Skip to content
This repository has been archived by the owner on Feb 8, 2024. It is now read-only.

ssl.wrap_socket() gots removed within python 3.12 #168

Closed
pfichtner opened this issue Nov 1, 2023 · 0 comments
Closed

ssl.wrap_socket() gots removed within python 3.12 #168

pfichtner opened this issue Nov 1, 2023 · 0 comments

Comments

@pfichtner
Copy link

esp8266-iot-framework/scripts/preBuildCertificates.py

Line 23 in 718e0c1

from ssl import wrap_socket, CERT_NONE, PROTOCOL_SSLv23

gh-94199: Remove the ssl.wrap_socket() function, deprecated in Python 3.7: instead, create a ssl.SSLContext object and call its ssl.SSLContext.wrap_socket method. Any package that still uses ssl.wrap_socket() is broken and insecure. The function neither sends a SNI TLS extension nor validates server hostname. Code is subject to CWE-295: Improper Certificate Validation. Patch by Victor Stinner.

Build fails using Python 3.12

ImportError: cannot import name 'wrap_socket' from 'ssl' (/opt/hostedtoolcache/Python/3.12.0/x64/lib/python3.12/ssl.py):
  File "/opt/hostedtoolcache/Python/3.12.0/x64/lib/python3.12/site-packages/platformio/builder/main.py", line 188:
    env.SConscript("$BUILD_SCRIPT")
  File "/home/runner/.platformio/packages/tool-scons/scons-local-4.4.0/SCons/Script/SConscript.py", line 597:
    return _SConscript(self.fs, *files, **subst_kw)
  File "/home/runner/.platformio/packages/tool-scons/scons-local-4.4.0/SCons/Script/SConscript.py", line 285:
    exec(compile(scriptdata, scriptname, 'exec'), call_stack[-1].globals)
  File "/home/runner/.platformio/platforms/espressif8266/builder/main.py", line 238:
    target_elf = env.BuildProgram()
  File "/home/runner/.platformio/packages/tool-scons/scons-local-4.4.0/SCons/Util.py", line 737:
    return self.method(*nargs, **kwargs)
  File "/opt/hostedtoolcache/Python/3.12.0/x64/lib/python3.12/site-packages/platformio/builder/tools/piobuild.py", line 61:
    env.ProcessProjectDeps()
  File "/home/runner/.platformio/packages/tool-scons/scons-local-4.4.0/SCons/Util.py", line 737:
    return self.method(*nargs, **kwargs)
  File "/opt/hostedtoolcache/Python/3.12.0/x64/lib/python3.12/site-packages/platformio/builder/tools/piobuild.py", line 137:
    plb = env.ConfigureProjectLibBuilder()
  File "/home/runner/.platformio/packages/tool-scons/scons-local-4.4.0/SCons/Util.py", line 737:
    return self.method(*nargs, **kwargs)
  File "/opt/hostedtoolcache/Python/3.12.0/x64/lib/python3.12/site-packages/platformio/builder/tools/piolib.py", line 1178:
    lib_builders = env.GetLibBuilders()
  File "/home/runner/.platformio/packages/tool-scons/scons-local-4.4.0/SCons/Util.py", line 737:
    return self.method(*nargs, **kwargs)
  File "/opt/hostedtoolcache/Python/3.12.0/x64/lib/python3.12/site-packages/platformio/builder/tools/piolib.py", line 1089:
    lb = LibBuilderFactory.new(env, lib_dir)
  File "/opt/hostedtoolcache/Python/3.12.0/x64/lib/python3.12/site-packages/platformio/builder/tools/piolib.py", line 60:
    obj = globals()[clsname](env, path, verbose=verbose)
  File "/opt/hostedtoolcache/Python/3.12.0/x64/lib/python3.12/site-packages/platformio/builder/tools/piolib.py", line 154:
    self.process_extra_options()
  File "/opt/hostedtoolcache/Python/3.12.0/x64/lib/python3.12/site-packages/platformio/builder/tools/piolib.py", line 302:
    self.env.SConscript(
  File "/home/runner/.platformio/packages/tool-scons/scons-local-4.4.0/SCons/Script/SConscript.py", line 597:
    return _SConscript(self.fs, *files, **subst_kw)
  File "/home/runner/.platformio/packages/tool-scons/scons-local-4.4.0/SCons/Script/SConscript.py", line 285:
    exec(compile(scriptdata, scriptname, 'exec'), call_stack[-1].globals)
  File "/home/runner/work/SipDoorbell/SipDoorbell/.pio/libdeps/nodemcuv2/ESP8266 IoT Framework/scripts/preBuild.py", line 21:
    from preBuildCertificates import preBuildCertificatesFun
  File "/home/runner/work/SipDoorbell/SipDoorbell/.pio/libdeps/nodemcuv2/ESP8266 IoT Framework/scripts/preBuildCertificates.py", line 23:
    from ssl import wrap_socket, CERT_NONE, PROTOCOL_SSLv23
pfichtner added a commit to pfichtner/SipDoorbell that referenced this issue Dec 13, 2023
@pfichtner
run on ubuntu-20.04 for a workaroud of maakbaas/esp8266-iot-framework…
f634d9e 
…#168
pfichtner added a commit to pfichtner/SipDoorbell that referenced this issue Dec 13, 2023
@pfichtner
run on ubuntu-20.04 for a workaroud of maakbaas/esp8266-iot-framework…
d54b25d 
…#168
pfichtner added a commit to pfichtner/SipDoorbell that referenced this issue Dec 13, 2023
@pfichtner
run on ubuntu-20.04 for a workaroud of maakbaas/esp8266-iot-framework…
d355faf 
…#168
pfichtner added a commit to pfichtner/SipDoorbell that referenced this issue Dec 13, 2023
@pfichtner
run on ubuntu-20.04 for a workaroud of maakbaas/esp8266-iot-framework…
0f824c3 
…#168
pfichtner added a commit to pfichtner/SipDoorbell that referenced this issue Dec 13, 2023
@pfichtner
Revert "run on ubuntu-20.04 for a workaroud of maakbaas/esp8266-iot-f…
e28ab31 
…ramework#168"

