[Bug 1021578] New: Bug in the version of PyOpenSSL installed in OpenSUSE LEAP 42.2.
http://bugzilla.opensuse.org/show_bug.cgi?id=1021578 Bug ID: 1021578 Summary: Bug in the version of PyOpenSSL installed in OpenSUSE LEAP 42.2. Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.2 Hardware: Other OS: openSUSE 42.2 Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: bnc-team-screening@forge.provo.novell.com Reporter: stuart.knock@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0 Build Identifier: There is an issue with the version of PyOpenSSL installed in OpenSUSE LEAP 42.2 The issue is known and fixed upstream. It was introduced and patched over a period of a few months last year. Unfortunately, the version in 42.2 is from that few month period. Relevant links to issues, and the pull request that was the main fix are below. The bug results in log spam (to the point of filling hard-drives) and seg-faults in applications that make use of these libraries in a certain way. The example I encountered is that Kodi's add-on system is completely broken for LEAP 42.2 as a result of this bug. Would it be possible to get either updated versions of PyOpenSSL (and possibly the cryptography package as well, see issue links below) made available or patches applied to fix the bug for LEAP 42.2? #Log spam issue https://github.com/pyca/pyopenssl/issues/551 #Issues caused on interaction with the python cryptography package https://github.com/pyca/pyopenssl/issues/520 https://github.com/pyca/cryptography/issues/2913 https://github.com/pyca/cryptography/issues/2299 #Kodi Plugin system doesn't work: https://github.com/pyca/pyopenssl/issues/542 https://github.com/Kolifanes/plugin.video.youtube/issues/60 http://trac.kodi.tv/ticket/16914 #The pyOpenSSL fix https://github.com/pyca/pyopenssl/pull/552 https://github.com/pyca/pyopenssl/pull/552/commits/a84a52ceeb8deb602515ebf76... Reproducible: Always Steps to Reproduce: 1.Install OpenSUSE 42.2 2.Add Packman repo 3.Install kodi 4.Try to use/install Kodi add-ons (eg youtube add-on) Actual Results: Results vary depending on add-on involved. The two main forms are seg-fault that causes Kodi to crash, or the logs are spammed with thousands of messages per second of the form: Jan 23 15:31:45 borg kodi.desktop[2458]: extern "Python": function Cryptography_rand_bytes() called, but @ffi.def_extern() was not called in the current subinterpreter. Returning 0. Jan 23 15:31:45 borg kodi.desktop[2458]: extern "Python": function Cryptography_rand_status() called, but @ffi.def_extern() was not called in the current subinterpreter. Returning 0. Jan 23 15:31:45 borg kodi.desktop[2458]: extern "Python": function Cryptography_rand_bytes() called, but @ffi.def_extern() was not called in the current subinterpreter. Returning 0. Jan 23 15:31:45 borg kodi.desktop[2458]: extern "Python": function Cryptography_rand_status() called, but @ffi.def_extern() was not called in the current subinterpreter. Returning 0. Jan 23 15:31:45 borg kodi.desktop[2458]: extern "Python": function Cryptography_rand_bytes() called, but @ffi.def_extern() was not called in the current subinterpreter. Returning 0. Jan 23 15:31:45 borg kodi.desktop[2458]: extern "Python": function Cryptography_rand_status() called, but @ffi.def_extern() was not called in the current subinterpreter. Returning 0. Expected Results: No seg-faults. No log-spam. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1021578
http://bugzilla.opensuse.org/show_bug.cgi?id=1021578#c1
Ailin Nemui
http://bugzilla.opensuse.org/show_bug.cgi?id=1021578
Stuart Knock
http://bugzilla.opensuse.org/show_bug.cgi?id=1021578
Stuart Knock
http://bugzilla.opensuse.org/show_bug.cgi?id=1021578
Jan Matejek
http://bugzilla.opensuse.org/show_bug.cgi?id=1021578
Petr Gajdos
http://bugzilla.opensuse.org/show_bug.cgi?id=1021578
http://bugzilla.opensuse.org/show_bug.cgi?id=1021578#c2
Matej Cepl
#Log spam issue https://github.com/pyca/pyopenssl/issues/551
https://github.com/pyca/pyopenssl/issues/520#issuecomment-423590604 I would say that it is NOTABUG. Also, don't use random numbers from third party package, random module in standard library provides exactly the same stuff.
#Issues caused on interaction with the python cryptography package https://github.com/pyca/pyopenssl/issues/520
Applying patch from https://github.com/pyca/pyopenssl/commit/a84a52ceeb8deb602515ebf76d3de3ec0e2...
Not sure, what you expect from me to do here, because upstream apparently won't do anything, just wait on the upgrade of OpenSSL, which I don't believe we plan to do for SLE 12 (and Leap 42).
But this has been closed as WONTFIX upstream, hasn't it? The only real patch I see there is https://github.com/pyca/cryptography/pull/3229 and that is quite large and I certainly won't allow such large change to SLE.
#Kodi Plugin system doesn't work: https://github.com/pyca/pyopenssl/issues/542
Again, there is no other proposed solution than wholesale upgrade of python-cryptography. See above. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1021578
http://bugzilla.opensuse.org/show_bug.cgi?id=1021578#c3
--- Comment #3 from Matej Cepl
http://bugzilla.opensuse.org/show_bug.cgi?id=1021578
Matej Cepl
participants (1)
-
bugzilla_noreply@novell.com