From metatracker at psf.upfronthosting.co.za Thu Mar 15 07:27:55 2018 From: metatracker at psf.upfronthosting.co.za (Antti Haapala) Date: Thu, 15 Mar 2018 11:27:55 +0000 Subject: [Tracker-discuss] [issue647] bpo google auth not working Message-ID: <1521113275.57.0.467229070634.issue647@psf.upfronthosting.co.za> New submission from Antti Haapala : Click on the google login button on bpo and the request never completes. Really annoying since I didn't remember my password to bpo if I even ever set one. ---------- messages: 3427 nosy: ztane priority: urgent status: unread title: bpo google auth not working _______________________________________________________ PSF Meta Tracker _______________________________________________________ From metatracker at psf.upfronthosting.co.za Thu Mar 22 07:28:57 2018 From: metatracker at psf.upfronthosting.co.za (=?utf-8?q?J=C3=BCrgen?=) Date: Thu, 22 Mar 2018 11:28:57 +0000 Subject: [Tracker-discuss] [issue648] ftplib: FTP_TLS seems to have problems with sites that close the encrypted channel themselfes Message-ID: <1521718137.07.0.467229070634.issue648@psf.upfronthosting.co.za> New submission from J?rgen : Hi, I'm not quite sure, if you would actually call this a bug, but it is very molesting at least ;o) I use ftplib.FTP_TLS to connect to a z/OS ftp server. With a minor change it works very well (happy to have found this library). The problem I have is, that without any change, an exception is raised after every single command I invoke, even though the server sends back an ok message. The exception is an OSError which is raised while executing conn.unwrap(). It seems the connection is already closed when this is called and thus an exception is raised. But handling this exception outside the FTP_TLS-class makes no sense, because then every command would raise an exception and the "good" exceptions could not be distinguised from the ones that are really searious so easily anymore (I mean: if i get an exception that a connection could not be closed, because someone else closed it before, that's not very serious, is it?). Suggestions to solve this: small solution: allow the programmer to decide what to do, by creating subclasses This is "factor-out" the unwrap logic in a separate method or function, so at least users of the class can overwrite the behavior, without having to rebuild the whole logic of the affected methods. In my quick solution I created a new method in class FTP: def __handleAutoCloseSSL__(self, conn): if self.autoCloseModeSSL == 'NONE' or self.autoCloseModeSSL is None or _SSLSocket is None or not isinstance(conn, _SSLSocket): # do nothing pass elif self.autoCloseModeSSL in ('SAFE', 'HIDE'): try: conn.unwrap() except OSError as ex: if self.autoCloseModeSSL != 'HIDE': print('Caught exception %s while calling conn.unwrap()' % str(ex)) else: # Standard mode (usally self.autoCloseModeSSL =='STANDARD' but anything else is accepted as well) # the original code was: #if _SSLSocket is not None and isinstance(conn, _SSLSocket): # conn.unwrap() conn.unwrap() And the class variable: autoCloseModeSSL = 'STANDARD' Then I called it from methods (instead of doing conn.unwrap() there directly): retbinary retlines storbinary storlines Ok, maybe not that sexy, but it works :o) And if you don't like the hack with instance variable autoCloseModeSSL, you could just transfer the original conn.unwrap() in an extra method which could then be overwritten by programmers in subclasses. This would already help me very much, because I know that patching a library is not a good idea. Even more if it is a communication library that might be updated from time to time. ---------- messages: 3428 nosy: jottbe priority: feature status: unread title: ftplib: FTP_TLS seems to have problems with sites that close the encrypted channel themselfes _______________________________________________________ PSF Meta Tracker _______________________________________________________ From metatracker at psf.upfronthosting.co.za Thu Mar 22 08:06:35 2018 From: metatracker at psf.upfronthosting.co.za (Ezio Melotti) Date: Thu, 22 Mar 2018 12:06:35 +0000 Subject: [Tracker-discuss] [issue648] ftplib: FTP_TLS seems to have problems with sites that close the encrypted channel themselfes In-Reply-To: <1521718137.07.0.467229070634.issue648@psf.upfronthosting.co.za> Message-ID: <1521720395.64.0.467229070634.issue648@psf.upfronthosting.co.za> Ezio Melotti added the comment: Thanks for the report, but this is the meta-tracker. For issues about Python you should