This reverts commit 0f824c3.
pfichtner added a commit to pfichtner/SipDoorbell that referenced this issue Dec 13, 2023
@pfichtner
Revert "run on ubuntu-20.04 for a workaroud of maakbaas/esp8266-iot-f…
ce597e3 
…ramework#168"

This reverts commit 0f824c3.
pfichtner added a commit to pfichtner/SipDoorbell that referenced this issue Dec 13, 2023
@pfichtner
Revert "run on ubuntu-20.04 for a workaroud of maakbaas/esp8266-iot-f…
72adbfc 
…ramework#168"

This reverts commit 0f824c3.
pfichtner added a commit to pfichtner/SipDoorbell that referenced this issue Dec 13, 2023
@pfichtner
Revert "run on ubuntu-20.04 for a workaroud of maakbaas/esp8266-iot-f…
4da8689 
…ramework#168"

This reverts commit 0f824c3.
pfichtner added a commit to pfichtner/SipDoorbell that referenced this issue Dec 25, 2023
@dependabot @pfichtner
Bump step-security/harden-runner from 2.6.0 to 2.6.1 (#33)
dceb774 
* Bump step-security/harden-runner from 2.6.0 to 2.6.1

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@1b05615...eb238b5)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* run on ubuntu-20.04 for a workaroud of maakbaas/esp8266-iot-framework#168

* also run on ubuntu-20.04

* Revert "also run on ubuntu-20.04"

This reverts commit ae13eca.

* Revert "run on ubuntu-20.04 for a workaroud of maakbaas/esp8266-iot-framework#168"

This reverts commit 0f824c3.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Peter Fichtner (pfichtner) <pfichtner@users.noreply.github.com>
pfichtner added a commit to pfichtner/SipDoorbell that referenced this issue Dec 25, 2023
@dependabot @pfichtner
Bump actions/dependency-review-action from 3.1.0 to 3.1.4 (#35)
03010eb 
* Bump actions/dependency-review-action from 3.1.0 to 3.1.4

Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.1.0 to 3.1.4.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](actions/dependency-review-action@6c5ccda...01bc870)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* run on ubuntu-20.04 for a workaroud of maakbaas/esp8266-iot-framework#168

* also run on ubuntu-20.04

* Revert "also run on ubuntu-20.04"

This reverts commit ae13eca.

* Revert "run on ubuntu-20.04 for a workaroud of maakbaas/esp8266-iot-framework#168"

This reverts commit 0f824c3.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Peter Fichtner (pfichtner) <pfichtner@users.noreply.github.com>
pfichtner added a commit to pfichtner/SipDoorbell that referenced this issue Dec 25, 2023
@dependabot @pfichtner
Bump github/codeql-action from 2.22.4 to 2.22.10 (#37)
aa09426 
* Bump github/codeql-action from 2.22.4 to 2.22.10

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.4 to 2.22.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@49abf0b...305f654)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* run on ubuntu-20.04 for a workaroud of maakbaas/esp8266-iot-framework#168

* also run on ubuntu-20.04

* Revert "also run on ubuntu-20.04"

This reverts commit ae13eca.

* Revert "run on ubuntu-20.04 for a workaroud of maakbaas/esp8266-iot-framework#168"

This reverts commit 0f824c3.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Peter Fichtner (pfichtner) <pfichtner@users.noreply.github.com>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pfichtner