New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PROTOCOL_SSLv3 is not defined #434

Closed
rickhull opened this Issue Mar 25, 2015 · 6 comments

Comments

Projects
None yet
3 participants
@rickhull

rickhull commented Mar 25, 2015

Hi,

I cloned from master today and followed the instructions on the README, using virtualenv on Debian Jessie (testing).

bin/buildout -v succeeded, and then I tried bin/supervisord which had failures.

rwh@search-docker:~/workspace/mist.io (master)$ bin/supervisorctl status
celery                           RUNNING   pid 11950, uptime 0:08:27
haproxy                          RUNNING   pid 11947, uptime 0:08:27
memcache                         RUNNING   pid 11952, uptime 0:08:27
rabbitmq                         RUNNING   pid 11951, uptime 0:08:27
socketio                         FATAL     Exited too quickly (process log may have details)
uwsgi                            FATAL     Exited too quickly (process log may have details)
rwh@search-docker:~/workspace/mist.io (master)$ tail -n30 var/log/uwsgi-stdout---supervisor-c1M3ja.log 
added /home/rwh/workspace/mist.io/eggs/selenium-2.45.0-py2.7.egg/ to pythonpath.
added /home/rwh/workspace/mist.io/eggs/parse_type-0.3.4-py2.7.egg/ to pythonpath.
added /home/rwh/workspace/mist.io/eggs/MarkupSafe-0.23-py2.7-linux-x86_64.egg/ to pythonpath.
added /home/rwh/workspace/mist.io/eggs/enum34-1.0.4-py2.7.egg/ to pythonpath.
Loading paste environment: config:/home/rwh/workspace/mist.io/uwsgi.ini
2015-03-25 14:01:52,856 WARNING MainThread config - <module>: No settings.py file found.
Traceback (most recent call last):
  File "/home/rwh/workspace/mist.io/eggs/PasteDeploy-1.5.2-py2.7.egg/paste/deploy/loadwsgi.py", line 247, in loadapp
    return loadobj(APP, uri, name=name, **kw)
  File "/home/rwh/workspace/mist.io/eggs/PasteDeploy-1.5.2-py2.7.egg/paste/deploy/loadwsgi.py", line 272, in loadobj
    return context.create()
  File "/home/rwh/workspace/mist.io/eggs/PasteDeploy-1.5.2-py2.7.egg/paste/deploy/loadwsgi.py", line 710, in create
    return self.object_type.invoke(self)
  File "/home/rwh/workspace/mist.io/eggs/PasteDeploy-1.5.2-py2.7.egg/paste/deploy/loadwsgi.py", line 146, in invoke
    return fix_call(context.object, context.global_conf, **context.local_conf)
  File "/home/rwh/workspace/mist.io/eggs/PasteDeploy-1.5.2-py2.7.egg/paste/deploy/util.py", line 55, in fix_call
    val = callable(*args, **kw)
  File "/home/rwh/workspace/mist.io/src/mist/io/__init__.py", line 81, in main
    configurator.scan()
  File "/home/rwh/workspace/mist.io/eggs/pyramid-1.4-py2.7.egg/pyramid/config/__init__.py", line 947, in scan
    ignore=ignore)
  File "/home/rwh/workspace/mist.io/eggs/venusian-1.0-py2.7.egg/venusian/__init__.py", line 205, in scan
    __import__(modname)
  File "/home/rwh/workspace/mist.io/src/mist/io/sockio.py", line 16, in <module>
    from gevent.socket import wait_read, wait_write
  File "/home/rwh/workspace/mist.io/eggs/gevent-1.0.1-py2.7-linux-x86_64.egg/gevent/socket.py", line 659, in <module>
    from gevent.ssl import sslwrap_simple as ssl, SSLError as sslerror, SSLSocket as SSLType
  File "/home/rwh/workspace/mist.io/eggs/gevent-1.0.1-py2.7-linux-x86_64.egg/gevent/ssl.py", line 386, in <module>
    def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
NameError: name 'PROTOCOL_SSLv3' is not defined
rwh@search-docker:~/workspace/mist.io (master)$ tail -n40 var/log/socketio-stdout---supervisor-C1IM1A.log 

NameError: name 'PROTOCOL_SSLv3' is not defined
---------------------------------------------------------------------------
NameError                                 Traceback (most recent call last)
/home/rwh/workspace/mist.io/serve.py in <module>()
----> 1 from socketio.server import SocketIOServer
      2 from pyramid.paster import get_app
      3 from gevent import monkey; monkey.patch_all()
      4 
      5 if __name__ == '__main__':

/home/rwh/workspace/mist.io/eggs/gevent_socketio-0.3.6-py2.7.egg/socketio/server.py in <module>()
      4 from socket import error
      5 
----> 6 from gevent.pywsgi import WSGIServer
      7 
      8 from socketio.handler import SocketIOHandler

/home/rwh/workspace/mist.io/eggs/gevent-1.0.1-py2.7-linux-x86_64.egg/gevent/pywsgi.py in <module>()
     10 from urllib import unquote
     11 
---> 12 from gevent import socket
     13 import gevent
     14 from gevent.server import StreamServer

/home/rwh/workspace/mist.io/eggs/gevent-1.0.1-py2.7-linux-x86_64.egg/gevent/socket.py in <module>()
    657 
    658 try:
--> 659     from gevent.ssl import sslwrap_simple as ssl, SSLError as sslerror, SSLSocket as SSLType
    660     _have_ssl = True
    661 except ImportError:

/home/rwh/workspace/mist.io/eggs/gevent-1.0.1-py2.7-linux-x86_64.egg/gevent/ssl.py in <module>()
    384 
    385 
--> 386 def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
    387     """Retrieve the certificate from the server at the specified address,
    388     and return it as a PEM-encoded string.

NameError: name 'PROTOCOL_SSLv3' is not defined

I'm guessing I need another debian package installed, possibly a -dev package?

@rickhull

This comment has been minimized.

Show comment
Hide comment
@rickhull

rickhull Mar 25, 2015

Did some research, and it looks like Debian wankery has broken python-gevent for python 2.7.x in this respect. Perhaps this is specific to Jessie (testing) at this moment and maybe not an issue in Wheezy or Sid.

docker-library/python#29
gevent/gevent#513
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770616

Some specifics from my machine:

rwh@search-docker:~/workspace/mist.io (master)$ apt-cache policy python-gevent
python-gevent:
  Installed: (none)
  Candidate: 1.0.1-2
  Version table:
     1.0.1-2 0
        500 http://mirrors.ocf.berkeley.edu/debian/ jessie/main amd64 Packages
rwh@search-docker:~/workspace/mist.io (master)$ apt-cache policy python2.7
python2.7:
  Installed: 2.7.9-2
  Candidate: 2.7.9-2
  Version table:
 *** 2.7.9-2 0
        500 http://mirrors.ocf.berkeley.edu/debian/ jessie/main amd64 Packages
        100 /var/lib/dpkg/status

Notice that I don't have python-gevent Debian package installed, so I must be using an upstream python package. Note that I am pretty fuzzy on python packaging. I'm guessing that Debian's python-gevent may work, but I'm not sure how to make virtualenv (or whatever) use it.

rickhull commented Mar 25, 2015

Did some research, and it looks like Debian wankery has broken python-gevent for python 2.7.x in this respect. Perhaps this is specific to Jessie (testing) at this moment and maybe not an issue in Wheezy or Sid.

docker-library/python#29
gevent/gevent#513
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770616

Some specifics from my machine:

rwh@search-docker:~/workspace/mist.io (master)$ apt-cache policy python-gevent
python-gevent:
  Installed: (none)
  Candidate: 1.0.1-2
  Version table:
     1.0.1-2 0
        500 http://mirrors.ocf.berkeley.edu/debian/ jessie/main amd64 Packages
rwh@search-docker:~/workspace/mist.io (master)$ apt-cache policy python2.7
python2.7:
  Installed: 2.7.9-2
  Candidate: 2.7.9-2
  Version table:
 *** 2.7.9-2 0
        500 http://mirrors.ocf.berkeley.edu/debian/ jessie/main amd64 Packages
        100 /var/lib/dpkg/status

Notice that I don't have python-gevent Debian package installed, so I must be using an upstream python package. Note that I am pretty fuzzy on python packaging. I'm guessing that Debian's python-gevent may work, but I'm not sure how to make virtualenv (or whatever) use it.

