Bug 250716
| Summary: | sysutils/py-hpilo: RC4-SHA is no longer available in openssl | ||
|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Matthias Pfaller <matthias.pfaller> |
| Component: | Individual Port(s) | Assignee: | Luca Pizzamiglio <pizzamig> |
| Status: | Closed FIXED | ||
| Severity: | Affects Some People | Flags: | pizzamig:
maintainer-feedback+
|
| Priority: | --- | ||
| Version: | Latest | ||
| Hardware: | Any | ||
| OS: | Any | ||
I will put SHA-RC4 as an option, in case someone needs to use it (in conjunction with some unmaintained openssl) to be able to speak with old iLOs A commit references this bug: Author: pizzamig Date: Sat Nov 21 16:54:26 UTC 2020 New revision: 555993 URL: https://svnweb.freebsd.org/changeset/ports/555993 Log: sysutils/py-hpilo: Update to 4.4.2 Add support to python 3.9 Remove RC4-SHA cypher support (not available in openssl any longer) RC4-SHA cypther can be added back via the specific option PR: 250716 Submitted by: Matthias Pfaller <matthias.pfaller@familie-pfaller.de> Changes: head/sysutils/py-hpilo/Makefile head/sysutils/py-hpilo/distinfo |
py37-hpilo_cli will fail because RC4-SHA is no longer available. Replacing the set_ciphers with a nop does the job for me, but it will probably no longer work with older (iLO3?) devices. regards, Matthias --- /usr/local/lib/python3.7/site-packages/hpilo.py~ 2020-10-06 19:52:33.000000000 +0200 +++ /usr/local/lib/python3.7/site-packages/hpilo.py 2020-10-29 08:41:25.082982000 +0100 @@ -400,7 +400,7 @@ # Even more sadly, some iLOs are still using RC4-SHA # which was dropped from the default cipher suite in # Python 2.7.10 and Python 3.4.4. Add it back here :( - self.ssl_context.set_ciphers("RC4-SHA:" + ssl._DEFAULT_CIPHERS) + self.ssl_context.set_ciphers(ssl._DEFAULT_CIPHERS) return self.ssl_context.wrap_socket( sock, server_hostname=self.hostname) except ssl.SSLError as exc: