[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Downloadable carts and reflector fixes for SSLv3 bug



I did update the deployed cart reflector to 2.4.0, and it didn't seem to fix the issue, but around that time Andy had fixed it in prod so I didn't investigate further.


Ben Parees | OpenShift

----- Original Message -----
> From: "Jordan Liggitt" <jliggitt redhat com>
> To: "Mateus Caruccio" <mateus caruccio getupcloud com>, dev lists openshift redhat com
> Sent: Wednesday, October 15, 2014 3:16:08 PM
> Subject: Re: Downloadable carts and reflector fixes for SSLv3 bug
> 
> You can also update httpclient to 2.4.0, which stops hard-coding ssl v3 and
> allows ssl negotiation:
> 
> https://github.com/nahi/httpclient/commit/94c4ea668d34d5b11eeddd5d58fa9487ee24c02e
> 
> 
> 
> On 10/15/2014 03:13 PM, Mateus Caruccio wrote:
> 
> 
> 
> Hi there.
> 
> After half the world disabled it's SSLv3 support, downloadable cartridges has
> stoped to work when using HTTPS manifest files on OO release-3. the problem
> lies on HTTPClient gem, which seams to use SSLv3 by default and refuses to
> switch to TLS on-the-fly.
> 
> We have patched r3 in order to allow TLSv1 only on downloadable carts:
> https://github.com/getupcloud/origin-server/commit/8212fdf2c6eed36900237ff13cb38a22329dceec
> 
> Could someone please validade if it's ok, and point any other place we may be
> ignoring?
> 
> Also, if you have your own running cart reflector, here is a patch to allow
> it to download from github:
> https://github.com/smarterclayton/cartridge-reflector/pull/9
> 
> Regards,
> 
> 	Mateus Caruccio
> 	Master of Puppets
> 	
> 
> 	+55 (51) 8298.0026
> 	gtalk: mateus caruccio getupcloud com
> twitter: @MateusCaruccio
> 
> 
> 	
> 
> 	This message and any attachment are solely for the intended
> recipient and may contain confidential or privileged information
> and it can not be forwarded or shared without permission.
> Thank you!
> 
> 
> _______________________________________________
> dev mailing list dev lists openshift redhat com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
> 
> 
> _______________________________________________
> dev mailing list
> dev lists openshift redhat com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
> 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]