@rickhull rickhull referenced this issue Mar 25, 2015

Closed

SSLv3 problem #1704

@rickhull

This comment has been minimized.

Show comment
Hide comment
@rickhull

rickhull Mar 26, 2015

While I expect this is fixed in Debian's python-gevent package, this has also been fixed in upstream gevent, but the fix has not been released:

gevent/gevent#517

rickhull commented Mar 26, 2015

While I expect this is fixed in Debian's python-gevent package, this has also been fixed in upstream gevent, but the fix has not been released:

gevent/gevent#517

@mgogoulos

This comment has been minimized.

Show comment
Hide comment
@mgogoulos

mgogoulos Mar 26, 2015

Member

Hi rickhull, indeed this seems a bug related to an updated gevent version. It is encountered in Debian jessie, not in wheezy or earlier versions.

The solution (as in https://github.com/gevent/gevent/pull/517/files)
is inside your virtualenv, edit file ssl.py

mist@buildout-test:~/mist.io$ pwd
/home/mist/mist.io
mist@buildout-test:~/mist.io$ vi eggs/gevent-1.0.1-py2.7-linux-x86_64.egg/gevent/ssl.py

and change

def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):

to

def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):

then all services start

mist@buildout-test:~/mist.io$ ./bin/supervisorctl status
celery                           RUNNING   pid 21949, uptime 0:03:41
haproxy                          RUNNING   pid 21946, uptime 0:03:41
memcache                         RUNNING   pid 21951, uptime 0:03:41
rabbitmq                         RUNNING   pid 21950, uptime 0:03:41
socketio                         RUNNING   pid 21947, uptime 0:03:41
uwsgi                            RUNNING   pid 21948, uptime 0:03:41

Cheers

Member

mgogoulos commented Mar 26, 2015

Hi rickhull, indeed this seems a bug related to an updated gevent version. It is encountered in Debian jessie, not in wheezy or earlier versions.

The solution (as in https://github.com/gevent/gevent/pull/517/files)
is inside your virtualenv, edit file ssl.py

mist@buildout-test:~/mist.io$ pwd
/home/mist/mist.io
mist@buildout-test:~/mist.io$ vi eggs/gevent-1.0.1-py2.7-linux-x86_64.egg/gevent/ssl.py

and change

def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):

to

def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):

then all services start

mist@buildout-test:~/mist.io$ ./bin/supervisorctl status
celery                           RUNNING   pid 21949, uptime 0:03:41
haproxy                          RUNNING   pid 21946, uptime 0:03:41
memcache                         RUNNING   pid 21951, uptime 0:03:41
rabbitmq                         RUNNING   pid 21950, uptime 0:03:41
socketio                         RUNNING   pid 21947, uptime 0:03:41
uwsgi                            RUNNING   pid 21948, uptime 0:03:41

Cheers

@rickhull

This comment has been minimized.

Show comment
Hide comment
@rickhull

rickhull Mar 28, 2015

Confirmed that this works, thanks! Feel free to close or tag this issue however is appropriate.

rickhull commented Mar 28, 2015

Confirmed that this works, thanks! Feel free to close or tag this issue however is appropriate.

@mgogoulos

This comment has been minimized.

Show comment
Hide comment
@mgogoulos

mgogoulos Mar 28, 2015

Member

Nice, let us know about your experience in mist.io, issues you've found, ideas etc.

Member

mgogoulos commented Mar 28, 2015

Nice, let us know about your experience in mist.io, issues you've found, ideas etc.

@mgogoulos mgogoulos closed this Mar 28, 2015

@ceremcem

This comment has been minimized.

Show comment
Hide comment
@ceremcem

ceremcem May 11, 2015

Thank you mgogoulos.

ceremcem commented May 11, 2015

Thank you mgogoulos.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment