Issue 105810043: Make juju-quickstart websockets use TLSv1.

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Issue 105810043: Make juju-quickstart websockets use TLSv1.

Can't Edit
Can't Publish+Mail
Start Review

Created:
9 years, 11 months ago by bac

Modified:
9 years, 11 months ago

Reviewers:
mp+221949, redir

Visibility:
Public.

Description

Make juju-quickstart websockets use TLSv1. On OS X by default websockets try to use SSLv2 first. The juju-gui server rejects the attempt and they do not renogiate a shared protocol, resulting in a handshake failure. The least invasive and most secure solution is to create a websocket that is forced to use TLSv1. https://code.launchpad.net/~bac/juju-quickstart/ssl-issue/+merge/221949 (do not edit description out of merge proposal)

Patch Set 1 #

Patch Set 2 : Make juju-quickstart websockets use TLSv1. #

Created: 9 years, 11 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+8 lines, -2 lines)			Patch
A	[revision details]	View	1	1 chunk	+2 lines, -0 lines	0 comments	Download
M	quickstart/juju.py	View	1	1 chunk	+3 lines, -1 line	0 comments	Download
M	quickstart/tests/test_juju.py	View		2 chunks	+3 lines, -1 line	0 comments	Download

Messages

Total messages: 4

Expand All Messages | Collapse All Messages

redir

On 2014/06/03 19:49:11, bac wrote: > Please take a look. LGTM

9 years, 11 months ago (2014-06-03 20:44:33 UTC) #2

redir

On 2014/06/03 20:44:33, redir wrote: > On 2014/06/03 19:49:11, bac wrote: > > Please take ...

9 years, 11 months ago (2014-06-03 20:45:14 UTC) #3

bac

9 years, 11 months ago (2014-06-03 20:50:43 UTC) #4

*** Submitted:

Make juju-quickstart websockets use TLSv1.

On OS X by default websockets try to use SSLv2 first.  The juju-gui server
rejects the attempt and they do not renogiate a shared protocol, resulting in
a handshake failure.

The least invasive and most secure solution is to create a websocket that is
forced to use TLSv1.

R=redir
CC=
https://codereview.appspot.com/105810043

Expand All Messages | Collapse All Messages