New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

https GET request fails with "handshake failure" #2022

Closed
jaddison opened this Issue Apr 26, 2014 · 76 comments

Comments

Projects
None yet
@jaddison
Copy link

jaddison commented Apr 26, 2014

Related to #1083, perhaps. Standard requests.get() for this particular site/page https://docs.apitools.com/2014/04/24/a-small-router-for-openresty.html results in:

>>> import requests
>>> requests.get('https://docs.apitools.com/2014/04/24/a-small-router-for-openresty.html')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/api.py", line 55, in get
    return request('get', url, **kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/api.py", line 44, in request
    return session.request(method=method, url=url, **kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/sessions.py", line 383, in request
    resp = self.send(prep, **send_kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/sessions.py", line 486, in send
    r = adapter.send(request, **kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/adapters.py", line 385, in send
    raise SSLError(e)
requests.exceptions.SSLError: [Errno 1] _ssl.c:504: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

Using request-toolbelt's SSLAdapter to try various ssl versions, they all fail, it would seem... see following tracebacks.

TLSv1:

>>> adapter = SSLAdapter('TLSv1')
>>> s = requests.Session()
>>> s.mount('https://', adapter)
>>> s.get('https://docs.apitools.com/2014/04/24/a-small-router-for-openresty.html')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/sessions.py", line 395, in get
    return self.request('GET', url, **kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/sessions.py", line 383, in request
    resp = self.send(prep, **send_kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/sessions.py", line 486, in send
    r = adapter.send(request, **kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/adapters.py", line 385, in send
    raise SSLError(e)
requests.exceptions.SSLError: [Errno 1] _ssl.c:504: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure

SSLv3:

>>> adapter = SSLAdapter('SSLv3')
>>> s = requests.Session()
>>> s.mount('https://', adapter)
>>> s.get('https://docs.apitools.com/2014/04/24/a-small-router-for-openresty.html')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/sessions.py", line 395, in get
    return self.request('GET', url, **kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/sessions.py", line 383, in request
    resp = self.send(prep, **send_kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/sessions.py", line 486, in send
    r = adapter.send(request, **kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/adapters.py", line 385, in send
    raise SSLError(e)
requests.exceptions.SSLError: [Errno 1] _ssl.c:504: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure

SSLv2:

>>> adapter = SSLAdapter('SSLv2')
>>> s = requests.Session()
>>> s.mount('https://', adapter)
>>> s.get('https://docs.apitools.com/2014/04/24/a-small-router-for-openresty.html')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/sessions.py", line 395, in get
    return self.request('GET', url, **kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/sessions.py", line 383, in request
    resp = self.send(prep, **send_kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/sessions.py", line 486, in send
    r = adapter.send(request, **kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/adapters.py", line 378, in send
    raise ConnectionError(e)
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='docs.apitools.com', port=443): Max retries exceeded with url: /2014/04/24/a-small-router-for-openresty.html (Caused by <class 'socket.error'>: [Errno 54] Connection reset by peer)

Note the last one gives a Connection reset by peer error, which differs from the others, but I'm pretty sure SSLv2 isn't supported by the server anyhow.

For fun, I tried to pass through some more appropriate headers through on the last request as well:

>>> headers = {
...     'Accept': u"text/html,application/xhtml+xml,application/xml",
...     'User-Agent': u"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36",
...     'Accept-Encoding': u"gzip,deflate",
...     'Accept-Language': u"en-US,en;q=0.8"
... }
>>> adapter = SSLAdapter('SSLv2')
>>> s = requests.Session()
>>> s.mount('https://', adapter)
>>> s.get('https://docs.apitools.com/2014/04/24/a-small-router-for-openresty.html', headers=headers)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/sessions.py", line 395, in get
    return self.request('GET', url, **kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/sessions.py", line 383, in request
    resp = self.send(prep, **send_kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/sessions.py", line 486, in send
    r = adapter.send(request, **kwargs)
  File "/Users/jaddison/.virtualenvs/techtown/lib/python2.7/site-packages/requests/adapters.py", line 378, in send
    raise ConnectionError(e)
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='docs.apitools.com', port=443): Max retries exceeded with url: /2014/04/24/a-small-router-for-openresty.html (Caused by <class 'socket.error'>: [Errno 54] Connection reset by peer)

No dice there either. Here's what the HTTPS connection info in Chrome on Mac looks like:

screen shot 2014-04-26 at 10 35 21 am

I'm not positive, but some googling indicates it's likely a cipher list issue, which is more urllib3, I think?

