python-cryptography fails to build with Python 3.13 in Fedora Rawhide (41) on i686. Build failure: _______________________ TestFixedPool.test_thread_stress _______________________ self = <tests.test_rust_utils.TestFixedPool object at 0xf5db5a08> def test_thread_stress(self): def create(): return None pool = FixedPool(create) def thread_fn(): with pool.acquire(): pass threads = [] for i in range(1024): t = threading.Thread(target=thread_fn) > t.start() tests/test_rust_utils.py:59: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = <Thread(Thread-501 (thread_fn), stopped)> def start(self): """Start the thread's activity. It must be called at most once per thread object. It arranges for the object's run() method to be invoked in a separate thread of control. This method will raise a RuntimeError if called more than once on the same thread object. """ if not self._initialized: raise RuntimeError("thread.__init__() not called") if self._started.is_set(): raise RuntimeError("threads can only be started once") with _active_limbo_lock: _limbo[self] = self try: # Start joinable thread > _start_joinable_thread(self._bootstrap, handle=self._handle, daemon=self.daemon) E RuntimeError: can't start new thread /usr/lib/python3.13/threading.py:971: RuntimeError _______________________ TestScrypt.test_derive[params2] ________________________ self = <tests.hazmat.primitives.test_scrypt.TestScrypt object at 0xf576e228> backend = <OpenSSLBackend(version: OpenSSL 3.2.2 4 Jun 2024, FIPS: False, Legacy: True)> params = {'derived_key': b'7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887', 'length': b'64', 'n': b'16384', 'p': b'1', ...} @pytest.mark.parametrize("params", vectors) def test_derive(self, backend, params): _skip_if_memory_limited(_MEM_LIMIT, params) password = params["password"] work_factor = int(params["n"]) block_size = int(params["r"]) parallelization_factor = int(params["p"]) length = int(params["length"]) salt = params["salt"] derived_key = params["derived_key"] scrypt = Scrypt( salt, length, work_factor, block_size, parallelization_factor, backend, ) > assert binascii.hexlify(scrypt.derive(password)) == derived_key tests/hazmat/primitives/test_scrypt.py:80: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = <cryptography.hazmat.primitives.kdf.scrypt.Scrypt object at 0xf52eddf8> key_material = b'pleaseletmein' def derive(self, key_material: bytes) -> bytes: if self._used: raise AlreadyFinalized("Scrypt instances can only be used once.") self._used = True utils._check_byteslike("key_material", key_material) > return rust_openssl.kdf.derive_scrypt( key_material, self._salt, self._n, self._r, self._p, _MEM_LIMIT, self._length, ) E MemoryError: Not enough memory to derive key. These parameters require 16MB of memory. ../BUILDROOT/usr/lib/python3.13/site-packages/cryptography/hazmat/primitives/kdf/scrypt.py:67: MemoryError _______________________ TestScrypt.test_verify[params2] ________________________ self = <tests.hazmat.primitives.test_scrypt.TestScrypt object at 0xf5778030> backend = <OpenSSLBackend(version: OpenSSL 3.2.2 4 Jun 2024, FIPS: False, Legacy: True)> params = {'derived_key': b'7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887', 'length': b'64', 'n': b'16384', 'p': b'1', ...} @pytest.mark.parametrize("params", vectors) def test_verify(self, backend, params): _skip_if_memory_limited(_MEM_LIMIT, params) password = params["password"] work_factor = int(params["n"]) block_size = int(params["r"]) parallelization_factor = int(params["p"]) length = int(params["length"]) salt = params["salt"] derived_key = params["derived_key"] scrypt = Scrypt( salt, length, work_factor, block_size, parallelization_factor, backend, ) > scrypt.verify(password, binascii.unhexlify(derived_key)) tests/hazmat/primitives/test_scrypt.py:177: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/cryptography/hazmat/primitives/kdf/scrypt.py:78: in verify derived_key = self.derive(key_material) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = <cryptography.hazmat.primitives.kdf.scrypt.Scrypt object at 0xf5565250> key_material = b'pleaseletmein' def derive(self, key_material: bytes) -> bytes: if self._used: raise AlreadyFinalized("Scrypt instances can only be used once.") self._used = True utils._check_byteslike("key_material", key_material) > return rust_openssl.kdf.derive_scrypt( key_material, self._salt, self._n, self._r, self._p, _MEM_LIMIT, self._length, ) E MemoryError: Not enough memory to derive key. These parameters require 16MB of memory. ../BUILDROOT/usr/lib/python3.13/site-packages/cryptography/hazmat/primitives/kdf/scrypt.py:67: MemoryError Let us know here if you have any questions. Python 3.13 is planned to be included in Fedora 41.
Will you be able to work on this?
With Christian's update to 42.0.5 (which I bumped to 42.0.8) it works okay. I'll chase the last dependency that wants < 42 and then update.
FEDORA-2024-f62eda62b5 (python-cryptography-43.0.0-2.fc41, rust-asn1-0.16.2-1.fc41, and 1 more) has been submitted as an update to Fedora 41. https://bodhi.fedoraproject.org/updates/FEDORA-2024-f62eda62b5
FEDORA-2024-42d8c5bd2d (freeipa-4.12.1-3.fc42, pyOpenSSL-24.2.1-1.fc42, and 4 more) has been submitted as an update to Fedora 42. https://bodhi.fedoraproject.org/updates/FEDORA-2024-42d8c5bd2d
FEDORA-2024-42d8c5bd2d (freeipa-4.12.1-3.fc42, pyOpenSSL-24.2.1-1.fc42, and 4 more) has been pushed to the Fedora 42 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2024-f62eda62b5 (freeipa-4.12.1-2.fc41, pyOpenSSL-24.2.1-1.fc41, and 3 more) has been pushed to the Fedora 41 stable repository. If problem still persists, please make note of it in this bug report.