aiosmtpd
aiosmtpd copied to clipboard
aio-libs
ssl.SSLError: Cannot create a client socket with a PROTOCOL_TLS_SERVER context
While creating a SMTP server in the TLS/SSL wrapper I get the following error:
Traceback (most recent call last): File "C:\some_path\some_file.py", line 196, in test_ReceiverSetup_EventLog_Email_SSL self.verify_smtp_client(hostname, port, 'SSL/TLS') File "C:\some_path\some_file.py", line 156, in verify_smtp_client self.server.start() File "C:\some_path\venv\lib\site-packages\aiosmtpd\controller.py", line 223, in start self._trigger_server() File "C:\some_path\venv\lib\site-packages\aiosmtpd\controller.py", line 315, in _trigger_server s = stk.enter_context(self.ssl_context.wrap_socket(s)) File "C:\Python310\lib\ssl.py", line 512, in wrap_socket return self.sslsocket_class._create( File "C:\Python310\lib\ssl.py", line 1061, in _create self._sslobj = self._context._wrap_socket( ssl.SSLError: Cannot create a client socket with a PROTOCOL_TLS_SERVER context (_ssl.c:801)
I think your contexts might be set up wrong, ssl_context is given to Controller to create a client connection to trigger some lazy loading on the server side.
tls_context is what is given to smtpd for the server socket.
Maybe you could share how you set up the contexts and which parameters of Controller they were attached to?
@WojciechRynczuk thanks for opening the issue and the associated PR. I'm going to go ahead and close the PR because as @m11m points out - it looks like this fix isn't quite right.
In fact, what could be a reasonable approach would actually be to catch this particular error and instead of failing like it does, provide a helpful error message specifying that kind of thing.
But Matt's point stands: if you can create a simple example for how to actually reproduce the error message that you're seeing, that would allow us to figure out what's gone wrong :+1: as it is we'd just have to guess, which... could be a lot of things :joy:
FTR, we see this error in the test suite for the mailman openSUSE rpm package:
[ 360s] ======================================================================
[ 360s] ERROR: LayerSuite
[ 360s] ----------------------------------------------------------------------
[ 360s] Traceback (most recent call last):
[ 360s] File "/home/abuild/rpmbuild/BUILD/mailman-3.3.5/src/mailman/testing/layers.py", line 301, in setUp
[ 360s] cls.smtpd.start()
[ 360s] File "/home/abuild/rpmbuild/BUILD/mailman-3.3.5/src/mailman/testing/mta.py", line 177, in start
[ 360s] super().start()
[ 360s] File "/usr/lib/python3.10/site-packages/aiosmtpd/controller.py", line 223, in start
[ 360s] self._trigger_server()
[ 360s] File "/usr/lib/python3.10/site-packages/aiosmtpd/controller.py", line 315, in _trigger_server
[ 360s] s = stk.enter_context(self.ssl_context.wrap_socket(s))
[ 360s] File "/usr/lib64/python3.10/ssl.py", line 513, in wrap_socket
[ 360s] return self.sslsocket_class._create(
[ 360s] File "/usr/lib64/python3.10/ssl.py", line 1062, in _create
[ 360s] self._sslobj = self._context._wrap_socket(
[ 360s] ssl.SSLError: Cannot create a client socket with a PROTOCOL_TLS_SERVER context (_ssl.c:801)
[ 360s]
[ 360s] ----------------------------------------------------------------------
~It could be due to the fact that the rpmbuild environment where this is run does not allow any real network connections.~
I am no expert here. The mailman code is in the test suite and it creates a mocking server with both server and client context.
https://gitlab.com/mailman/mailman/-/blob/master/src/mailman/testing/layers.py#L297 https://gitlab.com/mailman/mailman/-/blob/master/src/mailman/testing/mta.py#L223