I tried to modify DEFAULT_CIPHER_LIST in pyopenssl, but started running into import errors. At this point it seemed like things were just broken, and there wasn't really a proper way to approach fixing this yet.

Version information:
OSX Mavericks
Python 2.7.5
OpenSSL 0.9.8y 5 Feb 2013 - (from python -c "import ssl; print ssl.OPENSSL_VERSION")
requests 2.2.1
requests-toolbelt 0.2.0
urllib3 1.8

@Lukasa

This comment has been minimized.

Copy link
Collaborator

Lukasa commented Apr 26, 2014

Sadly, this is unrelated to the issue you identified, and entirely down to the crappy OpenSSL that OS X ships with by default. Version 0.9.8y has some real problems with performing SSL handshakes, and some servers don't tolerate it well. Using Python 3 on my OS X box (therefore using a newer OpenSSL) reveals that there's no problem.

You have two options:

  1. Install OpenSSL from Homebrew, then install a new version of Python 2 from Homebrew which will automatically link against the Homebrew-provided OpenSSL.
  2. Install OpenSSL from Homebrew, and then install PyOpenSSL against that new version by running env ARCHFLAGS="-arch x86_64" LDFLAGS="-L/usr/local/opt/openssl/lib" CFLAGS="-I/usr/local/opt/openssl/include" pip install PyOpenSSL.
@jaddison

This comment has been minimized.

Copy link
Author

jaddison commented Apr 26, 2014

Ah, looks like I was following a red herring then - I don't plan on deploying anything on OSX anyhow. Looks like I'll move my testing to a linux virtualbox. Apologies for this long-winded issue!

@jaddison jaddison closed this Apr 26, 2014

@Lukasa

This comment has been minimized.

Copy link
Collaborator

Lukasa commented Apr 26, 2014

No need to apologise, asking that question was the right thing to do: it's bizarrely specific knowledge to know that OS X has this problem. =)

@jaddison

This comment has been minimized.

Copy link
Author

jaddison commented Apr 26, 2014

Ok, this is a bummer. I created an Ubuntu 14.04 server 32bit Virtualbox image via Vagrant and this is all still happening except for the SSLv2 case, where it fails because the protocol isn't included in the OpenSSL version in Ubuntu 14.04 (by design, I believe - SSLv2 is old and outdated).

Versions:
Ubuntu 14.04 32bit (via Vagrant/Virtualbox combo)
Python 2.7.6
requests==2.2.1
requests-toolbelt==0.2.0
urllib3==1.8.2

EDIT: forgot the OpenSSL version...

python -c "import ssl; print ssl.OPENSSL_VERSION"
OpenSSL 1.0.1f 6 Jan 2014

TLSv1:

>>> import requests
>>> from requests_toolbelt import SSLAdapter
>>> adapter = SSLAdapter('TLSv1')
>>> s = requests.Session()
>>> s.mount('https://', adapter)
>>> s.get('https://docs.apitools.com/2014/04/24/a-small-router-for-openresty.html')
Traceback (most recent call last):
  File "<console>", line 1, in <module>
  File "/home/vagrant/.virtualenvs/techtown/local/lib/python2.7/site-packages/requests/sessions.py", line 395, in get
    return self.request('GET', url, **kwargs)
  File "/home/vagrant/.virtualenvs/techtown/local/lib/python2.7/site-packages/requests/sessions.py", line 383, in request
    resp = self.send(prep, **send_kwargs)
  File "/home/vagrant/.virtualenvs/techtown/local/lib/python2.7/site-packages/requests/sessions.py", line 486, in send
    r = adapter.send(request, **kwargs)
  File "/home/vagrant/.virtualenvs/techtown/local/lib/python2.7/site-packages/requests/adapters.py", line 385, in send
    raise SSLError(e)
SSLError: [Errno 1] _ssl.c:510: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure

SSLv2:

