Opened at 2013-06-16T16:51:45Z
Closed at 2014-10-08T12:03:24Z
#2005 closed defect (fixed)
'from OpenSSL import crypto' gives undefined symbol: SSLv2_method
| Reported by: | daira | Owned by: | daira |
|---|---|---|---|
| Priority: | normal | Milestone: | 1.10.1 |
| Component: | packaging | Version: | 1.10.0 |
| Keywords: | pyOpenSSL openitp-packaging eggs | Cc: | srl@…, srl@… |
| Launchpad Bug: |
Description
AF saw the following problem while trying to run Tahoe-LAFS:
- found that openssl has a different error here:
# PYTHONPATH=support/lib/python2.7/site-packages/ python -c 'from OpenSSL import cry pto' Traceback (most recent call last): File "<string>", line 1, in <module> File "/root/allmydata-tahoe-1.10.0/support/lib/python2.7/site-packages/pyOpenSSL-0.12-py2.7-linux-x86_64.egg/OpenSSL/__init__.py", line 41, in <module> from OpenSSL import rand, SSL ImportError: /root/allmydata-tahoe-1.10.0/support/lib/python2.7/site-packages/pyOpenSSL-0.12-py2.7-linux-x86_64.egg/OpenSSL/SSL.so: undefined symbol: SSLv2_method - found a mailing list post saying:
The latest version is 0.13. You can get it on PyPI here http://pypi.python.org/pypi/pyOpenSSL SSLv2 is no longer supported in OpenSSL, and version 0.13 no longer expects it.
We should update the dependency to pyOpenSSL >= 0.13. Note that I'm assuming that we no longer need to support platforms with very old versions of OpenSSL (see #1637).
Change History (13)
comment:1 follow-up: ↓ 3 Changed at 2013-07-23T16:49:54Z by srl
- Cc srl@… added
comment:2 Changed at 2013-07-23T19:43:44Z by srl
- Cc srl@… added
comment:3 in reply to: ↑ 1 Changed at 2013-08-08T21:12:16Z by leif
To clarify comment #1: running python setup.py build on Debian 7.1 works if the python-openssl package is already installed, but if you happened to run python setup.py build before python-openssl was installed you'll need to rm -r tahoe-lafs/support/lib/python2.7/site-packages/pyOpenSSL-0.12-* to be able to use Debian's version.
comment:4 Changed at 2013-08-08T21:20:18Z by daira
- Keywords eggs added
Blocked on updating the pyOpenSSL eggs on tahoe-lafs.org.
comment:5 Changed at 2013-08-31T23:26:39Z by daira
- Milestone changed from soon to 1.11.0
https://tahoe-lafs.org/source/tahoe-lafs/deps/tahoe-lafs-dep-eggs/pyOpenSSL-0.13-py2.7-linux-x86_64.egg was built incorrectly and also had this problem; now that is fixed (but other copies of the egg might be broken).
comment:6 Changed at 2013-09-02T20:06:19Z by daira
- Summary changed from update pyOpenSSL dependency to >= 0.13 to 'from OpenSSL import crypto' gives undefined symbol: SSLv2_method
comment:7 Changed at 2014-09-02T17:54:28Z by warner
Two requirements for this one:
- update _auto_deps.py to pyOpenSSL >= 0.13
- make sure we publish eggs for 0.13
comment:8 Changed at 2014-09-02T17:54:52Z by warner
- Owner set to daira
comment:9 Changed at 2014-09-02T21:05:55Z by daira
Actually we should publish eggs for 0.13.1, which was the last version of pyOpenSSL before the switch to using cryptography and cffi. (We should make sure they are using the latest embedded OpenSSL to avoid recent OpenSSL security bugs.)
comment:10 Changed at 2014-09-07T17:12:29Z by daira
- Keywords openitp-packaging added; packaging removed
comment:11 Changed at 2014-09-25T16:10:11Z by daira
- Status changed from new to assigned
comment:12 Changed at 2014-10-08T11:45:57Z by Daira Hopwood <daira@…>
comment:13 Changed at 2014-10-08T12:03:24Z by daira
- Resolution set to fixed
- Status changed from assigned to closed
Also (if that isn't implied) please update the SUMO version to pyOpenSSL 0.13 also. Debian 7.1 system couldn't install from the SUMO package, until I realized that I could just install the OS pyOpenSSL which was 0.13.