Comment 1 by jteh on 2015-01-12 09:16
Server changes are done.

Comment 2 by James Teh <jamie@... on 2015-01-13 07:47
In [9bc81f7]:

Merge branch 't4716' into next

Incubates #4716.

Changes:
Added labels: incubating

Comment 3 by leonarddr on 2015-01-14 08:08
Currently, NVDA next-11478,349a1b9 reports an error when checking for updates.
DEBUGWARNING - updateCheck.UpdateChecker._bg (09:06:08): Error checking for update Traceback (most recent call last): File "updateCheck.pyc", line 103, in _bg File "updateCheck.pyc", line 70, in checkForUpdate File "urllib.pyc", line 87, in urlopen File "urllib.pyc", line 213, in open File "urllib.pyc", line 443, in open_https File "httplib.pyc", line 997, in endheaders File "httplib.pyc", line 850, in _send_output File "httplib.pyc", line 812, in send File "httplib.pyc", line 1216, in connect File "ssl.pyc", line 350, in wrap_socket File "ssl.pyc", line 566, in __init__ File "ssl.pyc", line 788, in do_handshake IOError: [socket error](Errno) [CERTIFICATE_VERIFY_FAILED](SSL:) certificate verify failed (_ssl.c:581)

Comment 5 by nvdakor on 2015-01-14 18:14
Hi,
A number of people are reporting that after next.11478, certificate validation fails when trying to retrieve an update and snapshot page itself doesn't show newer updates.
Thanks.

Comment 6 by nvdakor on 2015-01-15 01:26
Hi,
It appears that custom certificate might be sitting somewhere. Google searches point out that if you use custom certificates, Python 2.7.9's SSL module will throw the IOError described in #4803.
Pages of interest:

• An issue with a project hosted at Github: Python 2.7.9 fails due to CERTIFICATE_VERIFY_FAILED mtschirs/quizduellapi#2
• Stackoverflow thread on this issue: https://unix.stackexchange.com/questions/176294/what-should-i-do-about-python-2-7-9-not-looking-for-ssl-certificates-in-the-righ
• Free BSD and Python 2.7.9's SSL mechanism and issue: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196431
  Thanks.

Comment 7 by jteh (in reply to comment 6) on 2015-01-15 03:07
Replying to nvdakor:

It appears that custom certificate might be sitting somewhere.

Thanks for the research. The issues you mentioned relate to a custom certificate location on Unix or self-signed certificates. Neither of these is the case here. However, the lack of intermediate certificates on our server as discussed in #4803 could be the problem. I've fixed this now, so I'm awaiting feedback on #4803.

Comment 8 by James Teh <jamie@... on 2015-01-16 07:11
In [5950250]:

Merge branch 't4716' into next

Incubates #4716. Fixes #4803.

Comment 9 by James Teh <jamie@... on 2015-01-16 07:59
In [32fcf6a]:

Merge branch 't4716' into next

Incubates #4716.

Comment 10 by James Teh <jamie@... on 2015-01-30 05:25
In [447fadb]:

Downloading of NVDA updates is now more secure. (Specifically, the update information is retrieved via https and the hash of the file is verified after it is downloaded.)

Fixes #4716.

Changes:
Removed labels: incubating
State: closed

Comment 11 by jteh on 2015-01-30 05:26
Changes:
Milestone changed from None to 2015.1