Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenSSL handshake error #396

Closed
aschuch opened this issue Mar 19, 2016 · 6 comments
Closed

OpenSSL handshake error #396

aschuch opened this issue Mar 19, 2016 · 6 comments
Labels
bug

Comments

@aschuch
Copy link

aschuch commented Mar 19, 2016

I am testing locust with my personal site.
However, all tests fail with the following SSLError:

SSLError(SSLError(SSLError(1, u'[SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:590)'),),)

I have tested the same configuration with google.com and it worked just fine. My site uses Cloudflare Free SSL Certificates, not sure if that's the root of the issue. However, passing verify=False should actually ignore any SSL certificate issues, right?

locustfile.py

from locust import HttpLocust, TaskSet, task

class APITestTaskSet(TaskSet):

    def on_start(self):
        self.client.verify = False

    @task
    def index(self):
        self.client.get("/")

class APITestLocust(HttpLocust):
    task_set = APITestTaskSet
    min_wait=1000
    max_wait=3000

Configuration

➜ openssl version -a 
OpenSSL 0.9.8zg 14 July 2015
built on: Jul 31 2015
platform: darwin64-x86_64-llvm
options:  bn(64,64) md2(int) rc4(ptr,char) des(idx,cisc,16,int) blowfish(idx) 
compiler: -arch x86_64 -fmessage-length=0 -pipe -Wno-trigraphs -fpascal-strings -fasm-blocks -O3 -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DMD32_REG_T=int -DOPENSSL_NO_IDEA -DOPENSSL_PIC -DOPENSSL_THREADS -DZLIB -mmacosx-version-min=10.6
OPENSSLDIR: "/System/Library/OpenSSL"
➜ python --version
Python 2.7.10
@justiniso justiniso added the bug label Apr 2, 2016
@cgoldberg
Copy link
Member

passing verify=False should actually ignore any SSL certificate issues, right?

no. verify=False ignores invalid certificates. This is not an invalid certificate problem, this is a handshake failure.

Can you verify the version of the requests module you have installed? I think upgrading that module will solve your issue. (there is an open pull request to bump the version in locust requirements)

@aschuch
Copy link
Author

aschuch commented Apr 2, 2016

Thanks. I have requests 2.9.1, I'll try to update and see if that fixes my issue.

@cgoldberg
Copy link
Member

hmmm.2.9.2 is the latest already.

@aschuch
Copy link
Author

aschuch commented Apr 3, 2016

Yup, still failing. 🤕

@TannerBaldus
Copy link

@aschuch The cryptography library could be the culprit here. I recently faced a similar ssl issue in another project and it turned out that cryptography 1.3.1 had an bug with ssl and rolling back to 0.9.3 solved the ssl issues. No promises, just something that to check :)

@cgoldberg
Copy link
Member

@aschuch , try upgrading your openssl package.

I think the core of your issue is that your server implements SNI, and locust with your versions of dependencies does not.

Another solution is to just disable SNI on your web server.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@justiniso @cgoldberg @aschuch @TannerBaldus @aldenpeterson-wf