Issue2437
Created on 2015-11-25.03:50:44 by teeohhem, last changed 2016-01-06.15:59:14 by zyasoft.
msg10508 (view) |
Author: Tom Alexander (teeohhem) |
Date: 2015-11-25.03:50:43 |
|
Using a server SSL socket, the handshake fails with a java error:
Jython-Netty-Child-64, fatal error: 40: no cipher suites in common javax.net.ssl.SSLHandshakeException: no cipher suites in common
The problem is that upon setting up an SSL socket, the cert file and key file are never passed down into _get_openssl_key_manager via _createSSLEngine and therefore the cert/key are never loaded.
|
msg10509 (view) |
Author: Tom Alexander (teeohhem) |
Date: 2015-11-25.04:34:12 |
|
Added a patch...wasn't confident adding a test since I'm not too familiar with everything
|
msg10510 (view) |
Author: Tom Alexander (teeohhem) |
Date: 2015-11-25.04:38:56 |
|
This was in Jython 2.7-1 b2 btw
|
msg10528 (view) |
Author: Jim Baker (zyasoft) |
Date: 2015-12-11.00:00:56 |
|
Darjus, something to look at in your SSLContext work. It's a straightforward addition.
|
msg10536 (view) |
Author: Jim Baker (zyasoft) |
Date: 2015-12-14.16:40:03 |
|
We need to create a good test. I believe the patch can be updated as follows:
diff -r 39d27fa93f24 Lib/ssl.py
--- a/Lib/ssl.py Thu Dec 10 23:14:56 2015 -0700
+++ b/Lib/ssl.py Mon Dec 14 09:38:21 2015 -0700
@@ -898,10 +898,15 @@
context = _JavaSSLContext.getInstance(self._protocol_name)
- if self._key_managers is None: # get an e
- context.init(_get_openssl_key_manager().getKeyManagers(), trust_managers, None)
+ if self._key_managers is None:
+ print "No key managers", self
+ context.init(
+ _get_openssl_key_manager(cert_file=self.cert_file, key_file=self.key_file).getKeyManagers(),
+ trust_managers, None)
else:
- context.init(self._key_managers.getKeyManagers(), trust_managers, None)
+ context.init(
+ self._key_managers.getKeyManagers(),
+ trust_managers, None)
if hostname is not None:
engine = context.createSSLEngine(hostname, addr[1])
|
msg10560 (view) |
Author: Jim Baker (zyasoft) |
Date: 2015-12-29.06:11:17 |
|
Fixed as of https://hg.python.org/jython/rev/5194b3d04dca
pip exercises this code path
|
|
Date |
User |
Action |
Args |
2016-01-06 15:59:14 | zyasoft | set | status: pending -> closed |
2015-12-29 06:11:18 | zyasoft | set | status: open -> pending assignee: darjus -> zyasoft resolution: accepted -> fixed messages:
+ msg10560 |
2015-12-23 20:29:22 | zyasoft | set | priority: high |
2015-12-14 16:40:04 | zyasoft | set | messages:
+ msg10536 |
2015-12-11 00:03:17 | zyasoft | set | assignee: zyasoft -> darjus |
2015-12-11 00:00:56 | zyasoft | set | nosy:
+ darjus messages:
+ msg10528 |
2015-11-25 15:27:28 | zyasoft | set | milestone: Jython 2.7.1 |
2015-11-25 15:27:05 | zyasoft | set | assignee: zyasoft resolution: accepted nosy:
+ zyasoft |
2015-11-25 04:38:56 | teeohhem | set | messages:
+ msg10510 |
2015-11-25 04:34:13 | teeohhem | set | files:
+ 2437-missing-cert-init.patch keywords:
+ patch messages:
+ msg10509 |
2015-11-25 03:50:44 | teeohhem | create | |
|