[Pulp-list] Pulp 2.3.1 requires SSLv3 enabled? re: POODLE vulnerability
Christina Plummer
cplummer at gmail.com
Fri Oct 17 21:33:26 UTC 2014
Hello Pulp folks,
I am running Pulp 2.3.1. When the SSLv3 POODLE vulnerability was reported
earlier this week, I dutifully went out to my Pulp servers and disabled
SSLv3 in the httpd config to mitigate the issue. But then I discovered I
could no longer run pulp-admin commands.
Can I force pulp to use TLS instead of SSLv3?
The errors in my .pulp/admin.log file were:
2014-10-17 21:23:41,795 - ERROR - Client-side exception occurred
Traceback (most recent call last):
File "/usr/lib/python2.6/site-packages/pulp/client/extensions/core.py",
line 478, in run
exit_code = Cli.run(self, args)
File "/usr/lib/python2.6/site-packages/okaara/cli.py", line 974, in run
exit_code = command_or_section.execute(self.prompt, remaining_args)
File
"/usr/lib/python2.6/site-packages/pulp/client/extensions/extensions.py",
line 224, in execute
return self.method(*arg_list, **clean_kwargs)
File
"/usr/lib/python2.6/site-packages/pulp_rpm/extension/admin/contents.py",
line 204, in package_search
self.run_search([self.type_id], out_func=out_func, **kwargs)
File
"/usr/lib/python2.6/site-packages/pulp_rpm/extension/admin/contents.py",
line 154, in run_search
units = self.context.server.repo_unit.search(repo_id,
**kwargs).response_body
File "/usr/lib/python2.6/site-packages/pulp/bindings/repository.py", line
439, in search
return self.server.POST(path, data)
File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line
102, in POST
return self._request('POST', path, body=body,
ensure_encoding=ensure_encoding)
File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line
146, in _request
response_code, response_body = self.server_wrapper.request(method, url,
body)
File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line
295, in request
connection.request(method, url, body=body, headers=headers)
File "/usr/lib64/python2.6/httplib.py", line 914, in request
self._send_request(method, url, body, headers)
File "/usr/lib64/python2.6/httplib.py", line 951, in _send_request
self.endheaders()
File "/usr/lib64/python2.6/httplib.py", line 908, in endheaders
self._send_output()
File "/usr/lib64/python2.6/httplib.py", line 780, in _send_output
self.send(msg)
File "/usr/lib64/python2.6/httplib.py", line 739, in send
self.connect()
File "/usr/lib64/python2.6/site-packages/M2Crypto/httpslib.py", line 50,
in connect
self.sock.connect((self.host, self.port))
File "/usr/lib64/python2.6/site-packages/M2Crypto/SSL/Connection.py",
line 185, in connect
ret = self.connect_ssl()
File "/usr/lib64/python2.6/site-packages/M2Crypto/SSL/Connection.py",
line 178, in connect_ssl
return m2.ssl_connect(self.ssl, self._timeout)
SSLError: sslv3 alert handshake failure
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20141017/084e3e81/attachment.htm>
More information about the Pulp-list
mailing list