Scénario #11490: Réactiver SSLv3 sur les projets python - Distribution EOLE - Ensemble Ouvert Libre Évolutif

Scénario #11490

Réactiver SSLv3 sur les projets python

Added by Daniel Dehennin almost 8 years ago. Updated almost 8 years ago.

Status:

Terminé (Sprint)

Priority:

Normal

Assigned To:

force violette

Category:

Target version:

Sprint_2015_20-22 - Équipe MENESR

Start date:

05/13/2015

Due date:

05/29/2015

% Done:

100%

Estimated time:

(Total: 2.00 h)

Spent time:

(Total: 0.75 h)

Story points:

1.0

Remaining (hours):

0.00 hour

Velocity based estimate:

Release:

EOLE 2.3 (ultimes demandes)

Release relationship:

Auto

Subtasks

Related issues

History

#1 Updated by Daniel Dehennin almost 8 years ago

Distribution changed from EOLE 2.5 to EOLE 2.3

La désactivation du SSLv3 fait planter les applications utilisant la bibliothèque SSL de python.

Dès qu’il faut valider un token SSO, ça plante, par exemple, pour EOP sur 2.3:

root@scribe:~# cat /var/log/eoleflask/eop.log 
Exception on /login [GET]
Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.6/flask/app.py", line 1504, in wsgi_app
    response = self.full_dispatch_request()
  File "/usr/lib/pymodules/python2.6/flask/app.py", line 1264, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/usr/lib/pymodules/python2.6/flask/app.py", line 1262, in full_dispatch_request
    rv = self.dispatch_request()
  File "/usr/lib/pymodules/python2.6/flask/app.py", line 1248, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/usr/lib/pymodules/python2.6/eop/views.py", line 96, in login
    return user.authenticate()
  File "/usr/lib/pymodules/python2.6/eop/cas.py", line 55, in authenticate
    if self.is_authenticated():
  File "/usr/lib/pymodules/python2.6/eop/cas.py", line 75, in is_authenticated
    username = self.validate(request.args.get('ticket'))
  File "/usr/lib/pymodules/python2.6/eop/cas.py", line 92, in validate
    f_validate   = urllib.urlopen(cas_validate)
  File "/usr/lib/python2.6/urllib.py", line 86, in urlopen
    return opener.open(url)
  File "/usr/lib/python2.6/urllib.py", line 205, in open
    return getattr(self, name)(url)
  File "/usr/lib/python2.6/urllib.py", line 439, in open_https
    h.endheaders()
  File "/usr/lib/python2.6/httplib.py", line 904, in endheaders
    self._send_output()
  File "/usr/lib/python2.6/httplib.py", line 776, in _send_output
    self.send(msg)
  File "/usr/lib/python2.6/httplib.py", line 735, in send
    self.connect()
  File "/usr/lib/python2.6/httplib.py", line 1112, in connect
    self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file)
  File "/usr/lib/python2.6/ssl.py", line 350, in wrap_socket
    suppress_ragged_eofs=suppress_ragged_eofs)
  File "/usr/lib/python2.6/ssl.py", line 118, in __init__
    self.do_handshake()
  File "/usr/lib/python2.6/ssl.py", line 293, in do_handshake
    self._sslobj.do_handshake()
IOError: [Errno socket error] [Errno 8] _ssl.c:480: EOF occurred in violation of protocol

Que ce soit urllib ou urllib2 c’est pareil.

#2 Updated by Scrum Master almost 8 years ago

Due date set to 05/29/2015
Target version set to Sprint_2015_20-22 - Équipe MENESR
Start date set to 05/11/2015

#3 Updated by Joël Cuissinat almost 8 years ago

Assigned To set to force violette

#4 Updated by Scrum Master almost 8 years ago

Story points set to 1.0

#5 Updated by Daniel Dehennin almost 8 years ago

Project changed from ead to Distribution EOLE

#6 Updated by Joël Cuissinat almost 8 years ago

Status changed from Nouveau to Terminé (Sprint)

Also available in: Atom PDF

	Related to EoleSSO - Tâche #11329: Désactiver le SSLv3 sur EoleSSO	Fermé	04/20/2015
	Related to ead - Tâche #11332: Désactiver le SSLv3 sur l'EAD	Fermé	04/20/2015

Project

General

Profile

Distribution EOLE

Issues

Custom queries