Bug 1334409 - The 0.13 update had an API change that breaks pyOpenSSL
Summary: The 0.13 update had an API change that breaks pyOpenSSL
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: pyOpenSSL
Version: 24
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 1334410 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-05-09 14:29 UTC by James Hogarth
Modified: 2018-04-11 14:03 UTC (History)
9 users (show)

Fixed In Version: pyOpenSSL-16.0.0-1.fc24
Clone Of:
Environment:
Last Closed: 2016-05-14 23:28:19 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1334410 0 unspecified CLOSED update to python-cryptography breaks pyOpenSSL attempt to get key type 2021-02-22 00:41:40 UTC

Internal Links: 1334410

Description James Hogarth 2016-05-09 14:29:20 UTC 
Description of problem:
0.13 was recently built for F24 and rawhide.

This is breaking pyOpenSSL due to a way in which the key is read:
https://github.com/pyca/cryptography/issues/2837

Can you please unpush form rawhide/f24 until the pyOpenSSL update is in place.

Version-Release number of selected component (if applicable):
1.3.1-1.fc25 and 1.3.1-1.fc24

How reproducible:
Always (upstream bug)



Steps to Reproduce:
1. Attempt to access a key type in pyOpenSSL

Actual results:
======================================================================
ERROR: test_valid_true (certbot.tests.crypto_util_test.ValidPrivkeyTest)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/builddir/build/BUILD/certbot-38d7503f0f27686997ece77a25834f6387f47e47/certbot/tests/crypto_util_test.py", line 162, in test_valid_true
    self.assertTrue(self._call(RSA256_KEY))
  File "/builddir/build/BUILD/certbot-38d7503f0f27686997ece77a25834f6387f47e47/certbot/tests/crypto_util_test.py", line 159, in _call
    return valid_privkey(privkey)
  File "/builddir/build/BUILD/certbot-38d7503f0f27686997ece77a25834f6387f47e47/certbot/crypto_util.py", line 200, in valid_privkey
    OpenSSL.crypto.FILETYPE_PEM, privkey).check()
  File "/usr/lib/python2.7/site-packages/OpenSSL/crypto.py", line 243, in check
    if _lib.EVP_PKEY_type(self._pkey.type) != _lib.EVP_PKEY_RSA:
AttributeError: '_cffi_backend.CDataGCP' object has no attribute 'type'


Expected results:
Acquire key type

Additional info:
Upstream python-cryptography issue: https://github.com/pyca/cryptography/issues/2837
Upstream pyOpenSSL issue: https://github.com/pyca/pyopenssl/issues/407
Comment 1 Matěj Cepl 2016-05-09 14:36:16 UTC 
From the upstream bug (https://github.com/pyca/cryptography/issues/2837#issuecomment-198688885):

16.0.0 is now out so the solution is to upgrade. Thanks for the report!

https://github.com/pyca/pyopenssl/releases/tag/16.0.0
Comment 2 James Hogarth 2016-05-09 14:41:20 UTC 
*** Bug 1334410 has been marked as a duplicate of this bug. ***
Comment 3 Fedora Update System 2016-05-10 12:39:11 UTC 
pyOpenSSL-16.0.0-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-26cc377f05
Comment 4 Fedora Update System 2016-05-12 09:43:18 UTC 
pyOpenSSL-16.0.0-1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-26cc377f05
Comment 5 Fedora Update System 2016-05-14 23:28:16 UTC 
pyOpenSSL-16.0.0-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.