Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
server side disabling of SSLv3 causes TLS to give handshake error messages
209 views
Skip to first unread message
dougo...@gmail.com
Nov 26, 2014, 6:16:57 PM11/26/14
to
Hello,
My Tcl code below for making a https url request has worked robustly for several months, running several times per day up until about 1 month ago when the API server to which it is accessing disabled SSLv3.
Since that time, I get the following error messages when this code is run:
SSL channel "sock532": error: sslv3 alert handshake failure
error reading "sock532": operation not supported on socket
Any hints or help would be appreciated! Thanks!
Doug
#---------------
set ::etsyApi::baseUrl https://openapi.etsy.com/v3
proc issueEtsyReqJSON { url } {
set apiKey "api_key=$appApiKey(campaignMonitor)"
set url [format "%s%s" $::etsyApi::baseURL $url]
if { [string first ? $url] < 0 } {
append url ?$apiKey
} else {
append url &$apiKey
}
if { [string first https $url] < 0 } {set IS_HTTPS no} else {set IS_HTTPS yes}
if { $IS_HTTPS } {
package require tls
http::register https 443 tls::socket
}
set token [http::geturl $url -timeout 30000]
set status [http::status $token]
set jsonData [http::data $token]
http::cleanup $token
if { $IS_HTTPS } {
http::unregister https
}
}
issueEtsyReqJSON /listings/...
#---- end code
Here is the Etsy API announcement regarding disabling of SSLv3 in mid October 2014:
"We wanted to give you a heads up about a recent change we've made in response to the SSLv3 security vulnerability known as "POODLE". This vulnerability was disclosed by Google this week; details are available on their security blog:
http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html
As a result of this discovery, we have disabled SSLv3. This will not affect your app unless you had explicitly chosen to use SSLv3 when making connections to the Etsy API. If you find that your connections to the Etsy API are failing due to an SSL issue, make sure that SSLv3 is not explicitly specified in your code.
..."
My Tcl code below for making a https url request has worked robustly for several months, running several times per day up until about 1 month ago when the API server to which it is accessing disabled SSLv3.
Since that time, I get the following error messages when this code is run:
SSL channel "sock532": error: sslv3 alert handshake failure
error reading "sock532": operation not supported on socket
Any hints or help would be appreciated! Thanks!
Doug
#---------------
set ::etsyApi::baseUrl https://openapi.etsy.com/v3
proc issueEtsyReqJSON { url } {
set apiKey "api_key=$appApiKey(campaignMonitor)"
set url [format "%s%s" $::etsyApi::baseURL $url]
if { [string first ? $url] < 0 } {
append url ?$apiKey
} else {
append url &$apiKey
}
if { [string first https $url] < 0 } {set IS_HTTPS no} else {set IS_HTTPS yes}
if { $IS_HTTPS } {
package require tls
http::register https 443 tls::socket
}
set token [http::geturl $url -timeout 30000]
set status [http::status $token]
set jsonData [http::data $token]
http::cleanup $token
if { $IS_HTTPS } {
http::unregister https
}
}
issueEtsyReqJSON /listings/...
#---- end code
Here is the Etsy API announcement regarding disabling of SSLv3 in mid October 2014:
"We wanted to give you a heads up about a recent change we've made in response to the SSLv3 security vulnerability known as "POODLE". This vulnerability was disclosed by Google this week; details are available on their security blog:
http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html
As a result of this discovery, we have disabled SSLv3. This will not affect your app unless you had explicitly chosen to use SSLv3 when making connections to the Etsy API. If you find that your connections to the Etsy API are failing due to an SSL issue, make sure that SSLv3 is not explicitly specified in your code.
..."
Rich
Nov 26, 2014, 9:13:06 PM11/26/14
to
dougo...@gmail.com wrote:
> Hello,
> My Tcl code below for making a https url request has worked robustly
> for several months, running several times per day up until about 1
> month ago when the API server to which it is accessing disabled
> SSLv3.
> Since that time, I get the following error messages when this code is run:
> SSL channel "sock532": error: sslv3 alert handshake failure
> error reading "sock532": operation not supported on socket
> Any hints or help would be appreciated! Thanks!
Change this:
> Hello,
> My Tcl code below for making a https url request has worked robustly
> for several months, running several times per day up until about 1
> month ago when the API server to which it is accessing disabled
> SSLv3.
> Since that time, I get the following error messages when this code is run:
> SSL channel "sock532": error: sslv3 alert handshake failure
> error reading "sock532": operation not supported on socket
> Any hints or help would be appreciated! Thanks!
> http::register https 443 tls::socket
http::register https 443 [ list ::tls::socket -tls1 true ]
0 new messages