Project

General

Profile

Scénario #18237

Éliminer les derniers SSLv23 de nos codes python

Added by Daniel Dehennin about 3 years ago. Updated about 3 years ago.

Status:
Terminé (Sprint)
Priority:
Normal
Assigned To:
Category:
-
Start date:
01/11/2017
Due date:
01/20/2017
% Done:

100%

Estimated time:
(Total: 2.00 h)
Spent time:
0.75 h (Total: 1.90 h)
Story points:
3.0
Remaining (hours):
0.00 hour
Velocity based estimate:
1 days
Release:
Release relationship:
Auto

Description

En étudiant un problème d’enregistrement zéphir avec un certificat intermédiaire il est apparût que ce dernier avait toujours le SSLv23 d’actif.

Un rapide grep sur nos source montre que plusieurs projets l’utilisent encore :

da@boulot:~$ rgrep -F SSL.Context src/eole/
Fichier binaire src/eole/controle-vnc-applis/professeurs/gestion-postes/library.zip correspondant
src/eole/creole/creole/cert.py:        ctx = SSL.Context(SSL.SSLv23_METHOD)
src/eole/eole-sso/eolesso/libsecure.py:        ctx = SSL.Context()
src/eole/horus-backend/data/serveur.py:        ctx = SSL.Context(SSL.SSLv23_METHOD)
src/eole/zephir-parc/python/zephir/certificats.py:        ctx = SSL.Context(SSL.SSLv23_METHOD) --> packagé (2.6.X)

Il faudrait éliminer tout cela et étudier l’impact d’un backport.


Subtasks

Tâche #18613: Forcer TLS dans le context SSL du backend horusFerméDaniel Dehennin

Tâche #18614: Forcer TLS dans le context SSL de cert.pyFerméDaniel Dehennin

Associated revisions

Revision 9502522e (diff)
Added by Bruno Boiget about 3 years ago

Services Zéphir : méthode forcée à TLS_v1 dans le contexte SSL

ref #18237 @15m

History

#1 Updated by Daniel Dehennin about 3 years ago

  • Description updated (diff)

#2 Updated by Daniel Dehennin about 3 years ago

  • Story points set to 3.0

#3 Updated by Bruno Boiget about 3 years ago

  • Description updated (diff)

#4 Updated by Luc Bourdot about 3 years ago

  • Due date set to 01/20/2017
  • Target version set to sprint 2017 1-3 Equipe MENSR
  • Start date set to 01/03/2017

#5 Updated by Joël Cuissinat about 3 years ago

  • Assigned To set to force verte

#6 Updated by Joël Cuissinat about 3 years ago

  • Status changed from Nouveau to Terminé (Sprint)

Also available in: Atom PDF