>>> import requests
>>> from requests_toolbelt import SSLAdapter
>>> adapter = SSLAdapter('SSLv3')
>>> s = requests.Session()
>>> s.mount('https://', adapter)
>>> s.get('https://docs.apitools.com/2014/04/24/a-small-router-for-openresty.html')
Traceback (most recent call last):
  File "<console>", line 1, in <module>
  File "/home/vagrant/.virtualenvs/techtown/local/lib/python2.7/site-packages/requests/sessions.py", line 395, in get
    return self.request('GET', url, **kwargs)
  File "/home/vagrant/.virtualenvs/techtown/local/lib/python2.7/site-packages/requests/sessions.py", line 383, in request
    resp = self.send(prep, **send_kwargs)
  File "/home/vagrant/.virtualenvs/techtown/local/lib/python2.7/site-packages/requests/sessions.py", line 486, in send
    r = adapter.send(request, **kwargs)
  File "/home/vagrant/.virtualenvs/techtown/local/lib/python2.7/site-packages/requests/adapters.py", line 385, in send
    raise SSLError(e)
SSLError: [Errno 1] _ssl.c:510: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure

SSLv23:

>>> import requests
>>> from requests_toolbelt import SSLAdapter
>>> adapter = SSLAdapter('SSLv23')
>>> s = requests.Session()
>>> s.mount('https://', adapter)
>>> s.get('https://docs.apitools.com/2014/04/24/a-small-router-for-openresty.html')
Traceback (most recent call last):
  File "<console>", line 1, in <module>
  File "/home/vagrant/.virtualenvs/techtown/local/lib/python2.7/site-packages/requests/sessions.py", line 395, in get
    return self.request('GET', url, **kwargs)
  File "/home/vagrant/.virtualenvs/techtown/local/lib/python2.7/site-packages/requests/sessions.py", line 383, in request
    resp = self.send(prep, **send_kwargs)
  File "/home/vagrant/.virtualenvs/techtown/local/lib/python2.7/site-packages/requests/sessions.py", line 486, in send
    r = adapter.send(request, **kwargs)
  File "/home/vagrant/.virtualenvs/techtown/local/lib/python2.7/site-packages/requests/adapters.py", line 385, in send
    raise SSLError(e)
SSLError: [Errno 1] _ssl.c:510: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

Perhaps this is a cipher list issue then? Or is the OpenSSL version used here still problematic?

@jaddison jaddison reopened this Apr 26, 2014

@jaddison

This comment has been minimized.

Copy link
Author

jaddison commented Apr 26, 2014

I am absolutely willing to put in some time to help debug this if necessary... provided you guys give me some direction.

@t-8ch

This comment has been minimized.

Copy link
Contributor

t-8ch commented Apr 26, 2014

VM is downloading. I can't reproduce this on ArchLinux.
The stacktraces indicate this but I'd like to be sure: You are not using PyOpenSSL but only the stdlib?

@Lukasa

This comment has been minimized.

Copy link
Collaborator

Lukasa commented Apr 26, 2014

@t-8ch Thanks for taking a look at this, I'm a bit confused. OpenSSL makes my life really hard =(

@jaddison

This comment has been minimized.

Copy link
Author

jaddison commented Apr 26, 2014

@t-8ch I haven't installed PyOpenSSL if that's what you're asking?

I would have assumed (perhaps incorrectly) that pip install requests should give me everything I need to successfully call requests.get('...') on an HTTPS page. Which, of course, it works for the most part, just not for this site for some reason.

@Lukasa

This comment has been minimized.

Copy link
Collaborator

Lukasa commented Apr 26, 2014

@jaddison It mostly does. Unfortunately, Python 2.7s standard library sucks hard and doesn't support some features, such as SNI.

I wonder if this is SNI...

@t-8ch

This comment has been minimized.

Copy link
Contributor

t-8ch commented Apr 26, 2014

@jaddison There are two different codepaths behind the scenes. You shouldn't have to care about those, but it helps to know when debugging.

However I can now reproduce this on ubuntu. But only o Py2. On Py3 everything is fine.
I suspect @Lukasa is right and the server fails when the client is not using SNI.

@Lukasa

This comment has been minimized.

