Bug 1896494
| Summary: | FTBFS: python2 selftests [rhel-7.9.z] | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Pat Riehecky <riehecky> | ||||
| Component: | python | Assignee: | Charalampos Stratakis <cstratak> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Lukáš Zachar <lzachar> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | low | ||||||
| Version: | 7.9 | CC: | cstratak, kpfleming, pasik, pviktori, torsava, vstinner | ||||
| Target Milestone: | rc | Keywords: | Reopened, Triaged, ZStream | ||||
| Target Release: | --- | Flags: | pm-rhel:
mirror+
|
||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | python-2.7.5-91.el7_9 | Doc Type: | No Doc Update | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2022-06-28 09:53:34 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Created attachment 1728201 [details]
patch to fix
Thanks for reporting. We do not plan to fix the issue in the next RHEL release, however. Let's keep the bug open until a new build of python2 is needed. > Possibly : https://github.com/python/cpython/commit/7b5dca8345f4a909367836a3a2c3c7ac6e4e2c0c This change depends on an older change: "Issue #25940: Use self-signed.pythontest.net in SSL tests" https://github.com/python/cpython/commit/71202bb053539c58043297965557809debbd1fa0 (In reply to Pat Riehecky from comment #3) > Created attachment 1728201 [details] > patch to fix Which commits from upstream does this fix incorporate? I believe it contains: https://github.com/python/cpython/commit/49d65958e13db03b9a4240d8bdaff1a4be69a1d7 https://github.com/python/cpython/commit/7b5dca8345f4a909367836a3a2c3c7ac6e4e2c0c After some investigation, figured out that the certificate that has expired is https://github.com/python/cpython/blob/2.7/Lib/test/keycert.pem Our downstream backport of pep 466 ( https://github.com/python/cpython/commit/daeb925cc88cc8fed2030166ade641de28edb396 ) contains that, updated by then, cert file which expired on October 2020. The next update of it was https://github.com/python/cpython/commit/1f34aece28d143edb94ca202e661364ca394dc8c which extended its date to 2028 and after it the cert was renewed through https://github.com/python/cpython/commit/49d65958e13db03b9a4240d8bdaff1a4be69a1d7 This can be resolved by backporting from either commits the changes to the keycert.pem and also the changes to the test_parse_cert test case from test_ssl (which basically checks for the cert's expiration date). After evaluating this issue, there are no plans to address it further or fix it in an upcoming release. Therefore, it is being closed. If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened. Re-opening as we need to rebuild python. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: python security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:5235 |
Description of problem: A rebuild of source rpm fails. Looks like '00220-pep466-allow-passing-ssl-urrlib-httplib.patch' needs to be adjusted. Version-Release number of selected component (if applicable):python-2.7.5-90.el7 How reproducible: 100% Steps to Reproduce: 1. try simple rebuild in mock 2. 3. Actual results: Self tests fail 3 tests failed: test_httplib test_ssl test_urllib2_localnet Expected results: Tests pass Additional info: https://github.com/python/cpython/blob/master/Lib/test/keycert2.pem https://github.com/python/cpython/blob/master/Lib/test/selfsigned_pythontestdotnet.pem