search

fortinet-ansible-dev / ansible-galaxy-fortios-collection

GNU General Public License v3.0
84 stars 48 forks source link

Firmware upgrade 7.4.0 throws EOF occurred in violation of protocol (_ssl.c:2393) #257

Closed tubatodd closed 4 months ago

tubatodd commented 1 year ago

When attempting to use a previously working (Fortigate FW 7.2.3 to 7.2.4) ansible playbook to upgrade from Fortigate 7.2.4 to 7.4.0, I am getting the following error

  File "/tmp/ansible_fortinet.fortios.fortios_monitor_payload_wnctly95/ansible_fortinet.fortios.fortios_monitor_payload.zip/ansible/module_utils/connection.py", line 200, in __rpc__
ansible.module_utils.connection.ConnectionError: Could not connect to https://10.8.24.30:443/api/v2/monitor/system/firmware/upgrade?vdom=root&access_token=idghG34dn3k61N5H3zbrc33zyQtymp: EOF occurred in violation of protocol (_ssl.c:2393)

The task content looks like the following.

- name: "Upgrade Firmware"
  register: result
  fortinet.fortios.fortios_monitor:
    selector: 'upgrade.system.firmware'
    params:
      source: "upload"
      filename: "{{ _fw_firmware_version_filename }}.out"
      file_content: "{{ lookup( 'file', '{{ _fortigate_firmware_path_full_unarchived }}') | string | b64encode }}"

I've confirmed the variables are correct and that .out file exists. I've verified all of my auth setup works by trying something simple like 

- name: "Reboot Test"
  register: result
  fortinet.fortios.fortios_monitor:
    selector: 'reboot.system.os'

The Fortigate rebooted as expected.

MaxxLiu22 commented 1 year ago

Hi @tubatodd ,

Thank you for bring up this issue, your script works well on my side, I notice the error said EOF occurred in violation of protocol (_ssl.c:2393), and search it on other forums, they said that may be caused by proxy issue or openssl version. I didn't use any proxy and my openssl version is OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022), could you check it on your side and let me know.

Thanks, Maxx

JieX19 commented 4 months ago

Hi @tubatodd

Just circling back regarding the status of this issue. If the problem has been resolved, I'll proceed to close this ticket as it hasn't required further discussion for some time. Feel free to reopen it or open a new issue if you have any questions.

Thanks, Jie