From 29ad7fab7bd953b6870a1fc402950e70c35b07df Mon Sep 17 00:00:00 2001 From: Hills Date: Tue, 8 Oct 2019 08:08:53 +1100 Subject: [PATCH] Add a warning on old Python SSL/TLS certificates (#354) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The OSX message is [SSL: CERTIFICATE_VERIFY_FAILED] while trying to download files. While, the Linux Python message is less descriptive. Error downloading URL 'https://xxxx.xxx.xxx': . This hopefully reduces the stream of common issues raised during installation as a result of the change of Python TLS certs to 2048 or greater. This change relates to #133 #136 #140 #176 #6275 #6548 #6723 #9036 … and possibly more. Installation can be accomplished by installing the latest Python certificates (pip install certifi), symbolic linking a new python version, and relying on the python shebang line to run $ ./emsdk.py install latest. --- emsdk.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/emsdk.py b/emsdk.py index a734f17..1c2d15c 100755 --- a/emsdk.py +++ b/emsdk.py @@ -664,7 +664,9 @@ def download_file(url, dstpath, download_even_if_exists=False, filename_prefix=' print(']') sys.stdout.flush() except Exception as e: - print("Error downloading URL '" + url + "': " + str(e)) + print("Error: Downloading URL '" + url + "': " + str(e)) + if "SSL: CERTIFICATE_VERIFY_FAILED" in str(e) or "urlopen error unknown url type: https" in str(e): + print("Warning: Possibly SSL/TLS issue. Update or install Python SSL root certificates (2048-bit or greater) supplied in Python folder or https://pypi.org/project/certifi/ and try again.") rmfile(file_name) return None except KeyboardInterrupt: