Bug 2222805
| Summary: | salt fails to import with Python 3.12 in Fedora 39 | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Maxwell G <maxwell> |
| Component: | salt | Assignee: | Kirill Ponomarev <kp> |
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | rawhide | CC: | david-dm.murphy, derek, gwync, kp, mhroncok, rcallicotte |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-07-24 17:34:32 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2223440 | ||
| Bug Blocks: | 2135404, 2220461 | ||
I suppose the code in salt assumes that we are at an old Python version when ssl.match_hostname cannot be imported. This observation is consistent with how the requirement is specified in https://github.com/saltstack/salt/blob/v3006.1/requirements/static/pkg/linux.in#L4 backports.ssl_match_hostname>=3.7.0.1; python_version < '3.7' salt upstream needs to be fixed to either bring this dependency in also on Python 3.12+ (however, as said in bz2223440: backports.ssl_match_hostname is dead upstream -- it's a backport of Python 3.5 code for older Pythons -- I strongly advise against reanimating the package) or using e.g. the urllib3.util.ssl_match_hostname from the actively maintained urllib3 package, which is transitively required by salt anyway (trough requests). I've created a patch to use urllib3.util.ssl_match_hostname. It works, but I'm not sending it upstream, as the nect release will be dropping the bundled tornado code. |
Description of problem: salt is completely broken with Python 3.12. It fails to import due to `ssl.match_hostname` being removed from Python 3.12 and the backport package not being Required. This is breaking python-pytest-testinfra's test suite. The salt package should be running some sort of tests or impact check to catch these issues. Version-Release number of selected component (if applicable): salt-3006.1-3.fc39.noarch How reproducible: Always Steps to Reproduce: 1. python3 -c 'import salt.client' Actual results: Traceback (most recent call last): File "<string>", line 1, in <module> File "/usr/lib/python3.12/site-packages/salt/client/__init__.py", line 28, in <module> import salt.cache File "/usr/lib/python3.12/site-packages/salt/cache/__init__.py", line 12, in <module> import salt.loader File "/usr/lib/python3.12/site-packages/salt/loader/__init__.py", line 23, in <module> import salt.utils.event File "/usr/lib/python3.12/site-packages/salt/utils/event.py", line 67, in <module> import salt.ext.tornado.iostream File "/usr/lib/python3.12/site-packages/salt/ext/tornado/iostream.py", line 41, in <module> from salt.ext.tornado.netutil import ssl_wrap_socket, ssl_match_hostname, SSLCertificateError, _client_ssl_defaults, _server_ssl_defaults File "/usr/lib/python3.12/site-packages/salt/ext/tornado/netutil.py", line 57, in <module> import backports.ssl_match_hostname ModuleNotFoundError: No module named 'backports' [ERROR ] An un-handled exception was caught by Salt's global exception handler: ModuleNotFoundError: No module named 'backports' Traceback (most recent call last): File "<string>", line 1, in <module> File "/usr/lib/python3.12/site-packages/salt/client/__init__.py", line 28, in <module> import salt.cache File "/usr/lib/python3.12/site-packages/salt/cache/__init__.py", line 12, in <module> import salt.loader File "/usr/lib/python3.12/site-packages/salt/loader/__init__.py", line 23, in <module> import salt.utils.event File "/usr/lib/python3.12/site-packages/salt/utils/event.py", line 67, in <module> import salt.ext.tornado.iostream File "/usr/lib/python3.12/site-packages/salt/ext/tornado/iostream.py", line 41, in <module> from salt.ext.tornado.netutil import ssl_wrap_socket, ssl_match_hostname, SSLCertificateError, _client_ssl_defaults, _server_ssl_defaults File "/usr/lib/python3.12/site-packages/salt/ext/tornado/netutil.py", line 57, in <module> import backports.ssl_match_hostname Expected results: python successfully imports the package.