On Fri, Feb 28, 2020 at 5:39 PM Willem Jan Withagen <wjw@xxxxxxxxxxx> wrote:
>
>
> Hi,
>
> I'm the first to acknowledge that I do not know enough of python.
> But still I can get by most of the times.
>
> However during the tests of my Ceph port one of the tests complains:
> ==============
>
> orchestrator/_interface.py:701: ImportError
> ------------------------------ Captured log call -------------------------------
> ERROR orchestrator._interface:_interface.py:391 _Promise failed
> Traceback (most recent call last):
> File "/home/jenkins/workspace/ceph-master/src/pybind/mgr/cephadm/module.py", line 334, in do_work
> res = self._on_complete_(*args, **kwargs)
> File "/home/jenkins/workspace/ceph-master/src/pybind/mgr/cephadm/module.py", line 398, in call_self
> return f(self, *inner_args)
> File "/home/jenkins/workspace/ceph-master/src/pybind/mgr/cephadm/module.py", line 2352, in _create_grafana
> return self._create_daemon('grafana', daemon_id, host)
> File "/home/jenkins/workspace/ceph-master/src/pybind/mgr/cephadm/module.py", line 1874, in _create_daemon
> j = self._generate_grafana_config()
> File "/home/jenkins/workspace/ceph-master/src/pybind/mgr/cephadm/module.py", line 2288, in _generate_grafana_config
> cert, pkey = create_self_signed_cert('Ceph', 'cephadm')
> File "/home/jenkins/workspace/ceph-master/src/pybind/mgr/mgr_util.py", line 134, in create_self_signed_cert
> from OpenSSL import crypto
> File "/home/jenkins/workspace/ceph-master/src/pybind/mgr/.tox/py3/lib/python3.7/site-packages/OpenSSL/__init__.py", line 8, in <module>
> from OpenSSL import crypto, SSL
> File "/home/jenkins/workspace/ceph-master/src/pybind/mgr/.tox/py3/lib/python3.7/site-packages/OpenSSL/crypto.py", line 15, in <module>
> from OpenSSL._util import (
> File "/home/jenkins/workspace/ceph-master/src/pybind/mgr/.tox/py3/lib/python3.7/site-packages/OpenSSL/_util.py", line 6, in <module>
> from cryptography.hazmat.bindings.openssl.binding import Binding
> File "/home/jenkins/workspace/ceph-master/src/pybind/mgr/.tox/py3/lib/python3.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 15, in <module>
> from cryptography.hazmat.bindings._openssl import ffi, lib
> ImportError: /home/jenkins/workspace/ceph-master/src/pybind/mgr/.tox/py3/lib/python3.7/site-packages/cryptography/hazmat/bindings/_openssl.abi3.so: Undefined symbol "SSLv3_client_method"
>
> ==============
>
> This is due to the fact that on FreeBSD openSSL has its SSLv3 code disabled.
if that's the case, OPENSSL_NO_SSL3_METHOD should be defined, and
hence cryptography should have this symbol defined, see
https://github.com/pyca/cryptography/blob/7247665f76cf849fb5b3020a28cfc86c400374cc/src/_cffi_src/openssl/ssl.py#L635
.
could you check /usr/local/include/openssl/opensslfeatures.h on your build host?
> Now this is fixable on an individual basis, by recompiling the openSSL port with SSLv3 enabled.
> But for a generic port that is not really an option. The user than has to jump thru loops to build
> its own openSSL, and even then he/she needs to keep up with security isssues. One should not want this.
>
> The problem stems from virtualenv/tox fetching from public sources, instead of using the ports system.
> This can be overruled by: --system-site-packages.
> I know that I'll need to load all packages before running virtualenv/tox, but that is "just" a matter of
> collecting the list.
>
> but I'm wondering if this is a feasable solution?
>
> --WjW
>
> _______________________________________________
> Dev mailing list -- dev@xxxxxxx
> To unsubscribe send an email to dev-leave@xxxxxxx
--
Regards
Kefu Chai
_______________________________________________
Dev mailing list -- dev@xxxxxxx
To unsubscribe send an email to dev-leave@xxxxxxx
