PROTOCOL_SSLv3 is not defined #434

rickhull opened this Issue Mar 25, 2015 · 6 comments


None yet

3 participants



I cloned from master today and followed the instructions on the README, using virtualenv on Debian Jessie (testing).

bin/buildout -v succeeded, and then I tried bin/supervisord which had failures.

rwh@search-docker:~/workspace/ (master)$ bin/supervisorctl status
celery                           RUNNING   pid 11950, uptime 0:08:27
haproxy                          RUNNING   pid 11947, uptime 0:08:27
memcache                         RUNNING   pid 11952, uptime 0:08:27
rabbitmq                         RUNNING   pid 11951, uptime 0:08:27
socketio                         FATAL     Exited too quickly (process log may have details)
uwsgi                            FATAL     Exited too quickly (process log may have details)
rwh@search-docker:~/workspace/ (master)$ tail -n30 var/log/uwsgi-stdout---supervisor-c1M3ja.log 
added /home/rwh/workspace/ to pythonpath.
added /home/rwh/workspace/ to pythonpath.
added /home/rwh/workspace/ to pythonpath.
added /home/rwh/workspace/ to pythonpath.
Loading paste environment: config:/home/rwh/workspace/
2015-03-25 14:01:52,856 WARNING MainThread config - <module>: No file found.
Traceback (most recent call last):
  File "/home/rwh/workspace/", line 247, in loadapp
    return loadobj(APP, uri, name=name, **kw)
  File "/home/rwh/workspace/", line 272, in loadobj
    return context.create()
  File "/home/rwh/workspace/", line 710, in create
    return self.object_type.invoke(self)
  File "/home/rwh/workspace/", line 146, in invoke
    return fix_call(context.object, context.global_conf, **context.local_conf)
  File "/home/rwh/workspace/", line 55, in fix_call
    val = callable(*args, **kw)
  File "/home/rwh/workspace/", line 81, in main
  File "/home/rwh/workspace/", line 947, in scan
  File "/home/rwh/workspace/", line 205, in scan
  File "/home/rwh/workspace/", line 16, in <module>
    from gevent.socket import wait_read, wait_write
  File "/home/rwh/workspace/", line 659, in <module>
    from gevent.ssl import sslwrap_simple as ssl, SSLError as sslerror, SSLSocket as SSLType
  File "/home/rwh/workspace/", line 386, in <module>
    def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
NameError: name 'PROTOCOL_SSLv3' is not defined
rwh@search-docker:~/workspace/ (master)$ tail -n40 var/log/socketio-stdout---supervisor-C1IM1A.log 

NameError: name 'PROTOCOL_SSLv3' is not defined
NameError                                 Traceback (most recent call last)
/home/rwh/workspace/ in <module>()
----> 1 from socketio.server import SocketIOServer
      2 from pyramid.paster import get_app
      3 from gevent import monkey; monkey.patch_all()
      5 if __name__ == '__main__':

/home/rwh/workspace/ in <module>()
      4 from socket import error
----> 6 from gevent.pywsgi import WSGIServer
      8 from socketio.handler import SocketIOHandler

/home/rwh/workspace/ in <module>()
     10 from urllib import unquote
---> 12 from gevent import socket
     13 import gevent
     14 from gevent.server import StreamServer

/home/rwh/workspace/ in <module>()
    658 try:
--> 659     from gevent.ssl import sslwrap_simple as ssl, SSLError as sslerror, SSLSocket as SSLType
    660     _have_ssl = True
    661 except ImportError:

/home/rwh/workspace/ in <module>()
--> 386 def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
    387     """Retrieve the certificate from the server at the specified address,
    388     and return it as a PEM-encoded string.

NameError: name 'PROTOCOL_SSLv3' is not defined

I'm guessing I need another debian package installed, possibly a -dev package?


Did some research, and it looks like Debian wankery has broken python-gevent for python 2.7.x in this respect. Perhaps this is specific to Jessie (testing) at this moment and maybe not an issue in Wheezy or Sid.


Some specifics from my machine:

rwh@search-docker:~/workspace/ (master)$ apt-cache policy python-gevent
  Installed: (none)
  Candidate: 1.0.1-2
  Version table:
     1.0.1-2 0
        500 jessie/main amd64 Packages
rwh@search-docker:~/workspace/ (master)$ apt-cache policy python2.7
  Installed: 2.7.9-2
  Candidate: 2.7.9-2
  Version table:
 *** 2.7.9-2 0
        500 jessie/main amd64 Packages
        100 /var/lib/dpkg/status

Notice that I don't have python-gevent Debian package installed, so I must be using an upstream python package. Note that I am pretty fuzzy on python packaging. I'm guessing that Debian's python-gevent may work, but I'm not sure how to make virtualenv (or whatever) use it.

@rickhull rickhull referenced this issue in hypothesis/h Mar 25, 2015

SSLv3 problem #1704


While I expect this is fixed in Debian's python-gevent package, this has also been fixed in upstream gevent, but the fix has not been released:



Hi rickhull, indeed this seems a bug related to an updated gevent version. It is encountered in Debian jessie, not in wheezy or earlier versions.

The solution (as in
is inside your virtualenv, edit file

mist@buildout-test:~/$ pwd
mist@buildout-test:~/$ vi eggs/gevent-1.0.1-py2.7-linux-x86_64.egg/gevent/

and change

def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):


def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):

then all services start

mist@buildout-test:~/$ ./bin/supervisorctl status
celery                           RUNNING   pid 21949, uptime 0:03:41
haproxy                          RUNNING   pid 21946, uptime 0:03:41
memcache                         RUNNING   pid 21951, uptime 0:03:41
rabbitmq                         RUNNING   pid 21950, uptime 0:03:41
socketio                         RUNNING   pid 21947, uptime 0:03:41
uwsgi                            RUNNING   pid 21948, uptime 0:03:41



Confirmed that this works, thanks! Feel free to close or tag this issue however is appropriate.


Nice, let us know about your experience in, issues you've found, ideas etc.

@mgogoulos mgogoulos closed this Mar 28, 2015

Thank you mgogoulos.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment