-- Leo's gemini proxy
-- Connecting to bbs.geminispace.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini; charset=utf-8
I'm using the cipres misfin client (commit a45df40 w/ local python 3.7 compatibility patches) and recently started seeing SSL errors after a few weeks of sucessful use.
Error [('SSL routines', '', 'http request')]
Aborting due to exception.
Error [('SSL routines', '', 'wrong version number')]
Aborting due to exception.
Error [('SSL routines', '', 'wrong version number')]
Aborting due to exception.
Error [('SSL routines', '', 'wrong version number')]
Aborting due to exception.
Error [('SSL routines', '', 'wrong version number')]
Aborting due to exception.
Error [('SSL routines', '', 'wrong version number')]
Aborting due to exception.
Error [('SSL routines', '', 'wrong version number')]
Aborting due to exception.
I can still deliver from another system with the same misfin commit. And I don't see a gitlab commit which suggests an SSL related change.
My versions:
Python: 3.7.3
pyOpenSSL: 23.2.0
cryptography: 41.0.1
2023-10-19 · 7 months ago
@BBSman I don't recall seeing this specific SSL error, does this happen when sending a message ?
I've made an AppImage for misfin and it uses python 3.9. Can you try it so that we can rule out that it's related to python 3.7 or one of the dependencies ? I've only ever tried it with python 3.9.x
curl -L -o misfin https://gitlab.com/cipres/misfin/-/releases/continuous-master/downloads/misfin-latest-x86_64.AppImage chmod +x misfin ./misfin send-as ...
Just used my current version of the misfin python client to send a message to misfin://misfin@auragem.letz.dev and received the expected inoming ping from AuraGem Admin. So sending appears to work.
Now I'll start the appimage as a listener.
@BBSman Did you create your cert with "misfin make-cert .." ? Please share the commands you use if you're still having a problem. "Wrong version number" points to a TLS issue ..
@clseibold @gemalaya Here is what I have observed about misfin response codes:
Sending from cipres a45df40 or 069ff96 (both on Python 3.9.2) to the AppImage results in response code 60 to the sender. Then on my misfin console I see MH related error messages ending in "DEBUG:misfin:Signal 2 received, bailing out" and the incoming message is not delivered. My gembox is a file and it contains 72 messages dated from 2023-09-28 to 2023-10-25.
Sending from cipres a45df40 or 069ff96 (both on Python 3.9.2) to cipres a45df40 (on Python 3.7.3) results in response code 20 and the message is delivered to my gembox file.
Incidentally, I do not have a misfin configuration file.
And I have switched back to the a45df40 listener.
Here is how I updated my sender installation from a45df40 to 069ff96 in my local git repo:
$ cd /usr/local/src/misfin
$ git remote -v | grep fetch
origin https://gitlab.com/cipres/misfin.git {fetch}
$ git pull
$ pip3 install .
Then I watched as misfin and dependencies were updated.
@gemalaya I did create my cert with "misfin make-cert ..." in late September and have used it to send quite a few messages. Unfortunately too much time has passd for me to be able to tell you the exact command I used to generate the cert
I received 67 messages between 2023-09-28 and 2023-10-03 and then started seeing the SSL errors. During that timespan I used the same misfin version (cipres a45df40) as my listener.
I have not yet tried upgrading my listener to the current release version.
Here is how I run the listener:
/usr/local/bin/misfin receive-as --bin "0.0.0.0" ~/k0stk.pem
When using the AppImage version the path is a bit different, but the rest of the args are the same.
@BBSman Thank you for all the detailed information. Could you please update all the dependencies first with:
pip install -U --force-reinstall .
So .. error code 60 means "certificate required", "the client (sender) didn't provide a certificate". The listener replies 60 because get_peer_certificate() failed.
It would be interesting to add a traceback.print_exc() call in receive_forever() (misfin/misfin.py) in the block that catches the exception for get_peer_certificate() (line 442). You can edit that file from the repo and run "pip install ." again, or edit the file in the site-packages where it's installed.
@gemealaya I am moving the response 60 discussion to a new thread. And I've not observed any more SSL errors (from either the source or AppImage versions) for at least a week.
@BBSman Ok. It's a bit difficult to discuss code issues on BBS because the message size is limited. In case you have a gitlab account you can use the issues tracker here:
@gemalaya If you mean comment size is limited, have you noticed that comments can be drafted from multiple text segments just like main posts? While you still need to enter longer comments in pieces, both comments and posts virtually have no size limitation thanks to this.
In practice, to start drafting a long comment, just enter a single period `.` into the comment prompt.
If you're typing a comment and run out of space, you can end it with a backslash `\` and what you entered so far becomes a draft that you can then extend before publishing.
(Of course, if your client supports Titan then you can post or comment "long texts" directly.)
@skyjake I did not know that, thank you very much for the tip ! By the way, the code for Bubble is not public, is it ? looked for it on codeberg ...
@gemalaya The source is available here on my private Git server:
@skyjake Cheers ! Reading the code now. The "model" module is ... pretty large ^_^ Could be good to turn it into a package ?
@gemalaya (Sorry for derailing the thread...) Personally I have nothing against large modules. There should be some functional justification why it would need to be a package. Currently the module is mainly one hefty class that talks to the SQL database.
That being said, I'm sure the whole code base could be organized in a neater way. However, I'm more of a pragmatist and tend to prioritize cleanup refactorings pretty low if it's just for the sake of tidiness.
@skyjake I agree, it's just that there are a dozen classes, with a class per entity, and then there's the big "Database" class, where there's a lot of logic. This lead me to think that putting the entity classes (Post, User, Subspace, etc ..) in a separate module and have the Database object in another module would make it easier to read and maintain, but it's not a sufficient reason. Great work, i like how it depends on so few libraries.
-- Response ended
-- Page fetched on Sun May 19 14:33:47 2024