Scénario #11490
Réactiver SSLv3 sur les projets python
Status:
Terminé (Sprint)
Priority:
Normal
Assigned To:
Category:
-
Target version:
Start date:
05/13/2015
Due date:
05/29/2015
% Done:
100%
Estimated time:
(Total: 2.00 h)
Spent time:
(Total: 0.75 h)
Story points:
1.0
Remaining (hours):
0.00 hour
Velocity based estimate:
Release:
Release relationship:
Auto
Subtasks
Related issues
History
#1 Updated by Daniel Dehennin over 8 years ago
- Distribution changed from EOLE 2.5 to EOLE 2.3
La désactivation du SSLv3 fait planter les applications utilisant la bibliothèque SSL de python.
Dès qu’il faut valider un token SSO, ça plante, par exemple, pour EOP sur 2.3:
root@scribe:~# cat /var/log/eoleflask/eop.log Exception on /login [GET] Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/flask/app.py", line 1504, in wsgi_app response = self.full_dispatch_request() File "/usr/lib/pymodules/python2.6/flask/app.py", line 1264, in full_dispatch_request rv = self.handle_user_exception(e) File "/usr/lib/pymodules/python2.6/flask/app.py", line 1262, in full_dispatch_request rv = self.dispatch_request() File "/usr/lib/pymodules/python2.6/flask/app.py", line 1248, in dispatch_request return self.view_functions[rule.endpoint](**req.view_args) File "/usr/lib/pymodules/python2.6/eop/views.py", line 96, in login return user.authenticate() File "/usr/lib/pymodules/python2.6/eop/cas.py", line 55, in authenticate if self.is_authenticated(): File "/usr/lib/pymodules/python2.6/eop/cas.py", line 75, in is_authenticated username = self.validate(request.args.get('ticket')) File "/usr/lib/pymodules/python2.6/eop/cas.py", line 92, in validate f_validate = urllib.urlopen(cas_validate) File "/usr/lib/python2.6/urllib.py", line 86, in urlopen return opener.open(url) File "/usr/lib/python2.6/urllib.py", line 205, in open return getattr(self, name)(url) File "/usr/lib/python2.6/urllib.py", line 439, in open_https h.endheaders() File "/usr/lib/python2.6/httplib.py", line 904, in endheaders self._send_output() File "/usr/lib/python2.6/httplib.py", line 776, in _send_output self.send(msg) File "/usr/lib/python2.6/httplib.py", line 735, in send self.connect() File "/usr/lib/python2.6/httplib.py", line 1112, in connect self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file) File "/usr/lib/python2.6/ssl.py", line 350, in wrap_socket suppress_ragged_eofs=suppress_ragged_eofs) File "/usr/lib/python2.6/ssl.py", line 118, in __init__ self.do_handshake() File "/usr/lib/python2.6/ssl.py", line 293, in do_handshake self._sslobj.do_handshake() IOError: [Errno socket error] [Errno 8] _ssl.c:480: EOF occurred in violation of protocol
Que ce soit urllib ou urllib2 c’est pareil.
#2 Updated by Scrum Master over 8 years ago
- Due date set to 05/29/2015
- Target version set to Sprint_2015_20-22 - Équipe MENESR
- Start date set to 05/11/2015
#3 Updated by Joël Cuissinat over 8 years ago
- Assigned To set to force violette
#4 Updated by Scrum Master over 8 years ago
- Story points set to 1.0
#5 Updated by Daniel Dehennin over 8 years ago
- Project changed from ead to Distribution EOLE
#6 Updated by Joël Cuissinat over 8 years ago
- Status changed from Nouveau to Terminé (Sprint)