Copy link
Collaborator

Lukasa commented Apr 26, 2014

It bothers me that an absence of SNI fails in multiple different ways depending on the server in question.

@jaddison

This comment has been minimized.

Copy link
Author

jaddison commented Apr 26, 2014

I did notice this change between OpenSSL 1.0.1f and 1.0.1g (https://www.openssl.org/news/openssl-1.0.1-notes.html):

Add TLS padding extension workaround for broken servers.

EDIT: Ahh, nevermind - the bug shouldn't vary between Py 2 and 3, I'd think.

@Lukasa

This comment has been minimized.

Copy link
Collaborator

Lukasa commented Apr 26, 2014

@jaddison To test whether this is SNI, you'll need to install the SNI requirements for Python 2.

@t-8ch

This comment has been minimized.

Copy link
Contributor

t-8ch commented Apr 26, 2014

@Lukasa was right. Compare:

$ openssl s_client -connect docs.apitools.com:443                              
CONNECTED(00000003)
139846853338768:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:762:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 517 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

$  openssl s_client -connect docs.apitools.com:443 -servername docs.apitools.com
... happy handshake here
@t-8ch

This comment has been minimized.

Copy link
Contributor

t-8ch commented Apr 26, 2014

To elaborate: The second command enables the SNI functionality of openssl s_client.

You can a) switch to python3 b) install extra dependencies.
The stdlib has at the moment no way to do SNI.

@jaddison

This comment has been minimized.

Copy link
Author

jaddison commented Apr 26, 2014

Thanks for the quick feedback. Seeing as there is no bug, I'll close this... again.

@yetesh

This comment has been minimized.

Copy link

yetesh commented Nov 16, 2014

Hey, thank you guys !! I installed python3 on my mac and boom, it works.

@Miserlou Miserlou referenced this issue Feb 19, 2015

Closed

SSL Error #22

@Microserf

This comment has been minimized.

Copy link

Microserf commented Feb 23, 2015

Just want to chime in and say that I experienced this issue on OS X 10.9.5, Python 2.7.7 and OpenSSL 0.9.8zc.

I was able to fix my handshaking issue by:

  1. Installing a newer-than-stock OpenSSL on my machine via brew install OpenSSL
  2. Compiling and installing the cryptography package linked against the new OpenSSL (env ARCHFLAGS="-arch x86_64" LDFLAGS="-L/usr/local/opt/openssl/lib" CFLAGS="-I/usr/local/opt/openssl/include" pip install cryptography)
  3. Installing requests with SNI support by doing pip install requests[security]
@SethGoodLuckMartin

This comment has been minimized.

Copy link

SethGoodLuckMartin commented Feb 17, 2017

@markstrefford 's solution also worked for me.

@melvyn-sopacua

This comment has been minimized.

Copy link

melvyn-sopacua commented Apr 2, 2017

Just a heads up for anyone using OpenSSL 1.1:
You'll run into this issue as well, even when forcing TLS adapters, when the remote server offers Elliptic Curves as the first option.
The cause is: http://bugs.python.org/issue29697

@santiagobasulto

This comment has been minimized.

Copy link

santiagobasulto commented Apr 28, 2017

Hey guys! I'm having the same issue with the following server https://34.200.105.231/SID/Service.svc?wsdl. I've tried everything and I jump from and to the same 2 errors:

  • requests.exceptions.SSLError: ("bad handshake: SysCallError(-1, 'Unexpected EOF')",)
  • requests.exceptions.SSLError: EOF occurred in violation of protocol (_ssl.c:661)

Any ideas? @Lukasa, I see a few issues with the Certificate, but seems like it shouldn't be that bad: https://sslanalyzer.comodoca.com/?url=34.200.105.231

@Lukasa

This comment has been minimized.

Copy link
Collaborator

Lukasa commented Apr 28, 2017

The certificate won't usually cause this problem: this problem is caused by the server hanging up on us, so usually it's the result of a cipher suite mismatch. In this case, that's exactly what's going on as you can see here.

This is a server that, frankly, should never be exposed to the open internet. There are no secure methods of communicating with this server: none, zero. This is why the handshake fails: Requests only accepts modern cipher suites, and there are no modern cipher suites available to this server. The best option is TLS_RSA_WITH_3DES_EDE_CBC_SHA, an option we removed because it is vulnerable to practical attacks on large-scale data transfer.

