PROTOCOL_SSLv3 is not defined #434

Closed
rickhull opened this Issue Mar 25, 2015 · 6 comments

Projects

None yet

3 participants

@rickhull

Hi,

I cloned from master today and followed the instructions on the README, using virtualenv on Debian Jessie (testing).

bin/buildout -v succeeded, and then I tried bin/supervisord which had failures.

rwh@search-docker:~/workspace/mist.io (master)$ bin/supervisorctl status
celery                           RUNNING   pid 11950, uptime 0:08:27
haproxy                          RUNNING   pid 11947, uptime 0:08:27
memcache                         RUNNING   pid 11952, uptime 0:08:27
rabbitmq                         RUNNING   pid 11951, uptime 0:08:27
socketio                         FATAL     Exited too quickly (process log may have details)
uwsgi                            FATAL     Exited too quickly (process log may have details)
rwh@search-docker:~/workspace/mist.io (master)$ tail -n30 var/log/uwsgi-stdout---supervisor-c1M3ja.log 
added /home/rwh/workspace/mist.io/eggs/selenium-2.45.0-py2.7.egg/ to pythonpath.
added /home/rwh/workspace/mist.io/eggs/parse_type-0.3.4-py2.7.egg/ to pythonpath.
added /home/rwh/workspace/mist.io/eggs/MarkupSafe-0.23-py2.7-linux-x86_64.egg/ to pythonpath.
added /home/rwh/workspace/mist.io/eggs/enum34-1.0.4-py2.7.egg/ to pythonpath.
Loading paste environment: config:/home/rwh/workspace/mist.io/uwsgi.ini
2015-03-25 14:01:52,856 WARNING MainThread config - <module>: No settings.py file found.
Traceback (most recent call last):
  File "/home/rwh/workspace/mist.io/eggs/PasteDeploy-1.5.2-py2.7.egg/paste/deploy/loadwsgi.py", line 247, in loadapp
    return loadobj(APP, uri, name=name, **kw)
  File "/home/rwh/workspace/mist.io/eggs/PasteDeploy-1.5.2-py2.7.egg/paste/deploy/loadwsgi.py", line 272, in loadobj
    return context.create()
  File "/home/rwh/workspace/mist.io/eggs/PasteDeploy-1.5.2-py2.7.egg/paste/deploy/loadwsgi.py", line 710, in create
    return self.object_type.invoke(self)
  File "/home/rwh/workspace/mist.io/eggs/PasteDeploy-1.5.2-py2.7.egg/paste/deploy/loadwsgi.py", line 146, in invoke
    return fix_call(context.object, context.global_conf, **context.local_conf)
  File "/home/rwh/workspace/mist.io/eggs/PasteDeploy-1.5.2-py2.7.egg/paste/deploy/util.py", line 55, in fix_call
    val = callable(*args, **kw)
  File "/home/rwh/workspace/mist.io/src/mist/io/__init__.py", line 81, in main
    configurator.scan()
  File "/home/rwh/workspace/mist.io/eggs/pyramid-1.4-py2.7.egg/pyramid/config/__init__.py", line 947, in scan
    ignore=ignore)
  File "/home/rwh/workspace/mist.io/eggs/venusian-1.0-py2.7.egg/venusian/__init__.py", line 205, in scan
    __import__(modname)
  File "/home/rwh/workspace/mist.io/src/mist/io/sockio.py", line 16, in <module>
    from gevent.socket import wait_read, wait_write
  File "/home/rwh/workspace/mist.io/eggs/gevent-1.0.1-py2.7-linux-x86_64.egg/gevent/socket.py", line 659, in <module>
    from gevent.ssl import sslwrap_simple as ssl, SSLError as sslerror, SSLSocket as SSLType
  File "/home/rwh/workspace/mist.io/eggs/gevent-1.0.1-py2.7-linux-x86_64.egg/gevent/ssl.py", line 386, in <module>
    def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
NameError: name 'PROTOCOL_SSLv3' is not defined
rwh@search-docker:~/workspace/mist.io (master)$ tail -n40 var/log/socketio-stdout---supervisor-C1IM1A.log 

NameError: name 'PROTOCOL_SSLv3' is not defined
---------------------------------------------------------------------------
NameError                                 Traceback (most recent call last)
/home/rwh/workspace/mist.io/serve.py in <module>()
----> 1 from socketio.server import SocketIOServer
      2 from pyramid.paster import get_app
      3 from gevent import monkey; monkey.patch_all()
      4 
      5 if __name__ == '__main__':

