#2765 closed bug (Fixed)
Add support for TLS SNI in httpdownloader
Reported by: | Calum | Owned by: | |
---|---|---|---|
Priority: | minor | Milestone: | 1.3.13 |
Component: | Core | Version: | 1.3.11 |
Keywords: | Cc: |
Description
Sites that use cloudflare require TLSv1.2 and use SNI.
From forum: http://forum.deluge-torrent.org/viewtopic.php?f=7&p=218087#p218087
[DEBUG ] 11:54:50 addtorrentdialog:715 Download failed: [Failure instance: Traceback: <class 'OpenSSL.SSL.Error'>: [('SSL routines', 'SSL23_GET_SERVER_HELLO', 'tlsv1 alert internal error')] twisted/internet/selectreactor.py:149:_doReadOrWrite twisted/internet/tcp.py:209:doRead twisted/internet/tcp.py:215:_dataReceived twisted/protocols/tls.py:415:dataReceived --- <exception caught here> --- twisted/protocols/tls.py:554:_write OpenSSL/SSL.py:1271:send OpenSSL/SSL.py:1187:_raise_ssl_error OpenSSL/_util.py:48:exception_from_error_queue ]
As this is now supported in Twisted >= 14 we can add support.
To verify if this is the issue a simply test without the server name:
openssl s_client -connect www.seo.com:443 > ... > 139785801238176:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:770: > ...
By adding the server name in the request it will now pass:
openssl s_client -connect www.seo.com:443 -servername seo.com
Change History (2)
comment:1 by , 9 years ago
comment:2 by , 9 years ago
Resolution: | → Fixed |
---|---|
Status: | new → closed |
Fixed 1.3-stable: [697c22a46cfc]
Just to reiterate this fix requires Twisted >= 14 to work.
Note:
See TracTickets
for help on using tickets.
For reference here is the current working code:
deluge/httpdownloader.py