Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Conditionally use HTTPS based on platform_version #240

Merged
merged 1 commit into from Oct 15, 2015

Conversation

Projects
None yet
1 participant
@miketheman
Copy link
Collaborator

miketheman commented Oct 15, 2015

Following #225.

CentOS 5 and earlier use an older version of yum, which embeds an older
version of M2Crypto, that when used against a modern cipher set (i.e. no
sslv3), fails when trying to retrieve the signing key with:

    ...
      File "/usr/lib64/python2.4/site-packages/M2Crypto/SSL/Connection.py",
line 167, in connect_ssl
        return m2.ssl_connect(self.ssl, self._timeout)
    M2Crypto.SSL.SSLError: sslv3 alert handshake failure

There doesn't seem to be any patches to update this behavior, so instead
switch on SSL for any system older than 6.x, continue to use http to
retrieve the key.

/cc @elafarge

Conditionally use HTTPS based on platform_version
Following #225.

CentOS 5 and earlier use an older version of yum, which embeds an older
version of M2Crypto, that when used against a modern cipher set (i.e. no
sslv3), fails when trying to retrieve the signing key with:

    ...
      File "/usr/lib64/python2.4/site-packages/M2Crypto/SSL/Connection.py",
line 167, in connect_ssl
        return m2.ssl_connect(self.ssl, self._timeout)
    M2Crypto.SSL.SSLError: sslv3 alert handshake failure

There doesn't seem to be any patches to update this behavior, so instead
switch on SSL for any system older than 6.x, continue to use http to
retrieve the key.

@miketheman miketheman added the bug label Oct 15, 2015

@miketheman miketheman added this to the Next minor milestone Oct 15, 2015

@miketheman miketheman self-assigned this Oct 15, 2015

miketheman added a commit that referenced this pull request Oct 15, 2015

Merge pull request #240 from DataDog/miketheman/yum_ssl
Conditionally use HTTPS based on platform_version

@miketheman miketheman merged commit 77bcca8 into master Oct 15, 2015

3 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details
coverage/coveralls Coverage remained the same at 100.0%
Details

@miketheman miketheman deleted the miketheman/yum_ssl branch Oct 15, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.