use the bug tracker at https://bugs.python.org/ ---------- nosy: +ezio.melotti status: unread -> resolved _______________________________________________________ PSF Meta Tracker _______________________________________________________ From metatracker at psf.upfronthosting.co.za Sun Mar 25 07:43:52 2018 From: metatracker at psf.upfronthosting.co.za (Nick Coghlan) Date: Sun, 25 Mar 2018 11:43:52 +0000 Subject: [Tracker-discuss] [issue649] Intermittent SSL signature issues Message-ID: <1521978232.05.0.467229070634.issue649@psf.upfronthosting.co.za> New submission from Nick Coghlan : When accessing the bug tracker, Firefox intermittently reports SEC_ERROR_BAD_SIGNATURE. While a refresh usually fixes the problem, this suggests to me that something isn't quite right with the current host configuration. (Perhaps this issue will be rendered obsolete by Maciej Szulik's efforts to rehost b.p.o on OpenShift?) ---------- messages: 3430 nosy: ncoghlan priority: critical status: unread title: Intermittent SSL signature issues _______________________________________________________ PSF Meta Tracker _______________________________________________________ From metatracker at psf.upfronthosting.co.za Sun Mar 25 22:40:31 2018 From: metatracker at psf.upfronthosting.co.za (Ned Deily) Date: Mon, 26 Mar 2018 02:40:31 +0000 Subject: [Tracker-discuss] [issue649] Intermittent SSL signature issues In-Reply-To: <1521978232.05.0.467229070634.issue649@psf.upfronthosting.co.za> Message-ID: <1522032031.96.0.467229070634.issue649@psf.upfronthosting.co.za> Ned Deily added the comment: Probably the same issue during that time period: a random subset of our GitHub webhook requests, triggered by changes to the python/cpython repo on GitHub, failed with "SSL connect failure". Retrying them manually hours later from the GitHub admin interface, they all succeeded. But failures like this caused havoc with our bugs.python.org / GitHub integration and overall python-dev workflows. I haven't seen any failures since but there hasn't been a lot of activity either. I did try using an online certificate checking tool (https://cryptoreport.websecurity.symantec.com/checker/) on https://bugs.python.org and found that the checker failed intermittently with "SSL certificate is not installed" error. I also noticed on the Server Configuration info displayed by the symantec tool when it succeeds that apparently bugs.python.org currently has an out-of-date and insecure of SSL/TLS libs installed. The report says that b.p.o only support TLS1.0 (and TLS 1.1 or 1.2) and is vulnerable to the BEAST and TLS renegotiation attacks. It also says that the b.p.o server reports itself as "BaseHTTP/0.3 Python/2.6.6"! If the migration of b.p.o to a more modern server is not going to happen imminently, perhaps the version of OpenSSL (or whatever) should be updated on the old server? ---------- nosy: +ned.deily status: unread -> chatting _______________________________________________________ PSF Meta Tracker _______________________________________________________ From metatracker at psf.upfronthosting.co.za Sun Mar 25 22:50:12 2018 From: metatracker at psf.upfronthosting.co.za (Ned Deily) Date: Mon, 26 Mar 2018 02:50:12 +0000 Subject: [Tracker-discuss] [issue649] Intermittent SSL signature issues In-Reply-To: <1521978232.05.0.467229070634.issue649@psf.upfronthosting.co.za> Message-ID: <1522032612.79.0.467229070634.issue649@psf.upfronthosting.co.za> Ned Deily added the comment: I added a comment and to this issue on the PSF infrastructure issue tracker. There has been a similar open issue for several months there. https://github.com/python/psf-infra-meta/issues/4 _______________________________________________________ PSF Meta Tracker _______________________________________________________ From metatracker at psf.upfronthosting.co.za Mon Mar 26 00:09:38 2018 From: metatracker at psf.upfronthosting.co.za (Gregory P Smith) Date: Mon, 26 Mar 2018 04:09:38 +0000 Subject: [Tracker-discuss] [issue649] Intermittent SSL signature issues In-Reply-To: <1521978232.05.0.467229070634.issue649@psf.upfronthosting.co.za> Message-ID: <1522037378.09.0.467229070634.issue649@psf.upfronthosting.co.za> Gregory P Smith added the comment: I was running into bad signature/hash errors sporadically today on bugs.python.org as well. ---------- nosy: +gregory.p.smith _______________________________________________________ PSF Meta Tracker _______________________________________________________ From metatracker at psf.upfronthosting.co.za Mon