.7
sudo apt-get update
sudo apt-get install python2.7

The Python ssl package is built into Python since version 2.6 something 
or other, so the only way to get a newer version is to upgrade Python 
itself.  Luckily, 2.7.12 is new enough.

Jay

More information about the mythtv-users mailing list