cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

ActiveGate plugin openssl md4 issue

emmanuel_collin
Participant

Hi,

 

i'm currently working on an activegate plugin which uses the exchangelib python library to comunicate with an ms-exchange server.
The plugin works fine when using oneagent_simulate_plugin but we are facing an issue when it is deployed in Dynatrace SAAS.

The error raised by the library is "ValueError: unsupported hash type md4"

It could be an issue with OpenSSL when MD4 is disabled.

Do you see any reason why the plugin works fine when using oneagent_simulate_plugin and not when it is deployed in the SAAS ? Does the remoteplugin agent brings its own version of openssl ?

Thx a lot

Emmanuel

 

 

5 REPLIES 5

emmanuel_collin
Participant

My understanding is that the remotepluginagent disables weak hash algorithm such as MD4. This is confirm by calling this python code : print(hashlib.algorithms_available)
It displays available suported hash. The output is {'blake2s', 'sha3_224', 'sha224', 'md5', 'sha3_512', 'blake2b', 'sha512', 'sha3_256', 'shake_128', 'shake_256', 'sha384', 'sha256', 'sha1', 'sha3_384'}
md4 is missing.

Am i correct ?

Any way to enable MD4 ?

Thanks a lot

Emmanuel



Jakub_Mierzewsk
Inactive

Hi Emmanuel, you are right Remote plugin modul brings its own version of openssl . We are checking two alternatives. Enabling MD4 or forcing plugin to use external SSL lib.


thx for your confirmation.

No possible workaround to re-enable md4 before you update the plugin module ?

Can you take into account the different behavior between the plugin simulator and the remote plugin module ? It is a very big drawback when you can't use a test env for Dynatrace. Some issues cannot be found before going to production.


Jakub_Mierzewsk
Inactive

MD4 is an obsolete hash function that computes a 128-bit message digest we will not enable it in remote plugin module. Our recommendation is to use Microsoft Exchange client which doesn't use MD4. In version 180 we are going to start work on setting environment variables via files which could help in pointing Python to your OpenSSL lib.

Yes simulator should catch this error we will check it.
Before going to production is always useful to upload plugin to test tenant (if you have one;)


Hi Jakub,


anything new here? I have the same problem and need to enable md4


Regards

Olivier