/home/rwh/workspace/mist.io/eggs/gevent_socketio-0.3.6-py2.7.egg/socketio/server.py in <module>()
      4 from socket import error
      5 
----> 6 from gevent.pywsgi import WSGIServer
      7 
      8 from socketio.handler import SocketIOHandler

/home/rwh/workspace/mist.io/eggs/gevent-1.0.1-py2.7-linux-x86_64.egg/gevent/pywsgi.py in <module>()
     10 from urllib import unquote
     11 
---> 12 from gevent import socket
     13 import gevent
     14 from gevent.server import StreamServer

/home/rwh/workspace/mist.io/eggs/gevent-1.0.1-py2.7-linux-x86_64.egg/gevent/socket.py in <module>()
    657 
    658 try:
--> 659     from gevent.ssl import sslwrap_simple as ssl, SSLError as sslerror, SSLSocket as SSLType
    660     _have_ssl = True
    661 except ImportError:

/home/rwh/workspace/mist.io/eggs/gevent-1.0.1-py2.7-linux-x86_64.egg/gevent/ssl.py in <module>()
    384 
    385 
--> 386 def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
    387     """Retrieve the certificate from the server at the specified address,
    388     and return it as a PEM-encoded string.

NameError: name 'PROTOCOL_SSLv3' is not defined

I'm guessing I need another debian package installed, possibly a -dev package?

@rickhull

Did some research, and it looks like Debian wankery has broken python-gevent for python 2.7.x in this respect. Perhaps this is specific to Jessie (testing) at this moment and maybe not an issue in Wheezy or Sid.

docker-library/python#29
gevent/gevent#513
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770616

Some specifics from my machine:

rwh@search-docker:~/workspace/mist.io (master)$ apt-cache policy python-gevent
python-gevent:
  Installed: (none)
  Candidate: 1.0.1-2
  Version table:
     1.0.1-2 0
        500 http://mirrors.ocf.berkeley.edu/debian/ jessie/main amd64 Packages
rwh@search-docker:~/workspace/mist.io (master)$ apt-cache policy python2.7
python2.7:
  Installed: 2.7.9-2
  Candidate: 2.7.9-2
  Version table:
 *** 2.7.9-2 0
        500 http://mirrors.ocf.berkeley.edu/debian/ jessie/main amd64 Packages
        100 /var/lib/dpkg/status

Notice that I don't have python-gevent Debian package installed, so I must be using an upstream python package. Note that I am pretty fuzzy on python packaging. I'm guessing that Debian's python-gevent may work, but I'm not sure how to make virtualenv (or whatever) use it.

@rickhull rickhull referenced this issue in hypothesis/h Mar 25, 2015
Closed

SSLv3 problem #1704

@rickhull

While I expect this is fixed in Debian's python-gevent package, this has also been fixed in upstream gevent, but the fix has not been released:

gevent/gevent#517

@mgogoulos
Member

Hi rickhull, indeed this seems a bug related to an updated gevent version. It is encountered in Debian jessie, not in wheezy or earlier versions.

The solution (as in https://github.com/gevent/gevent/pull/517/files)
is inside your virtualenv, edit file ssl.py

mist@buildout-test:~/mist.io$ pwd
/home/mist/mist.io
mist@buildout-test:~/mist.io$ vi eggs/gevent-1.0.1-py2.7-linux-x86_64.egg/gevent/ssl.py

and change

def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):

to

def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):

then all services start

mist@buildout-test:~/mist.io$ ./bin/supervisorctl status
celery                           RUNNING   pid 21949, uptime 0:03:41
haproxy                          RUNNING   pid 21946, uptime 0:03:41
memcache                         RUNNING   pid 21951, uptime 0:03:41
rabbitmq                         RUNNING   pid 21950, uptime 0:03:41
socketio                         RUNNING   pid 21947, uptime 0:03:41
uwsgi                            RUNNING   pid 21948, uptime 0:03:41

Cheers

@rickhull

Confirmed that this works, thanks! Feel free to close or tag this issue however is appropriate.

@mgogoulos
Member

Nice, let us know about your experience in mist.io, issues you've found, ideas etc.

@mgogoulos mgogoulos closed this Mar 28, 2015
@ceremcem

Thank you mgogoulos.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment