subject:"\[issue11220\] https sslv3 error 14077417\: illegal parameter"

[issue11220] https sslv3 error 14077417: illegal parameter

2015-12-15 Thread Hari Krishna Dara


Hari Krishna Dara added the comment:

Interesting... the posted Python code for 2.x didn't work for me on 2.6.9 on 
Mac OS X (10.10.5). The code in catch block further generates the below 
exception:

Traceback (most recent call last):
  File "/tmp/t.py", line 17, in connect
self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file, 
ssl_version=ssl.PROTOCOL_SSLv23)
  File 
"/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/ssl.py",
 line 338, in wrap_socket
suppress_ragged_eofs=suppress_ragged_eofs)
  File 
"/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/ssl.py",
 line 120, in __init__
self.do_handshake()
  File 
"/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/ssl.py",
 line 279, in do_handshake
self._sslobj.do_handshake()
SSLError: [Errno 1] _ssl.c:493: error:140770FC:SSL 
routines:SSL23_GET_SERVER_HELLO:unknown protocol

Is there another workaround that is known to work with this version of Python?

--
nosy: +haridsv

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue11220] https sslv3 error 14077417: illegal parameter

2013-09-20 Thread Arfrever Frehtes Taifersar Arahesis


Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:


--
nosy:  -mrDoctorWho0..
title: Sometimes library raises URLError when trying POST with httpS - https 
sslv3 error 14077417: illegal parameter
versions: +Python 2.6, Python 3.1 -Python 2.7

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue11220
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue11220] https sslv3 error 14077417: illegal parameter

2013-09-20 Thread Arfrever Frehtes Taifersar Arahesis


Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:


--
Removed message: http://bugs.python.org/msg198139

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue11220
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue11220] https sslv3 error 14077417: illegal parameter

2013-09-20 Thread Arfrever Frehtes Taifersar Arahesis


Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:


--
Removed message: http://bugs.python.org/msg198140

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue11220
___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue11220] https sslv3 error 14077417: illegal parameter

2011-02-16 Thread Senthil Kumaran


Senthil Kumaran orsent...@gmail.com added the comment:

curl (7.21.0) fails with the same error message too for the target website. (Is 
the server doing anything different. For other HTTPS sites (which also use 
redirection) urllib.request works fine )

senthil@ubuntu:~/python/py3k$ curl -v 
https://ui2web1.apps.uillinois.edu/BANPROD1/bwskfcls.P_GetCrse
* About to connect() to ui2web1.apps.uillinois.edu port 443 (#0)
*   Trying 64.22.183.24... connected
* Connected to ui2web1.apps.uillinois.edu (64.22.183.24) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* error:14077417:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert illegal 
parameter
* Closing connection #0
curl: (35) error:14077417:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert 
illegal parameter

--
nosy: +orsenthil

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue11220
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue11220] https sslv3 error 14077417: illegal parameter

2011-02-16 Thread Ian Wetherbee


Ian Wetherbee ian.wether...@gmail.com added the comment:

The server seems to be sending a bad TLS handshake, so curl falls back on SSLv3 
with TLS disabled.

curl 7.20.1 (x86_64-redhat-linux-gnu) libcurl/7.20.1 NSS/3.12.8.0 zlib/1.2.3 
libidn/1.16 libssh2/1.2.4
Protocols: dict file ftp ftps http https imap imaps ldap ldaps pop3 pop3s rtsp 
scp sftp smtp smtps telnet tftp 
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz 

curl -v https://ui2web1.apps.uillinois.edu/BANPROD1/bwskfcls.P_GetCrse
* About to connect() to ui2web1.apps.uillinois.edu port 443 (#0)
*   Trying 64.22.183.24... connected
* Connected to ui2web1.apps.uillinois.edu (64.22.183.24) port 443 (#0)
* Initializing NSS with certpath: /etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* NSS error -12226
* Error in TLS handshake, trying SSLv3...
 GET /BANPROD1/bwskfcls.P_GetCrse HTTP/1.1
 User-Agent: curl/7.20.1 (x86_64-redhat-linux-gnu) libcurl/7.20.1 NSS/3.12.8.0 
 zlib/1.2.3 libidn/1.16 libssh2/1.2.4
 Host: ui2web1.apps.uillinois.edu
 Accept: */*
 
* Connection died, retrying a fresh connect
* Closing connection #0
* Issue another request to this URL: 
'https://ui2web1.apps.uillinois.edu/BANPROD1/bwskfcls.P_GetCrse'
* About to connect() to ui2web1.apps.uillinois.edu port 443 (#0)
*   Trying 64.22.183.24... connected
* Connected to ui2web1.apps.uillinois.edu (64.22.183.24) port 443 (#0)
* TLS disabled due to previous handshake failure
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using SSL_RSA_WITH_RC4_128_MD5
* Server certificate:
*   subject: CN=ui2web1.apps.uillinois.edu,OU=AITS 
20100517-25690,O=University of Illinois,L=Urbana,ST=Illinois,C=US
*   start date: May 17 00:00:00 2010 GMT
*   expire date: May 17 23:59:59 2011 GMT
*   common name: ui2web1.apps.uillinois.edu
*   issuer: E=premium-ser...@thawte.com,CN=Thawte Premium Server 
CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape 
Town,ST=Western Cape,C=ZA
 GET /BANPROD1/bwskfcls.P_GetCrse HTTP/1.1
 User-Agent: curl/7.20.1 (x86_64-redhat-linux-gnu) libcurl/7.20.1 NSS/3.12.8.0 
 zlib/1.2.3 libidn/1.16 libssh2/1.2.4
 Host: ui2web1.apps.uillinois.edu
 Accept: */*
 
 HTTP/1.1 302 Found
 Date: Wed, 16 Feb 2011 07:49:43 GMT
 Server: Oracle-Application-Server-10g/10.1.2.3.0 Oracle-HTTP-Server
 Location: https://apps.uillinois.edu/selfservice/error/
 Connection: close
 Transfer-Encoding: chunked
 Content-Type: text/html; charset=iso-8859-1
 
!DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN
HTMLHEAD
TITLE302 Found/TITLE
/HEADBODY
H1Found/H1
The document has moved A 
HREF=https://apps.uillinois.edu/selfservice/error/;here/A.P
HR
ADDRESSOracle-Application-Server-10g/10.1.2.3.0 Oracle-HTTP-Server Server at 
ui2web1b.admin.uillinois.edu Port 443/ADDRESS
/BODY/HTML
* Closing connection #0

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue11220
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue11220] https sslv3 error 14077417: illegal parameter

2011-02-16 Thread Senthil Kumaran


Senthil Kumaran orsent...@gmail.com added the comment:

The problem is the server strictly accepts SSLv3 only and urllib and 
http.client send SSLv23 protocol.

(In http/client.py, line 1077)
 if context is None:
 # Some reasonable defaults
 context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
 context.options |= ssl.OP_NO_SSLv2
 will_verify = context.verify_mode != ssl.CERT_NONE


However, in order to use only SSLv3, one can set the context to 
ssl.PROTOCOL_SSLv3 in the HTTPSHandler and use it.

import urllib.request
import ssl
https_sslv3_handler = 
urllib.request.HTTPSHandler(context=ssl.SSLContext(ssl.PROTOCOL_SSLv3))
opener = urllib.request.build_opener(https_sslv3_handler)
urllib.request.install_opener(opener)
urllib.request.urlopen('https://ui2web1.apps.uillinois.edu/BANPROD1/bwskfcls.P_GetCrse')

--

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue11220
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue11220] https sslv3 error 14077417: illegal parameter

2011-02-16 Thread Antoine Pitrou


Antoine Pitrou pit...@free.fr added the comment:

I get an error using the following curl too:

curl 7.20.1 (x86_64-mandriva-linux-gnu) libcurl/7.20.1 OpenSSL/1.0.0a 
zlib/1.2.3 libidn/1.18 libssh2/1.2.5
Protocols: dict file ftp ftps http https imap imaps ldap ldaps pop3 pop3s rtsp 
scp sftp smtp smtps telnet tftp 
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz 

The same URL sends wget into a loop:

$ LANG=C wget -v -O - 
https://ui2web1.apps.uillinois.edu/BANPROD1/bwskfcls.P_GetCrse
--2011-02-16 12:01:39--  
https://ui2web1.apps.uillinois.edu/BANPROD1/bwskfcls.P_GetCrse
Resolving ui2web1.apps.uillinois.edu... 64.22.183.24
Connecting to ui2web1.apps.uillinois.edu|64.22.183.24|:443... connected.
HTTP request sent, awaiting response... No data received.
Retrying.

--2011-02-16 12:01:40--  (try: 2)  
https://ui2web1.apps.uillinois.edu/BANPROD1/bwskfcls.P_GetCrse
Connecting to ui2web1.apps.uillinois.edu|64.22.183.24|:443... connected.
HTTP request sent, awaiting response... No data received.
Retrying.

--2011-02-16 12:01:43--  (try: 3)  
https://ui2web1.apps.uillinois.edu/BANPROD1/bwskfcls.P_GetCrse
Connecting to ui2web1.apps.uillinois.edu|64.22.183.24|:443... connected.
HTTP request sent, awaiting response... No data received.
Retrying.


IMO, this all points to the remote server being poorly compliant. Senthil's 
solution seems good enough here.

--
resolution:  - rejected
status: open - pending

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue11220
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue11220] https sslv3 error 14077417: illegal parameter

2011-02-16 Thread Ian Wetherbee


Ian Wetherbee ian.wether...@gmail.com added the comment:

Any solution for 2.x? I'm using this with twisted.

--
resolution: rejected - 
status: pending - open

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue11220
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue11220] https sslv3 error 14077417: illegal parameter

2011-02-16 Thread Ian Wetherbee


Ian Wetherbee ian.wether...@gmail.com added the comment:

This works for 2.x, I'm closing this issue:

# custom HTTPS opener, banner's oracle 10g server supports SSLv3 only
import httplib, ssl, urllib2, socket
class HTTPSConnectionV3(httplib.HTTPSConnection):
def __init__(self, *args, **kwargs):
httplib.HTTPSConnection.__init__(self, *args, **kwargs)

def connect(self):
sock = socket.create_connection((self.host, self.port), self.timeout)
if self._tunnel_host:
self.sock = sock
self._tunnel()
try:
self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file, 
ssl_version=ssl.PROTOCOL_SSLv3)
except ssl.SSLError, e:
print(Trying SSLv3.)
self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file, 
ssl_version=ssl.PROTOCOL_SSLv23)

class HTTPSHandlerV3(urllib2.HTTPSHandler):
def https_open(self, req):
return self.do_open(HTTPSConnectionV3, req)
# install opener
urllib2.install_opener(urllib2.build_opener(HTTPSHandlerV3()))

if __name__ == __main__:
r = 
urllib2.urlopen(https://ui2web1.apps.uillinois.edu/BANPROD1/bwskfcls.P_GetCrse;)
print(r.read())

--
resolution:  - works for me
status: open - closed

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue11220
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue11220] https sslv3 error 14077417: illegal parameter

2011-02-15 Thread Ian Wetherbee


New submission from Ian Wetherbee ian.wether...@gmail.com:

Certain https urls do not open using urllib2 (py2.6) and urllib(py3.1), but 
they open using the latest version of curl and firefox.

