Hello,
I was working on my contribution Github2Fusion360 and I faced a problem to access Github server on Mac :
Fail to reach a server [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:720)
I tried to use PROTOCOL_TLSv1_1 but it didn't work. This protocol is only available with OpenSSL version 1.0.1+ and Fusion 360 works with OpenSSL 0.9.8 on Mac
On Windows :
>>> import ssl >>> ssl.OPENSSL_VERSION OpenSSL 1.0.2j 26 Sep 2016
On Mac :
>>> import ssl >>> ssl.OPENSSL_VERSION OpenSSL 0.9.8zh 14 Jan 2016
It seems to be a mistake during compilation because Fusion 360 is distributed with the same file "ssl.py" on Windows and on Mac
Thanks
Jérôme Briot, Freelance engineer - Mechanical design and prototyping
3D Print Plus / Pro | IDF Import | GitHub To Fusion 360 | Tube Bending Data Exchanger | Slice Data Export
Memory Used | Basic Calculator | Check Computer Specifications | Import spline from any CSV file
Here is a small code to reproduce the error on Mac :
import traceback import urllib def run(context): try: url = 'https://github.com/caseycrogers/Dogbone/blob/master/Dogbone.manifest' request = urllib.request.Request(url) # Check if the URL is reachable try: urllib.request.urlopen(request) except urllib.error.HTTPError as e: print('The server couldn\'t fulfill the request.\n{}'.format(e)) return except urllib.error.URLError as e: print('Fail to reach a server.\n{}'.format(e.reason)) return print("Succeed") except: print('Failed:\n{}'.format(traceback.format_exc()))
Jérôme Briot, Freelance engineer - Mechanical design and prototyping
3D Print Plus / Pro | IDF Import | GitHub To Fusion 360 | Tube Bending Data Exchanger | Slice Data Export
Memory Used | Basic Calculator | Check Computer Specifications | Import spline from any CSV file
Hello,
I can reproduce the issue you mentioned. Unfortunately it seemed that we have to upgrade the version of Python(3.5.3) which Fusion 360 is using to solve the issue according to the thread as below.
https://stackoverflow.com/questions/44316292/ssl-sslerror-tlsv1-alert-protocol-version?rq=1
I will create UP-38248 to track the issue in our internal system.
Thanks,
Marshal
Hello,
I digged into the source of Python 3.5.3 and found a file "build-installer.py" ("Mac\BuildScript" folder) where we can read:
# The OpenSSL libs shipped with OS X 10.5 and earlier are # hopelessly out-of-date and do not include Apple's tie-in to # the root certificates in the user and system keychains via TEA # that was introduced in OS X 10.6. Note that this applies to # programs built and linked with a 10.5 SDK even when run on # newer versions of OS X. # # Dealing with CAs is messy. For now, just supply a # local libssl and libcrypto for the older installer variants # (e.g. the python.org 10.5+ 32-bit-only installer) that use the # same default ssl certfile location as the system libs do: # /System/Library/OpenSSL/cert.pem # Then at least TLS connections can be negotiated with sites that # use sha-256 certs like python.org, assuming the proper CA certs # have been supplied. The default CA cert management issues for # 10.5 and earlier builds are the same as before, other than it is # now more obvious with cert checking enabled by default in the # standard library. # # For builds with 10.6 through 10.9 SDKs, # continue to use the deprecated but # less out-of-date Apple 0.9.8 libs for now. While they are less # secure than using an up-to-date 1.0.1 version, doing so # avoids the big problems of forcing users to have to manage # default CAs themselves, thanks to the Apple libs using private TEA # APIs for cert validation from keychains if validation using the # standard OpenSSL locations (/System/Library/OpenSSL, normally empty) # fails. # # Since Apple removed the header files for the deprecated system # OpenSSL as of the Xcode 7 release (for OS X 10.10+), we do not # have much choice but to build our own copy here, too. result.extend([ dict( name="OpenSSL 1.0.2j", url="https://www.openssl.org/source/openssl-1.0.2j.tar.gz", checksum='96322138f0b69e61b7212bc53d5e912b', patches=[ "openssl_sdk_makedepend.patch", ], buildrecipe=build_universal_openssl, configure=None, install=None, ), ])
So it should be possible to patch the installation with the file "openssl_sdk_makedepend.patch". Maybe someone at Autodesk could tell us more about that ?
Note that people had the same problem with the Blender software: Python uses old openssl version on OSX
Jérôme Briot, Freelance engineer - Mechanical design and prototyping
3D Print Plus / Pro | IDF Import | GitHub To Fusion 360 | Tube Bending Data Exchanger | Slice Data Export
Memory Used | Basic Calculator | Check Computer Specifications | Import spline from any CSV file
Hello,
I added your notes to the bug item tracked in our internal system.
Thanks,
Marshal
I found a workaround to download files via Python on Mac.
The solution is to use the subprocess module to call curl as an external command (Is every Mac has cURL pre-installed?)
Here is the idea:
import adsk.core, traceback import subprocess import os def run(context): ui = None try: app = adsk.core.Application.get() ui = app.userInterface master_zip = 'https://github.com/caseycrogers/Dogbone/archive/master.zip' local_zip = '/'.join([os.getenv('HOME'), 'Desktop', 'master.zip']) try: # Check if the URL is reachable out = subprocess.check_output(['curl', '-I', master_zip]) if out.decode().find('Status: 302 Found') > 0: # Download the master zip file in the temporary folder subprocess.call(['curl', '-o', local_zip, '-L', master_zip]) else: ui.messageBox('Fail to reach a server.\n\n{}'.format(out.decode())) except subprocess.CalledProcessError as e: ui.messageBox('Subprocess failed:\nReturncode: {}\n\nOutput:{}'.format(e.returncode, e.output)) except: if ui: ui.messageBox('Failed:\n{}'.format(traceback.format_exc()))
Jérôme Briot, Freelance engineer - Mechanical design and prototyping
3D Print Plus / Pro | IDF Import | GitHub To Fusion 360 | Tube Bending Data Exchanger | Slice Data Export
Memory Used | Basic Calculator | Check Computer Specifications | Import spline from any CSV file
I am running in the same issue with my Add In on MacOS.
Are there any news on the Support Ticket/ Bug UP-38248. it has been already more than half a year and nothing has changed?
Greets Fabi
Because it seems like nobody cares here. I created a new topic under support for this issue.