1394827 – ctx.load_verify_locations() fails with raise exception_type(errors)

Bug 1394827 - ctx.load_verify_locations() fails with raise exception_type(errors)

Summary: ctx.load_verify_locations() fails with raise exception_type(errors)

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	python3
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	medium
Target Milestone:	---
Assignee:	Charalampos Stratakis
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-11-14 14:14 UTC by Igor Gnatenko
Modified:	2018-04-11 09:52 UTC (History)
CC List:	12 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-12-21 13:26:35 UTC
Type:	Bug
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Igor Gnatenko 2016-11-14 14:14:29 UTC

$ koji hello
Traceback (most recent call last):
  File "/usr/bin/koji", line 7036, in <module>
    rv = locals()[command].__call__(options, session, args)
  File "/usr/bin/koji", line 6811, in handle_moshimoshi
    activate_session(session)
  File "/usr/bin/koji", line 6989, in activate_session
    session.ssl_login(options.cert, None, options.serverca, proxyuser=options.runas)
  File "/usr/lib/python2.7/site-packages/koji/__init__.py", line 1920, in ssl_login
    ctx = ssl.SSLCommon.CreateSSLContext(certs)
  File "/usr/lib/python2.7/site-packages/koji/ssl/SSLCommon.py", line 79, in CreateSSLContext
    ctx.load_verify_locations(peer_ca_cert)
  File "/usr/lib/python2.7/site-packages/OpenSSL/SSL.py", line 525, in load_verify_locations
    _raise_current_error()
  File "/usr/lib/python2.7/site-packages/OpenSSL/_util.py", line 48, in exception_from_error_queue
    raise exception_type(errors)
OpenSSL.SSL.Error: []


[brain@brain python-serpy]$ rpm -q python2-pyOpenSSL python2-cryptography openssl
python2-pyOpenSSL-16.2.0-1.fc26.noarch
python2-cryptography-1.5.3-3.fc26.x86_64
openssl-1.1.0c-1.fc26.x86_64

Comment 1 Igor Gnatenko 2016-11-16 08:03:02 UTC

https://bugs.python.org/issue28689

Comment 2 Tomas Mraz 2016-11-16 08:11:01 UTC

Hmm do you really think it is a duplicate of the issue28689?

If you revert openssl to 1.1.0b does it still happen? If so then it is not a duplicate.

Comment 3 Charalampos Stratakis 2016-11-16 09:44:29 UTC


The python issue should be fixed by this commit/pullrequest [0], and most possibly it should fix the rest of the issues that appeared due to openssl-1.1.0c-1.fc26.x86_64

[0] https://github.com/openssl/openssl/pull/1931

Comment 4 Tomas Mraz 2016-12-21 08:04:32 UTC

Is this still problem with current rawhide? If not, please close.

Note You need to log in before you can comment on or make changes to this bug.