RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1896494 - FTBFS: python2 selftests [rhel-7.9.z]
Summary: FTBFS: python2 selftests [rhel-7.9.z]
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: python
Version: 7.9
Hardware: All
OS: Linux
low
unspecified
Target Milestone: rc
: ---
Assignee: Charalampos Stratakis
QA Contact: Lukáš Zachar
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-11-10 17:41 UTC by Pat Riehecky
Modified: 2022-06-28 09:54 UTC (History)
6 users (show)

Fixed In Version: python-2.7.5-91.el7_9
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-06-28 09:53:34 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
patch to fix (84.79 KB, patch)
2020-11-11 01:18 UTC, Pat Riehecky 		no flags Details | Diff
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2022:5235 0 None None None 2022-06-28 09:54:00 UTC

Description Pat Riehecky 2020-11-10 17:41:12 UTC 
Description of problem:

A rebuild of source rpm fails.  Looks like '00220-pep466-allow-passing-ssl-urrlib-httplib.patch' needs to be adjusted.

Version-Release number of selected component (if applicable):python-2.7.5-90.el7


How reproducible: 100%


Steps to Reproduce:
1. try simple rebuild in mock
2.
3.

Actual results:

Self tests fail

3 tests failed:
    test_httplib test_ssl test_urllib2_localnet

Expected results:

Tests pass


Additional info:

https://github.com/python/cpython/blob/master/Lib/test/keycert2.pem
https://github.com/python/cpython/blob/master/Lib/test/selfsigned_pythontestdotnet.pem
Comment 2 Pat Riehecky 2020-11-10 21:38:16 UTC 
Possibly : 
https://github.com/python/cpython/commit/7b5dca8345f4a909367836a3a2c3c7ac6e4e2c0c
Comment 3 Pat Riehecky 2020-11-11 01:18:16 UTC 
Created attachment 1728201 [details]
patch to fix
Comment 4 Petr Viktorin (pviktori) 2020-11-18 13:21:04 UTC 
Thanks for reporting.
We do not plan to fix the issue in the next RHEL release, however.
Let's keep the bug open until a new build of python2 is needed.
Comment 5 Victor Stinner 2020-11-18 13:24:30 UTC 
> Possibly : https://github.com/python/cpython/commit/7b5dca8345f4a909367836a3a2c3c7ac6e4e2c0c

This change depends on an older change:
"Issue #25940: Use self-signed.pythontest.net in SSL tests"
https://github.com/python/cpython/commit/71202bb053539c58043297965557809debbd1fa0
Comment 7 Charalampos Stratakis 2021-01-15 17:14:04 UTC 
(In reply to Pat Riehecky from comment #3)
> Created attachment 1728201 [details]
> patch to fix

Which commits from upstream does this fix incorporate?
Comment 8 Pat Riehecky 2021-01-25 14:15:19 UTC 
I believe it contains:

https://github.com/python/cpython/commit/49d65958e13db03b9a4240d8bdaff1a4be69a1d7
https://github.com/python/cpython/commit/7b5dca8345f4a909367836a3a2c3c7ac6e4e2c0c
Comment 9 Charalampos Stratakis 2021-01-25 18:16:49 UTC 
After some investigation, figured out that the certificate that has expired is https://github.com/python/cpython/blob/2.7/Lib/test/keycert.pem

Our downstream backport of pep 466 ( https://github.com/python/cpython/commit/daeb925cc88cc8fed2030166ade641de28edb396 ) contains that, updated by then, cert file which expired on October 2020.

The next update of it was https://github.com/python/cpython/commit/1f34aece28d143edb94ca202e661364ca394dc8c which extended its date to 2028 and after it the cert was renewed through https://github.com/python/cpython/commit/49d65958e13db03b9a4240d8bdaff1a4be69a1d7

This can be resolved by backporting from either commits the changes to the keycert.pem and also the changes to the test_parse_cert test case from test_ssl (which basically checks for the cert's expiration date).
Comment 14 RHEL Program Management 2022-05-10 07:27:41 UTC 
After evaluating this issue, there are no plans to address it further or fix it in an upcoming release.  Therefore, it is being closed.  If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened.
Comment 15 Charalampos Stratakis 2022-05-18 00:21:02 UTC 
Re-opening as we need to rebuild python.
Comment 25 errata-xmlrpc 2022-06-28 09:53:34 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: python security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:5235
Note You need to log in before you can comment on or make changes to this bug.