Issue2614

classification
Title: "SSLError: [Errno 1] Illegal state exception" error message while using jython 2.7.0 standalone jar
Type: security Severity: critical
Components: Installer Versions: Jython 2.7
Milestone: Jython 2.7.0
process
Status: open Resolution:
Dependencies: Superseder:
Assigned To: Nosy List: Neha, stefan.richthofer, zyasoft
Priority: Keywords:

Created on 2017-08-08.07:28:07 by Neha, last changed 2017-08-09.10:44:10 by Neha.

Messages
msg11527 (view) Author: Neha Pithadiya (Neha) Date: 2017-08-08.07:28:06
jython-standalone-2.7.0 jar execution is causing issue in our project. This lib is being used in our project SCCM i.e java project to execute some of the python scripts. The script execution is failing frequently giving error message "illegal state exception". Not able to understand what can be issue. I think that error is being thrown from jython code.  The old version of this jar was not causing issue. After upgrading to jython 2.7 standalone jar, this issue is being observed very frequently.
msg11528 (view) Author: Stefan Richthofer (stefan.richthofer) Date: 2017-08-08.10:13:15
Neha, please provide more information.
- How does the project use/embedd/access jython-standalone?
- the full stacktrace
- if possible: Code to reproduce the issue
- What platform are you on?

That said, please check out Jython 2.7.1 and report if the issue still occurs.
msg11529 (view) Author: Neha Pithadiya (Neha) Date: 2017-08-09.06:07:01
- How does the project use/embedd/access jython-standalone?
We have created a few scripts which use the python scripts from the jython-2.7.0-standalone.jar
We are using the python utilities httplib, xml.etree.ElementTree as xmltree, urlparse, pprint, types, getopt, re, shutil.
These are utilized for reading the data using the OSLC API.


- the full stacktrace
Log Trace-
Traceback (most recent call last):
  File "<console>", line 2, in <module>
  File "/opt/ibm/sccm/bin/sccm/dataSources.py", line 319, in createMessageBrokerDataSource
    return self.__createDataSource(messageBrokerDataSource, attrs)
  File "/opt/ibm/sccm/bin/sccm/dataSources.py", line 302, in _dataSources__createDataSource
    self.refresh()
  File "/opt/ibm/sccm/bin/sccm/dataSources.py", line 272, in refresh
    conn.request('GET', '/sccmOslc/dataSources?oslc_ua.action=RefreshRegistry', headers=headers)
  File "/opt/ibm/sccm/lib/jython-standalone-2.7.0.jar/Lib/httplib.py", line 1001, in request
    self._send_request(method, url, body, headers)
  File "/opt/ibm/sccm/lib/jython-standalone-2.7.0.jar/Lib/httplib.py", line 1035, in _send_request
    self.endheaders(body)
  File "/opt/ibm/sccm/lib/jython-standalone-2.7.0.jar/Lib/httplib.py", line 997, in endheaders
    self._send_output(message_body)
  File "/opt/ibm/sccm/lib/jython-standalone-2.7.0.jar/Lib/httplib.py", line 850, in _send_output
    self.send(msg)
  File "/opt/ibm/sccm/lib/jython-standalone-2.7.0.jar/Lib/httplib.py", line 812, in send
    self.connect()
  File "/opt/ibm/sccm/lib/jython-standalone-2.7.0.jar/Lib/httplib.py", line 1204, in connect
    self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file)
  File "/opt/ibm/sccm/lib/jython-standalone-2.7.0.jar/Lib/_socket.py", line 357, in handle_exception
    return method_or_function(*args, **kwargs)
  File "/opt/ibm/sccm/lib/jython-standalone-2.7.0.jar/Lib/_socket.py", line 357, in handle_exception
    return method_or_function(*args, **kwargs)
  File "/opt/ibm/sccm/lib/jython-standalone-2.7.0.jar/Lib/ssl.py", line 287, in wrap_socket
    return SSLSocket(
  File "/opt/ibm/sccm/lib/jython-standalone-2.7.0.jar/Lib/ssl.py", line 116, in __init__
    self.do_handshake()
  File "/opt/ibm/sccm/lib/jython-standalone-2.7.0.jar/Lib/ssl.py", line 165, in do_handshake
    raise SSLError(SSL_ERROR_SSL, e.strerror)
SSLError: [Errno 1] Illegal state exception
 

- if possible: Code to reproduce the issue
Below is one of the code snippet, however we cannot share the complete code-
def _action(self, action, silent, method='GET'):
                (conn, headers) = restConnection()
                url = '/sccmOslc/dataSources/' + self.type + '/' + self.identifier + '?oslc_ua.action=' + action
                headers['Content-Type'] = 'application/xml'
                conn.request(method, url, headers=headers)
                response = conn.getresponse()
                if response.status == 200:
                        return True
                if silent == False:
                        tree = xmltree.fromstring(response.read())
                        print str(response.status) + ': ' + tree[0].find('{http://purl.org/dc/terms/}title').text
                        print tree[0].find('{http://purl.org/dc/terms/}description').text
                return False


                
- What platform are you on?
We are using the RHEL 7.2 and 7.3 systems.
 
We would also like to point out the following-
- This issue is not seen in the jython-2.5.3-standalone.jar, but is seen very frequently in the jython 2.7.0 jar.
- We saw the below post on StackOverflow, but did not find the jython 2.7.1 version of the jar on jython.org
 
Could you share the download link for the same?

Thanks 
Neha Pithadiya.
msg11530 (view) Author: Stefan Richthofer (stefan.richthofer) Date: 2017-08-09.09:45:40
This seems to be ssl related, so adding Jim to nosy...
What JVM are you using? The path contains "ibm" folders, so I guess it is IBM J9...?
Find some download links for Jython 2.7.1 here: http://fwierzbicki.blogspot.de/2017/07/jython-271-final-released.html

Netty and various third party libs were updated, so this could definitely make a difference.

Unfortunately I self cannot help on this issue right now. Just wanted to make sure that all necessary information is logged here for further steps.
msg11531 (view) Author: Neha Pithadiya (Neha) Date: 2017-08-09.10:04:59
we use IBM java SDK 8.0.4.2
msg11532 (view) Author: Neha Pithadiya (Neha) Date: 2017-08-09.10:06:13
This issue is very critical as it is breaking  some of our project functionality.
msg11533 (view) Author: Neha Pithadiya (Neha) Date: 2017-08-09.10:44:10
Tried with jython-standalone-2.7.1.jar ,  and found below error:-

certificate verify failed (javax.net.ssl.SSLHandshakeException: General SSLEngine problem) (1)
History
Date User Action Args
2017-08-09 10:44:10Nehasetmessages: + msg11533
2017-08-09 10:06:13Nehasetmessages: + msg11532
2017-08-09 10:04:59Nehasetmessages: + msg11531
2017-08-09 09:45:41stefan.richthofersetnosy: + zyasoft
messages: + msg11530
title: "Illegal state exception" error message while using jython 2.7.0 standalone jar -> "SSLError: [Errno 1] Illegal state exception" error message while using jython 2.7.0 standalone jar
2017-08-09 06:07:02Nehasetmessages: + msg11529
2017-08-08 10:13:15stefan.richthofersetnosy: + stefan.richthofer
messages: + msg11528
title: "Illegal state exception " error message while using jython 2.7.0. standalone jar . -> "Illegal state exception" error message while using jython 2.7.0 standalone jar
2017-08-08 07:32:39Nehasetcomponents: + Installer, - Core
2017-08-08 07:28:07Nehacreate