Seeing three SSL library errors on attempt_connection

[tr0yspradling]

Traceback (most recent call last):
--
  | File "/var/lib/stomplib/transport.py", line 773, in attempt_connection
  | self.socket = tls_context.wrap_socket(self.socket, server_hostname=host_and_port[0])
  | File "/opt/rh/python27/root/usr/lib64/python2.7/ssl.py", line 369, in wrap_socket
  | _context=self)
  | File "/opt/rh/python27/root/usr/lib64/python2.7/ssl.py", line 619, in __init__
  | self.do_handshake()
  | File "/opt/rh/python27/root/usr/lib64/python2.7/ssl.py", line 848, in do_handshake
  | self._sslobj.do_handshake()
  | SSLError: [SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:727)
  | ERROR:stomp.py:[SSL: EXCESSIVE_MESSAGE_SIZE] excessive message size (_ssl.c:727)

Traceback (most recent call last):
--
  | File "/var/lib/stomplib/transport.py", line 773, in attempt_connection
  | self.socket = tls_context.wrap_socket(self.socket, server_hostname=host_and_port[0])
  | File "/opt/rh/python27/root/usr/lib64/python2.7/ssl.py", line 369, in wrap_socket
  | _context=self)
  | File "/opt/rh/python27/root/usr/lib64/python2.7/ssl.py", line 619, in __init__
  | self.do_handshake()
  | File "/opt/rh/python27/root/usr/lib64/python2.7/ssl.py", line 848, in do_handshake
  | self._sslobj.do_handshake()
  | SSLError: [SSL: SSLV3_ALERT_UNEXPECTED_MESSAGE] sslv3 alert unexpected message (_ssl.c:727)

Traceback (most recent call last):
--
  | File "/var/lib/stomplib/transport.py", line 773, in attempt_connection
  | self.socket = tls_context.wrap_socket(self.socket, server_hostname=host_and_port[0])
  | File "/opt/rh/python27/root/usr/lib64/python2.7/ssl.py", line 369, in wrap_socket
  | _context=self)
  | File "/opt/rh/python27/root/usr/lib64/python2.7/ssl.py", line 619, in __init__
  | self.do_handshake()
  | File "/opt/rh/python27/root/usr/lib64/python2.7/ssl.py", line 848, in do_handshake
  | self._sslobj.do_handshake()
  | SSLEOFError: EOF occurred in violation of protocol (_ssl.c:727)

[tr0yspradling]

Temporary workaround was to create a new connection object and reattach a listener with on_receiver_loop_completed.

[tr0yspradling]

Changed DEFAULT_SSL_VERSION from ssl.PROTOCOL_TLSv1 to ssl.PROTOCOL_TLSv2 & it seems to have resolved the problem (I THINK). Doing more testing to make sure this is the case.

Only issue now is gunicorn is having issues sometimes & I'm getting worker timeouts. I had 4 container restarts when deploying to kubernetes but it eventually worked itself out. Possibly hung connection attempt?

[tr0yspradling]

Now that I think about it, that wouldn't be the issue because stomp.py spins off another thread to do the connecting. So gunicorn wouldn't be waiting for the connection... I think.

[tr0yspradling]

Nevermind. I thought it was resolved because the listener was running for nearly 10x longer than normal, then started disconnecting because of SSL errors & heartbeat timeouts.

[tr0yspradling]

@pallavg This seems to be a separate issue, could you open a new issue to track this?

[tr0yspradling]

Also in regards to the SSL problems, I believe this is an issue with gunicorn having multiple workers/threads running. I added some randomized sleep timers to connect, subscribe, ack/nack responses & it seems to have "resolved" the SSL errors.

Not entirely sure if this is a problem on the client locally, or on the activemq umb.

[tr0yspradling]

Seeing a new issue causing random disconnects now though: #329

[jasonrbriggs]

Do you get the same issue with Python3? Unlikely to be the issue, but since stomp.py is no longer supporting py2.x would be interested to know if this is still an issue with Py3.

[tr0yspradling]

I originally had the last version available for python2 but I cloned the repo & backported all the changes from master. I had seen some older issues on github about the disconnects & reconnects so I figured there were some other updates that I may not be aware of.