[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Pulp-list] Pulp 2.3: Synching RHN via Proxy stopped working



Hi Florian,

The same bug and your workaround can be reproduced with SGOS 6.2.13.2
and Pulp v2.2.

We'll report the bug to the manufacturer.

Thank you very much!


Arnold

-- 
Arnold Bechtoldt
Magdeburger Str. 29
76139 Karlsruhe
Germany

Am 12.12.13 15:35, schrieb Florian Sachs:
> Hi,
> 
> The problem was related to our Bluecoat Proxy, which didn't handle
> TLS1.2 correctly. Squid and tinyproxy work without any problems.
> 
> I was able to change the behaviour of urllib3, which is used by pulp, to
> use TLSv1 (and not 1.2), which is easier for me than trying to get the
> Bluecoat fixed.
> 
> best regards,
> florian
> 
> Her is the diff:
> 
> --- /usr/lib/python2.6/site-packages/requests/packages/urllib3/util.py
> 2013-09-24 20:09:11.000000000 +0200
> +++ /tmp/util.py        2013-12-12 14:58:45.539748660 +0100
> @@ -26,7 +26,7 @@
>      HAS_SNI = False
> 
>      import ssl
> -    from ssl import wrap_socket, CERT_NONE, PROTOCOL_SSLv23
> +    from ssl import wrap_socket, CERT_NONE, PROTOCOL_SSLv23,
> PROTOCOL_TLSv1
>      from ssl import SSLContext  # Modern SSL?
>      from ssl import HAS_SNI  # Has SNI?
>  except ImportError:
> @@ -528,7 +528,7 @@
>      like resolve_cert_reqs
>      """
>      if candidate is None:
> -        return PROTOCOL_SSLv23
> +        return PROTOCOL_TLSv1
> 
>      if isinstance(candidate, str):
>          res = getattr(ssl, candidate, None)
> 
> Am 09.12.2013 16:48, schrieb Michael Hrivnak:
>> Hi, Florian. We thoroughly tested the proxy functionality with 2.3 and
>> re-confirmed this morning that it works doing a sync from our CDN
>> through a squid proxy. I added a couple of questions to the bug report
>> that may help identify what's going on in your setup.
>>
>> Thanks for being in touch.
>>
>> Michael
>>
>> ----- Original Message -----
>> From: "Florian Sachs" <florian sachs bmlvs gv at>
>> To: pulp-list redhat com
>> Sent: Monday, December 9, 2013 3:30:02 AM
>> Subject: [Pulp-list] Pulp 2.3: Synching RHN via Proxy stopped working
>>
>> Hi,
>>
>> With 2.3 Synching from HRN via our company proxy stopped working.
>>
>> Has anyone been successfull synching RHN with pulp 2.3 via a Proxy?
>>
>> florian
>>
>> FYI: I already filed a bug:
>> https://bugzilla.redhat.com/show_bug.cgi?id=1039471
>>
>>
>> _______________________________________________
>> Pulp-list mailing list
>> Pulp-list redhat com
>> https://www.redhat.com/mailman/listinfo/pulp-list
> 
> _______________________________________________
> Pulp-list mailing list
> Pulp-list redhat com
> https://www.redhat.com/mailman/listinfo/pulp-list


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]