sslerror: (8, 'EOF occurred in violation of protocol') ???

[Robert]

On some connections only from some computers/network setups I get this
error:

Traceback (most recent call last):
File "<interactive input>", line 1, in ?
File "ClientCookie\_urllib2_support.pyo", line 524, in open
File "ClientCookie\_urllib2_support.pyo", line 424, in http_response
File "ClientCookie\_urllib2_support.pyo", line 541, in error
File "urllib2.pyo", line 306, in _call_chain
File "ClientCookie\_urllib2_support.pyo", line 185, in http_error_302
File "ClientCookie\_urllib2_support.pyo", line 518, in open
File "urllib2.pyo", line 326, in open
File "urllib2.pyo", line 306, in _call_chain
File "ClientCookie\_urllib2_support.pyo", line 759, in https_open
File "ClientCookie\_urllib2_support.pyo", line 608, in do_open
File "httplib.pyo", line 712, in endheaders
File "httplib.pyo", line 597, in _send_output
File "httplib.pyo", line 564, in send
File "httplib.pyo", line 985, in connect
File "socket.pyo", line 73, in ssl
sslerror: (8, 'EOF occurred in violation of protocol')


The server is always the same and ok. but different
client-OS/proxies/firewalls/routers are in use.
What is the nature of this error? How is it possible that an EOF in
ssl-connections (during connect?) occures? What can be done to
handle/circumvent that problem?

Robert

 

[Robert]

On some connections only from some computers/network setups I get this
error:

Traceback (most recent call last):
File "<interactive input>", line 1, in ?
File "ClientCookie\_urllib2_support.pyo", line 524, in open
File "ClientCookie\_urllib2_support.pyo", line 424, in http_response
File "ClientCookie\_urllib2_support.pyo", line 541, in error
File "urllib2.pyo", line 306, in _call_chain
File "ClientCookie\_urllib2_support.pyo", line 185, in http_error_302
File "ClientCookie\_urllib2_support.pyo", line 518, in open
File "urllib2.pyo", line 326, in open
File "urllib2.pyo", line 306, in _call_chain
File "ClientCookie\_urllib2_support.pyo", line 759, in https_open
File "ClientCookie\_urllib2_support.pyo", line 608, in do_open
File "httplib.pyo", line 712, in endheaders
File "httplib.pyo", line 597, in _send_output
File "httplib.pyo", line 564, in send
File "httplib.pyo", line 985, in connect
File "socket.pyo", line 73, in ssl
sslerror: (8, 'EOF occurred in violation of protocol')

In http://groups.google.de/group/comp.lang.python/msg/252b421a7d9ff037 Jp
Calderone wrote:

From: "Paul Rubin" "http://phr.cx"@NOSPAM.invalid

[...]

[...]

Have you verified that its your end that is broken, not gmail's, do other
servers give the same response ?

No, I have not -- I should have, as I know now: Connecting, starttls,
login and sending mail works fine without the above mentioned error
using my previous mail provider.

Does that mean Gmail is in error here? I don't know...

Most SSL servers and clients (primarily HTTP, but some SMTP as well) are
broken in this regard: they do not properly negotiate TLS connection
shutdown. This causes one end or the other to notice an SSL protocol error.
Most of the time, the only thing left to do after the TLS connection
shutdown is normal TCP connection shutdown, so the error doesn't lead to any
problems (which is probably why so much software generates this problem).
Of course, there's no way to *tell* if this is the case or not, at least
programmatically. If you receive an OK response to your DATA, you probably
don't need to worry, since you have gotten what you wanted out of the
conversation.

It's entirely possible that the fault here lies on gmail's end, but it is
also possible that the fault is in your code or the standard library ssl
support. Unless you want to dive into Python's OpenSSL bindings or start
examining network traces of SSL traffic, you probably won't be able to
figure out who's to blame in this particular case. The simplest thing to do
is probably just capture and discard that particular error (again, assuming
you are getting an OK resposne to your DATA command).

</cit>


In fact I saw the same problem with SSL-SMTP and Googles GMAIL. the sslerror
can be ignored.

But in my case here (HTTPS) the transaction story (redirected https-request)
is not yet
completed. I don't have the essential data communicated at the moment of the
error. What can be done?

Robert