If this server is yours, please upgrade it to a better TLS implementation or change the settings. Otherwise, my first bit of advice is to reconsider ever speaking to this server. If you must, then you can use the code here, but I strongly recommend that you put pressure on the server operator to fix this mess.

@IceBearZero

This comment has been minimized.

Copy link

IceBearZero commented Apr 28, 2017

@Lukasa -- thanks for working through this with everyone! Ive read through and tried most of this

Issue

When running script on Windows it all works.
When running script on OSX receive:

raise SSLError(e, request=request)
requests.exceptions.SSLError: ("bad handshake: SysCallError(-1, 'Unexpected EOF')",)

Im not convinced it is not the server itself, but would appreciate any additional help to confirm and/or pop me out of this rabbit hole. Would be a huge win to get it to work.

OSX specifics:

  • Python Python 2.7.10
  • OpenSSL OpenSSL 1.1.1-dev xx XXX xxxx (compiled via GitHub)
  • using PIP to install

Attempts made

  • uninstalled pyopenssl, requests, requests[security], cryptography
  • installed against env ARCHFLAGS="-arch x86_64" LDFLAGS="-L/usr/local/opt/openssl/lib" CFLAGS="-I/usr/local/opt/openssl/include" pip install --force-reinstall --no-cache-dir {PACKAGE}

I am not 100% sure that installing against the openssl actually did anything, as it seemed to act the same as installing without (such as, speed and messaging all appeared the same)

As directed in another thread (above) connecting directly via openSSL appears to be happy?

openssl s_client -connect XXX.102.7.147:443
CONNECTED(00000003)
write:errno=0
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 198 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1493384325
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
---
@Lukasa

This comment has been minimized.

Copy link
Collaborator

Lukasa commented Apr 28, 2017

Uh...OpenSSL is technically fine, but that OpenSSL negotiated no cipher (that is, it appears to have negotiated SSL_NULL_WITH_NULL_NULL. Can you run ssllabs against your server and check what cipher suites it supports?

@IceBearZero

This comment has been minimized.

Copy link

IceBearZero commented Apr 28, 2017

@Lukasa Its not exposed on the internet, is there some command line probe that I could fire off that could provide adequate insight for you?

@Lukasa

This comment has been minimized.

Copy link
Collaborator

Lukasa commented Apr 28, 2017

You could try cipherscan.

@IceBearZero

This comment has been minimized.

Copy link

IceBearZero commented Apr 28, 2017

@Lukasa got it installed ... its acting wonky (no output, watching it) ... will post back if I come up with anything that could be passed along. Thanks for the guidance!

@IceBearZero

This comment has been minimized.

Copy link

IceBearZero commented Apr 28, 2017

@Lukasa thanks so much for your help - never actually got cipherscan working - but corrected our issues. It had nothing to do with any of this, and was a silly IP mismatch across our environments ... lessons learned! thank you ...

@Lukasa

This comment has been minimized.

Copy link
Collaborator

Lukasa commented Apr 28, 2017

No problem at all, glad you got it sorted!

@maanich

This comment has been minimized.

Copy link

maanich commented Jun 15, 2018

streamlink -l debug httpstream://https://www.arconaitv.us/stream.php?id=43 worst
[cli][info] streamlink is running as root! Be careful!
[cli][debug] OS: Linux-4.14.0-041400-generic-x86_64-with-Ubuntu-14.04-trusty
[cli][debug] Python: 2.7.6
[cli][debug] Streamlink: 0.13.0+27.g2ff314c
[cli][debug] Requests(2.19.1), Socks(1.6.7), Websocket(0.48.0)
[cli][info] Found matching plugin http for URL httpstream://https://www.arconaitv.us/stream.php?id=43
[plugin.http][debug] URL=https://www.arconaitv.us/stream.php?id=43; params={}
[cli][info] Available streams: live (worst, best)
[cli][info] Opening stream: live (http)
[cli][debug] Pre-buffering 8192 bytes
[cli][info] Starting player: /usr/bin/vlc
[cli][debug] Writing stream to output
[cli][info] Stream ended
[cli][info] Closing currently open stream..

tried but no luck

@maanich

This comment has been minimized.