Mar 26 00:40:20 2018 From: metatracker at psf.upfronthosting.co.za (Mark Mangoba) Date: Mon, 26 Mar 2018 04:40:20 +0000 Subject: [Tracker-discuss] [issue649] Intermittent SSL signature issues In-Reply-To: <1521978232.05.0.467229070634.issue649@psf.upfronthosting.co.za> Message-ID: <1522039220.39.0.467229070634.issue649@psf.upfronthosting.co.za> Mark Mangoba added the comment: I'm considering putting bugs behind Fastly for now that can potentially resolve this issue. ---------- nosy: +mmangoba _______________________________________________________ PSF Meta Tracker _______________________________________________________ From metatracker at psf.upfronthosting.co.za Mon Mar 26 05:56:04 2018 From: metatracker at psf.upfronthosting.co.za (Berker Peksag) Date: Mon, 26 Mar 2018 09:56:04 +0000 Subject: [Tracker-discuss] [issue649] Intermittent SSL signature issues In-Reply-To: <1521978232.05.0.467229070634.issue649@psf.upfronthosting.co.za> Message-ID: <1522058164.38.0.467229070634.issue649@psf.upfronthosting.co.za> Berker Peksag added the comment: We may need to set custom rules for caching if we serve bugs.p.o behind Fastly since data needs to be fresh all the time. Otherwise, we would need to purge cache everytime we touch an issue. ---------- nosy: +berker.peksag _______________________________________________________ PSF Meta Tracker _______________________________________________________ From metatracker at psf.upfronthosting.co.za Tue Mar 27 02:23:03 2018 From: metatracker at psf.upfronthosting.co.za (Mark Mangoba) Date: Tue, 27 Mar 2018 06:23:03 +0000 Subject: [Tracker-discuss] [issue649] Intermittent SSL signature issues In-Reply-To: <1521978232.05.0.467229070634.issue649@psf.upfronthosting.co.za> Message-ID: <1522131783.03.0.467229070634.issue649@psf.upfronthosting.co.za> Mark Mangoba added the comment: @berker.peksag you bring up a really good point. I was taking a look at: https://docs.fastly.com/guides/tutorials/cache-control-tutorial#backend-http-headers we have some cache control here - https://docs.fastly.com/guides/tutorials/cache-control-tutorial#do-not-cache. I think putting bugs behind Fastly too, we will benefit from its security features, such as the DDoS mitigation, etc. I'm going to run a few tests and see if this solution fits. _______________________________________________________ PSF Meta Tracker _______________________________________________________ From metatracker at psf.upfronthosting.co.za Tue Mar 27 07:40:01 2018 From: metatracker at psf.upfronthosting.co.za (Wolfgang Maier) Date: Tue, 27 Mar 2018 11:40:01 +0000 Subject: [Tracker-discuss] [issue650] Issue tracker "Random Issue" functionality seems broken Message-ID: <1522150801.12.0.467229070634.issue650@psf.upfronthosting.co.za> New submission from Wolfgang Maier : clicking on Random Issue invariably takes me to https://bugs.python.org/issue23287 Though that may be a randomly chosen issue it is probably not the intended outcome. ---------- messages: 3437 nosy: wolma priority: bug status: unread title: Issue tracker "Random Issue" functionality seems broken _______________________________________________________ PSF Meta Tracker _______________________________________________________ From metatracker at psf.upfronthosting.co.za Tue Mar 27 08:03:55 2018 From: metatracker at psf.upfronthosting.co.za (Berker Peksag) Date: Tue, 27 Mar 2018 12:03:55 +0000 Subject: [Tracker-discuss] [issue650] Issue tracker "Random Issue" functionality seems broken In-Reply-To: <1522150801.12.0.467229070634.issue650@psf.upfronthosting.co.za> Message-ID: <1522152235.58.0.467229070634.issue650@psf.upfronthosting.co.za> Berker Peksag added the comment: Thanks for the report. This is a duplicate of issue 644. ---------- nosy: +berker.peksag status: unread -> resolved _______________________________________________________ PSF Meta Tracker _______________________________________________________ From metatracker at psf.upfronthosting.co.za Tue Mar 27 08:08:23 2018 From: metatracker at psf.upfronthosting.co.za (Wolfgang Maier) Date: Tue, 27 Mar 2018 12:08:23 +0000 Subject: [Tracker-discuss] [issue650] Issue tracker "Random Issue" functionality seems broken In-Reply-To: <1522150801.12.0.467229070634.issue650@psf.upfronthosting.co.za> Message-ID: <1522152503.61.0.467229070634.issue650@psf.upfronthosting.co.za> Wolfgang Maier added the comment: ah, I missed that. Thanks! _______________________________________________________ PSF Meta Tracker _______________________________________________________