I'm working on maintaining a Python application for my company that uses pysphere to connect to a vCenter. If our users select the option to only allow incoming requests via TLSv1 (default is both TLSv1 and SSLv3, and the setting is rarely changed) then we see the following stacktrace:
2015-05-08 13:19:38,000 vcenterutils 72 Encountered exception Errno 8 _ssl.c:504: EOF occurred in violation of protocol at Traceback (most recent call last):
File "vcenterutils.pyo", line 68, in run
File "vcenterutils.pyo", line 127, in connect
File "vcenterutils.pyo", line 140, in login
File "pysphere\vi_server.pyo", line 101, in connect
File "pysphere\resources\VimService_services.pyo", line 2170, in RetrieveServiceContent
File "pysphere\ZSI\client.pyo", line 295, in Send
File "httplib.pyo", line 1161, in connect
File "ssl.pyo", line 381, in wrap_socket
File "ssl.pyo", line 143, in _init
File "ssl.pyo", line 305, in do_handshake
SSLError: Errno 8 _ssl.c:504: EOF occurred in violation of protocol
This leads me to believe that there is some explicit usage of SSLv3 in the code. Is there a way to override this as a global default so ssl.PROTOCOL_SSLv23 is always used?