I re-ran the outlined test-sequence without adding the juju-stable PPA (like I originally did) to make sure this bug is not a side-effect of the PPA.
It is not. It is reproducible on vanilla distro as outlined in the description. ** Description changed: [Impact] * The python Juju client cannot make SSL connections to the server anymore, because TLS v1.0 was deprecated on the server. * Switching to TLS v1.2 fixes the problem entirely. * Example failure: http://pastebin.ubuntu.com/23521446/ [Test case] Steps to reproduce (works in a container, needs a valid juju environment): - * Install juju 1.25, ideally from the juju stable ppa: sudo add-apt-repository ppa:juju/stable; sudo apt-get update; sudo apt-get install juju-1-default + * Install juju 1.25: sudo apt-get install juju-1-default juju-1.25 * Install the package: sudo apt-get install python-jujuclient * Set up an environment (ec2 works for instance) * Bootstrap environment: "juju bootstrap # Note your environment's name" * Run: python -c 'from jujuclient import Environment; Environment.connect("<your environment's name>")' [Regression Potential] * None - the package is completely unusable in its current state because of server changes. It can't get any worse :) [Other Info] * The attached patch is the minimal fix - forcing Python to connect over TLS 1.2 instead of forcing TLS 1.0. * TLS 1.2 connectivity is available in all targeted releases. * lp:python-jujuclient (upstream) is not affected by the problem, but the code is much diverged from the version in the archives, with way too many changes for a SRU. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1644153 Title: SSL handshake fails on xenial, yakkety, zesty To manage notifications about this bug go to: https://bugs.launchpad.net/python-jujuclient/+bug/1644153/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