To reproduce:
 import urllib.request
 urllib.request.urlopen(https://ui2web1.apps.uillinois.edu/BANPROD1/bwskfcls.P_GetCrse;)
Traceback (most recent call last):
  File /usr/lib64/python3.1/urllib/request.py, line 1072, in do_open
h.request(req.get_method(), req.selector, req.data, headers)
  File /usr/lib64/python3.1/http/client.py, line 932, in request
self._send_request(method, url, body, headers)
  File /usr/lib64/python3.1/http/client.py, line 970, in _send_request
self.endheaders(body)
  File /usr/lib64/python3.1/http/client.py, line 928, in endheaders
self._send_output(message_body)
  File /usr/lib64/python3.1/http/client.py, line 782, in _send_output
self.send(msg)
  File /usr/lib64/python3.1/http/client.py, line 723, in send
self.connect()
  File /usr/lib64/python3.1/http/client.py, line 1055, in connect
self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file)
  File /usr/lib64/python3.1/ssl.py, line 381, in wrap_socket
suppress_ragged_eofs=suppress_ragged_eofs)
  File /usr/lib64/python3.1/ssl.py, line 135, in __init__
raise x
  File /usr/lib64/python3.1/ssl.py, line 131, in __init__
self.do_handshake()
  File /usr/lib64/python3.1/ssl.py, line 327, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [Errno 1] _ssl.c:488: error:14077417:SSL 
routines:SSL23_GET_SERVER_HELLO:sslv3 alert illegal parameter

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File stdin, line 1, in module
  File /usr/lib64/python3.1/urllib/request.py, line 121, in urlopen
return _opener.open(url, data, timeout)
  File /usr/lib64/python3.1/urllib/request.py, line 349, in open
response = self._open(req, data)
  File /usr/lib64/python3.1/urllib/request.py, line 367, in _open
'_open', req)
  File /usr/lib64/python3.1/urllib/request.py, line 327, in _call_chain
result = func(*args)
  File /usr/lib64/python3.1/urllib/request.py, line 1098, in https_open
return self.do_open(http.client.HTTPSConnection, req)
  File /usr/lib64/python3.1/urllib/request.py, line 1075, in do_open
raise URLError(err)
urllib.error.URLError: urlopen error [Errno 1] _ssl.c:488: error:14077417:SSL 
routines:SSL23_GET_SERVER_HELLO:sslv3 alert illegal parameter

Curl request:
$ curl https://ui2web1.apps.uillinois.edu/BANPROD1/bwskfcls.P_GetCrse
!DOCTYPE HTML PUBLIC -//IETF//DTD HTML 2.0//EN
HTMLHEAD
TITLE302 Found/TITLE
/HEADBODY
H1Found/H1
The document has moved A 
HREF=https://apps.uillinois.edu/selfservice/error/;here/A.P
HR
ADDRESSOracle-Application-Server-10g/10.1.2.3.0 Oracle-HTTP-Server Server at 
ui2web1a.admin.uillinois.edu Port 443/ADDRESS
/BODY/HTML

--
components: None
messages: 128626
nosy: Ian.Wetherbee
priority: normal
severity: normal
status: open
title: https sslv3 error 14077417: illegal parameter
type: behavior
versions: Python 2.6, Python 3.1

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue11220
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue11220] https sslv3 error 14077417: illegal parameter

2011-02-15 Thread Georg Brandl


Changes by Georg Brandl ge...@python.org:


--
nosy: +pitrou

___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue11220
___
___
Python-bugs-list mailing list
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue11220] https sslv3 error 14077417: illegal parameter

[issue11220] https sslv3 error 14077417: illegal parameter

[issue11220] https sslv3 error 14077417: illegal parameter

[issue11220] https sslv3 error 14077417: illegal parameter

[issue11220] https sslv3 error 14077417: illegal parameter

[issue11220] https sslv3 error 14077417: illegal parameter

[issue11220] https sslv3 error 14077417: illegal parameter

[issue11220] https sslv3 error 14077417: illegal parameter

[issue11220] https sslv3 error 14077417: illegal parameter

[issue11220] https sslv3 error 14077417: illegal parameter

[issue11220] https sslv3 error 14077417: illegal parameter

[issue11220] https sslv3 error 14077417: illegal parameter

12 matches

Site Navigation

Mail list logo

Footer information