Your message dated Fri, 17 Jul 2020 10:39:05 +0000 with message-id <[email protected]> and subject line Bug#933042: fixed in sleekxmpp 1.3.3-6 has caused the Debian Bug report #933042, regarding python3-sleekxmpp: TLSv1.0-only is incompatible with modern servers to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 933042: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933042 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: python3-sleekxmpp Version: 1.3.3-4 Severity: normal Dear Maintainer, After having upgraded an XMPP server (ejabberd on Debian buster) connections from python3-sleekxmpp are failing. ejabberd.log: 2019-07-25 16:23:06.078 [warning] <0.627.0>@ejabberd_c2s:process_terminated:285 (tls|<0.627.0>) Failed to secure c2s connection: TLS failed: SSL_do_handshake failed: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol Code within the sleekxmpp is explicitly setting TLS parameters: xmlstream.py line 119: #: Most XMPP servers support TLSv1, but OpenFire in particular #: does not work well with it. For OpenFire, set #: :attr:`ssl_version` to use ``SSLv23``:: #: #: import ssl #: xmpp.ssl_version = ssl.PROTOCOL_SSLv23 self.ssl_version = ssl.PROTOCOL_TLSv1 According to Python documentation, this probably ought to be set to ssl.PROTOCOL_TLS (sans -v1) for widest range of compatibility, see table at: https://docs.python.org/3/library/ssl.html#ssl.SSLContext Initially I had thought about opening a bug with ejabberd since I cannot seem to coerce it into allowing TLSv1.0 connections anymore. However I suppose that since it's 2019, it's time to heed these deprecation warnings in the Python docs ;-) -- System Information: Debian Release: 10.0 APT prefers stable APT policy: (601, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-cloud-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages python3-sleekxmpp depends on: ii libjs-sphinxdoc 1.8.4-1 ii python3 3.7.3-1 ii python3-dnspython 1.16.0-1 ii python3-pyasn1 0.4.2-3 ii python3-pyasn1-modules 0.2.1-0.2 Versions of packages python3-sleekxmpp recommends: ii python3-dateutil 2.7.3-3 pn python3-gnupg <none> pn python3-socks | python3-socksipy <none> python3-sleekxmpp suggests no packages. -- no debconf information -- Gerald Turner <[email protected]> Encrypted mail preferred! OpenPGP: 4096R / CA89 B27A 30FA 66C5 1B80 3858 EC94 2276 FDB8 716D
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---Source: sleekxmpp Source-Version: 1.3.3-6 Done: Martin <[email protected]> We believe that the bug you reported is fixed in the latest version of sleekxmpp, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Martin <[email protected]> (supplier of updated sleekxmpp package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 17 Jul 2020 10:06:38 +0000 Source: sleekxmpp Architecture: source Version: 1.3.3-6 Distribution: unstable Urgency: medium Maintainer: Debian Python Modules Team <[email protected]> Changed-By: Martin <[email protected]> Closes: 933042 Changes: sleekxmpp (1.3.3-6) unstable; urgency=medium . * Change default ssl_version from ssl.PROTOCOL_TLSv1 to ssl.PROTOCOL_TLS (Closes: #933042). Checksums-Sha1: f7835096fe9e055e2f7cade034328393e35d5c3b 2126 sleekxmpp_1.3.3-6.dsc b4f2086dad8b877dbbf0127bfb3a658af153538b 24136 sleekxmpp_1.3.3-6.debian.tar.xz 5386df458da2244c58fc963b91fac1ca55db8b40 9358 sleekxmpp_1.3.3-6_amd64.buildinfo Checksums-Sha256: f8f2cc912018cfbe7e21eb12890ea7c95e16ec21fa078193a9e7d47ecd3e8083 2126 sleekxmpp_1.3.3-6.dsc eaed340cd309abdcbf18d54f717582adedfbdea69e4085f9f4409228a8b38477 24136 sleekxmpp_1.3.3-6.debian.tar.xz ca4e6bbe166d217dbe00894507ba8ca4f2ac896f7eb2d4bd7a6460da395c4dc0 9358 sleekxmpp_1.3.3-6_amd64.buildinfo Files: a1b96ea6965ed3ad51dfa46361d3eaf9 2126 python optional sleekxmpp_1.3.3-6.dsc e8e9092130965714bdec3fe179a12b95 24136 python optional sleekxmpp_1.3.3-6.debian.tar.xz 44bd66e45bb16b3559770aead801d803 9358 python optional sleekxmpp_1.3.3-6_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEftHeo0XZoKEY1KdA4+Chwoa5Y+oFAl8Reg8ACgkQ4+Chwoa5 Y+qu4Q/9Eyd3CDe7euWbJH9iom7AuhJbSvzM7QAJXiKEoDZILyQ41CrgRiGu7lzO X4b2dprWnG24MsobNFsdkfZMRX4Jnvkc4MW6eZUu/o5cnMMIvmyYKCuE1z0DGyf8 cqK6szApil6f+G42iFbHxqRIrGE9PthJXdkWTvk+GokVJdDkeJ76mpt8VrRfxdp1 oeeZCfI0BOc1o/yEXeUYklthZni/9xDLbb85xTXdiY7xbiYlJ9crWfQoyqIJGSti KiOZ1MQGwe8KZF6Qe0t689dPaEcbv52hKDWL7s3YLNJMsu4l9lMz8lyNJY80+Lcy bzOFqi/Uz3lMwbnOUD9CbDY/uACC+KTmI8LvbgALRrmk6IefkmRJVZE6gPvwulpy d+Dv8syPvwz7iCCD9vG+imTM+H2ZWxMFSXw8BmjrEBlzDA+mFIONAstdA6NsvbjF 0HlQoyi46wVz+0BsQ5GljNQlJmt/1bcSipy2nh8jVynofa+A0QZAy4Lr3JjPr7Sc rSp3bEuM6ZSD8tq2X+NUy+MzuOF2Cha2Up0ieOPNEDyB2BDXyoulSTJZ5Xv/JkJv Oq9wH3vj2Kbv9Q/Wln2QBB6OrDddkmmdE46/xHQqvS6pk4rpv4snwc65bUGk0DTy zTpGqcXKw6ZAzQrZPvMghJjNYxYf/9VZVjYtj146H4e9OwPEfBY= =EkYQ -----END PGP SIGNATURE-----
--- End Message ---
