Opened 2 years ago
Closed 2 years ago
#63905 closed defect (fixed)
py38-cryptography problem with default_backend
| Reported by: | aaronm6 | Owned by: | stromnov (Andrey Stromnov) |
|---|---|---|---|
| Priority: | Normal | Milestone: | |
| Component: | ports | Version: | 2.7.1 |
| Keywords: | pyca cryptography | Cc: | mascguy (Christopher Nielsen), reneeotten (Renee Otten), cjones051073 (Chris Jones) |
| Port: | py38-cryptography |
Description
I recently upgraded to py38-cryptography @35.0.0_1. default_backend from cryptography.hazmat.backends now gives an error when called. Any encryption/decryption which requires this method now crashes. Here is the error:
>>> from cryptography.hazmat.backends import default_backend
>>> default_backend()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/opt/local/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/cryptography/hazmat/backends/__init__.py", line 16, in default_backend
from cryptography.hazmat.backends.openssl.backend import backend
File "/opt/local/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/__init__.py", line 6, in <module>
from cryptography.hazmat.backends.openssl.backend import backend
File "/opt/local/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 82, in <module>
from cryptography.hazmat.bindings.openssl import binding
File "/opt/local/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 14, in <module>
from cryptography.hazmat.bindings._openssl import ffi, lib
ImportError: dlopen(/opt/local/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/cryptography/hazmat/bindings/_openssl.abi3.so, 2): Symbol not found: _ERR_new
Referenced from: /opt/local/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/cryptography/hazmat/bindings/_openssl.abi3.so
Expected in: flat namespace
in /opt/local/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/cryptography/hazmat/bindings/_openssl.abi3.so
Change History (5)
comment:1 Changed 2 years ago by mascguy (Christopher Nielsen)
| Cc: | mascguy reneeotten cjones051073 added |
|---|
comment:2 Changed 2 years ago by mascguy (Christopher Nielsen)
| Owner: | set to stromnov |
|---|---|
| Status: | new → assigned |
comment:3 Changed 2 years ago by aaronm6
Dependencies of py38-cryptography which got upgraded on my system at the same time as it are:
openssl @3_1 openssl3 @3.0.0_5+legacy py38-setuptools @58.5.3_0 python38 @3.8.12_3+optimizations cargo @0.57.0_3
Though openssl at the bash command line to do aes en(de)cryption works fine, as before. Please let me know if there's any additional information I can provide which might help diagnose the issue. Thanks!
comment:4 Changed 2 years ago by cjones051073 (Chris Jones)
Looks like the rust build needs to also roll back to openssl 1.1
https://github.com/macports/macports-ports/commit/2fcca2001454305d0ed8b12c8d3a62ce42f00193
Oberon ~/Projects/MacPorts/ports > python3.8 Python 3.8.12 (default, Nov 10 2021, 05:25:30) [Clang 13.0.0 (clang-1300.0.29.3)] on darwin Type "help", "copyright", "credits" or "license" for more information. >>> from cryptography.hazmat.backends import default_backend >>> default_backend() <OpenSSLBackend(version: OpenSSL 1.1.1l 24 Aug 2021, FIPS: False)>
I don't know though if this is intrinsic to this particular port, or a consequence of the pythonX ports themselves being rolled back to 1.1....
comment:5 Changed 2 years ago by cjones051073 (Chris Jones)
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Looks like it could be related to our OpenSSL migration.
@reneeotten and @cjones, thoughts on this?