Py 3.10: ssl.SSLError: Cannot create a client socket with a PROTOCOL_TLS_SERVER context

[frenck]

Reported at the Home Assistant project:

2022-07-06 11:27:01 ERROR (MainThread) [homeassistant] Error doing job: Task exception was never retrieved
Traceback (most recent call last):
  File "/usr/local/lib/python3.10/asyncio/base_events.py", line 1089, in create_connection
    transport, protocol = await self._create_connection_transport(
  File "/usr/local/lib/python3.10/asyncio/base_events.py", line 1119, in _create_connection_transport
    await waiter
  File "/usr/local/lib/python3.10/asyncio/sslproto.py", line 637, in _on_handshake_complete
    raise handshake_exc
  File "/usr/local/lib/python3.10/asyncio/sslproto.py", line 682, in _process_write_backlog
    ssldata = self._sslpipe.do_handshake(
  File "/usr/local/lib/python3.10/asyncio/sslproto.py", line 116, in do_handshake
    self._sslobj = self._context.wrap_bio(
  File "/usr/local/lib/python3.10/ssl.py", line 527, in wrap_bio
    return self.sslobject_class._create(
  File "/usr/local/lib/python3.10/ssl.py", line 866, in _create
    sslobj = context._wrap_bio(
ssl.SSLError: Cannot create a client socket with a PROTOCOL_TLS_SERVER context (_ssl.c:801)
No error when I disable imap sensor in config and restart

This seems to be related to more strict handling in Python 3.10 (which the Home Assistant project has been switched to).

It happens when setting the default SSL context:

aioimaplib/aioimaplib/aioimaplib.py

Line 834 in 544e735

ssl_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)

According to documentation, however, this is used to create a server side sockets:

ref: https://docs.python.org/3/library/ssl.html#ssl.Purpose.CLIENT_AUTH

I guess it needs to be using:

ref: https://docs.python.org/3/library/ssl.html#ssl.Purpose.SERVER_AUTH

Downstream issue: home-assistant/core#74487

[nao-pon]

@frenck thank you! After fixing it as you pointed out, it works fine. 😄

[J-o-h-n-M]

@frenck thank you! After fixing it as you pointed out, it works fine. 😄

Where can I find the file in home assistant? I searched everywhere but cant find aioimaplib.py. I would like to fix it and then hopefully on the next update it will be overwritten with a good version by itself. I am on Home assistant OS.

[nao-pon]

It needs to be fixed in the homeassistant instance of docker.

@J-o-h-n-M You need to shell log in to the host as an administrator using SSH & Web Terminal add-on etc.

ssh hassio@192.168.x.x
docker exec -it homeassistant /bin/bash

vi /usr/local/lib/python3.10/site-packages/aioimaplib/aioimaplib.py

[J-o-h-n-M]

@nao-pon Thanks! I also made the modification that @frenck suggested and indeed it works like a charm again.

[J-o-h-n-M]

Any idea when this will be in a HA release? I have to update manually every time now.

[frenck]

Any idea when this will be in a HA release?

Depends when this issue is addressed in this library :)

[DavidFW1960]

Any idea when this will be in a HA release? I have to update manually every time now.

I made a custom_component that fixes this until they merge the fix here. Referenced in the HA thread here home-assistant/core#74487 (comment)