hg/python issues on Sierra(OS X 10.12.6)
Lance Andersen
lance.andersen at oracle.com
Sun Jul 14 20:55:59 UTC 2019
Hi,
I have run into a problem that appears to be an issue with a recent change somewhere now needs python to use TLS 1.2 and the MAC version on OS X 10.12.6 (Sierra) of Python uses TLS 1.0.
I am running the following version of hg:
—————
$ hg --version
Mercurial Distributed SCM (version 4.0.1)
(see https://mercurial-scm.org for more information)
Copyright (C) 2005-2016 Matt Mackall and others
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
ljanders-mac:JDK13-examples ljanders$
——
When I tried to do an hg pull, I started receiving the following error last week:
—————
$ sh get_source.sh
pull_default_tail jdk/jdk
No repositories to process.
# Repositories: . open
.: cd . && hg pull -u
open: cd open && hg pull -u
.: pulling from http://closedjdk.us.oracle.com/jdk/jdk
open: pulling from http://hg.openjdk.java.net/jdk/jdk
open: searching for changes
open: adding changesets
.: searching for changes
open: adding manifests
.: adding changesets
.: adding manifests
.: adding file changes
.: added 64 changesets with 141 changes to 104 files
open: adding file changes
.: error: pretxnchangegroup hook raised an exception: <urlopen error [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:590)>
.: transaction abort!
.: rollback completed
.: abort: error: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:590)
open: added 226 changesets with 1670 changes to 1471 files
open: error: pretxnchangegroup hook raised an exception: <urlopen error [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:590)>
open: transaction abort!
open: rollback completed
open: abort: error: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:590)
WARNING: open exited abnormally (255)
——
The version of python on Sierra is:
————
/System/Library/Frameworks/Python.framework/Versions/2.7/Resources/Python.app/Contents/MacOS/Python -V
Python 2.7.10
/usr/bin/python -V
Python 2.7.10
—
It appears that hg uses the following python path in the hg script.
————
/System/Library/Frameworks/Python.framework/Versions/2.7/Resources/Python.app/Contents/MacOS/Python
——
So I tried to install a newer version of python2 vis brew and then from https://www.python.org/downloads/release/python-2716/
This does not seem to update version of python at
---------
/System/Library/Frameworks/Python.framework/Versions/2.7/Resources/Python.app/Contents/MacOS/Python
————
and updates /usr/local/bin
I verified that using the latest version of python that it should resolve the jcheck.py issue via the attached python script which emulates what jheck.py does for accessing https://db.openjdk.java.net/people
Also, it appears from googling it is not possible to update the OS X version of Python, I tried to update the hg script to point to the newer version of python but received the following error:
————————
$ hg.new pull
abort: couldn't find mercurial libraries in [/usr/Library/Python/2.7/site-packages /usr/local/bin /Library/Frameworks/Python.framework/Versions/2.7/lib/python27.zip /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7 /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/plat-darwin /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/plat-mac /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/plat-mac/lib-scriptpackages /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/lib-tk /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/lib-old /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/lib-dynload /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages]
(check your install and PYTHONPATH)
————
Not sure how to resolve the above.
Best
Lance
p.s
you install python from https://www.python.org/downloads/release/python-2716/, you will also need to do the following:
———
$ pwd
/Applications/Python 2.7
ljanders-mac:Python 2.7 ljanders$ ls
Extras Icon? License.rtf Python Launcher.app Update Shell Profile.command
IDLE.app Install Certificates.command Python Documentation.html ReadMe.rtf
ljanders-mac:Python 2.7 ljanders$ ./Install\ Certificates.command
-- pip install --upgrade certifi
Collecting certifi
Downloading https://files.pythonhosted.org/packages/69/1b/b853c7a9d4f6a6d00749e94eb6f3a041e342a885b87340b79c1ef73e3a78/certifi-2019.6.16-py2.py3-none-any.whl (157kB)
100% |████████████████████████████████| 163kB 2.4MB/s
Installing collected packages: certifi
Successfully installed certifi-2019.6.16
You are using pip version 18.1, however version 19.1.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
-- removing any existing file or link
-- creating symlink to certifi certificate bundle
-- setting permissions
-- update complete
ljanders-mac:Python 2.7 ljanders$
—
If you do not you will receive the following error accessing an https URL (you could also work around it by:
export PYTHONHTTPSVERIFY=0), for example:
$ python URLTest.py
Testing urllib2!
Loading author names ...
accessing db.open.jdk.java.net/people.
calling urlopen
Traceback (most recent call last):
File "URLTest.py", line 28, in <module>
load_authors()
File "URLTest.py", line 17, in load_authors
f = urllib2.urlopen(req)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 154, in urlopen
return opener.open(url, data, timeout)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 429, in open
response = self._open(req, data)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 447, in _open
'_open', req)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 407, in _call_chain
result = func(*args)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 1241, in https_open
context=self._context)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/urllib2.py", line 1198, in do_open
raise URLError(err)
urllib2.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727)>
ljanders-mac:JDK13-examples ljanders$
<http://oracle.com/us/design/oracle-email-sig-198324.gif>
<http://oracle.com/us/design/oracle-email-sig-198324.gif> <http://oracle.com/us/design/oracle-email-sig-198324.gif>
<http://oracle.com/us/design/oracle-email-sig-198324.gif>Lance Andersen| Principal Member of Technical Staff | +1.781.442.2037
Oracle Java Engineering
1 Network Drive
Burlington, MA 01803
Lance.Andersen at oracle.com <mailto:Lance.Andersen at oracle.com>
More information about the build-dev
mailing list