New submission from Matt Martz <m...@sivel.net>:
The behavior of how SSL certificate validation is handled was changed in https://bugs.python.org/issue31399 This introduced a new exception, ssl.SSLCertVerificationError, which is raised for any certificate validation error, instead of the previous exception ssl.CertificateError. The primary difference here comes into play in urllib.request: https://github.com/python/cpython/blob/da0847048aa7f934573fa449cea8643def056aa5/Lib/urllib/request.py#L1314-L1318 Previously ssl.CertificateError was not derived from OSError, it instead was derived from ValueError. As such, as of Python3.7, ssl.SSLCertVerificationError is caught by the exception handling referenced above, as it is derived from OSError, and raised as a URLError, causing exception handling issues. You must now introspect e.reason to determine if the exception was caused due to certificate verification or any other URLError, instead of simply catching separate exception types. ---------- assignee: christian.heimes components: Library (Lib), SSL messages: 341985 nosy: christian.heimes, sivel, vstinner priority: normal severity: normal status: open title: Certificate verification errors in urllib.request become URLError type: behavior versions: Python 3.7, Python 3.8, Python 3.9 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue36866> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