Copy link

maanich commented Jun 15, 2018

atlast got it working tvplayer on local pc . i installed tinyproxy in my local pc but in vps httpproxy xxxx not working .
is tinyproxy ok or i need some other proxy server to install in my local pc.

tinyproxy.txt

@nateprewitt

This comment has been minimized.

Copy link
Collaborator

nateprewitt commented Jun 15, 2018

Hi @maanich, this doesn’t appear to be directly related to this issue, or to be a defect report for Requests which is what this issue tracker is reserved for. If you have questions about system configuration, those will be best addressed on a platform like StackOverflow. Thanks!

@maanich

This comment has been minimized.

Copy link

maanich commented Jun 15, 2018

streamlink --https-proxy "http://8xxxx:8000/" --tvplayer-email mxcxxcx@gmail.com --tvplayer-password vcvdf3 --http-no-ssl-verify https://tvplayer.com/watch/itv best --player-no-close --stdout | /var/tmp/youtube/ffmpeg -y -i pipe:0 -vcodec copy -acodec copy -flags -global_header -hls_flags delete_segments -hls_time 10 -hls_list_size 6 /mnt/hls/arc.m3u8
ffmpeg version 4.0-static https://johnvansickle.com/ffmpeg/ Copyright (c) 2000-2018 the FFmpeg developers
built with gcc 6.3.0 (Debian 6.3.0-18+deb9u1) 20170516
configuration: --enable-gpl --enable-version3 --enable-static --disable-debug --disable-ffplay --disable-indev=sndio --disable-outdev=sndio --cc=gcc-6 --enable-libxml2 --enable-fontconfig --enable-frei0r --enable-gnutls --enable-gray --enable-libaom --enable-libfribidi --enable-libass --enable-libfreetype --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-librubberband --enable-libsoxr --enable-libspeex --enable-libvorbis --enable-libopus --enable-libtheora --enable-libvidstab --enable-libvo-amrwbenc --enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-libxvid --enable-libzimg
libavutil 56. 14.100 / 56. 14.100
libavcodec 58. 18.100 / 58. 18.100
libavformat 58. 12.100 / 58. 12.100
libavdevice 58. 3.100 / 58. 3.100
libavfilter 7. 16.100 / 7. 16.100
libswscale 5. 1.100 / 5. 1.100
libswresample 3. 1.100 / 3. 1.100
libpostproc 55. 1.100 / 55. 1.100
[console][info] streamlink is running as root! Be careful!
[console][info] Found matching plugin tvplayer for URL https://tvplayer.com/watch/itv
error: Unable to open URL: https://live.tvplayer.com/stream.m3u8?id=204&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cCo6XC9cL2xpdmUudHZwbGF5ZXIuY29tXC9zdHJlYW0ubTN1OD9pZD0yMDQiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE1MjkwNTc0OTR9LCJJcEFkZHJlc3MiOnsiQVdTOlNvdXJjZUlwIjoiNjIuMjEwLjE0Mi42NlwvMzIifX19XX0_&Signature=mHOteYcUu4QsbGD~~n0e~7meDUGT8VN7bVOBAHa-0Mk6ROA9XHYx3aIAZMAo3dFjOGuWk-3MszJzRFHdv~-CCsmX3D8XQa2zvzfuIWfMAT~yDshroXBN25iW6ZJ0-7lGla00jMTUpm5sW-uDy18OkiBWgGvDVas2Lz-EW~5-LTw2YWvEpqkvRB9OpcsHJj9RRQLuDVjwYKXwKvHTJmB1J~sGE3aigaL7AZyBaIAUMcpk-xYMpDuPV9BsBN9AT397lFfRPFt155u~yeBHZ4JlUN2GINUBt0-CzGuYVq3dsO~~kYYEZJo9cQTVhArpo7ek03VbDP5egtCM8obN63AEkA__&Key-Pair-Id=APKAJGWDVCU5SXAPJELQ (403 Client Error: Forbidden)
pipe:0: Invalid data found when processing input

advice please n what proxy server is good for streamlink if any

@kennethreitz kennethreitz locked as resolved and limited conversation to collaborators Jun 15, 2018

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.