From nobody Sat Sep 9 15:01:11 2023
X-Original-To: python@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RjblX1175z4sJYX
for <python@mlmmj.nyi.freebsd.org>; Sat, 9 Sep 2023 15:01:12 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4RjblW5dkjz3cGC
for <python@FreeBSD.org>; Sat, 9 Sep 2023 15:01:11 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1694271671; a=rsa-sha256; cv=none;
b=XAsyandwL1/y5PSA+dQz/BMsjGEfGeI5MikCkj9HpZ0oBM9ZerPXsXrzpuJIt9YhmdtakL
Os0WNWi0H5b1/tfRZQ5X9zb2tnoHIPkKlUW+QaZ33oM1koR7kB6heDze/Rg7HAub1Mk8d4
3bbKS4to+JS5k3Vgvr518PfineaLwg3tHtBlE/UN9oBOGBQYZte/ramkTV6F/EqFcEZdWe
qRRQlO5eScmw2KBhCoi1SI8GLdamfW+DPweVGT1X94X+BLFOkiRPoFXrMRcSaykkt08tWT
eDavajyAOe4IznP3J1DB2hE0bZwGZ4bj6q/5DitBahiCQ7SxMBSAWZngpIpsKg==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1694271671;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding;
bh=1zzkWQwZec9W+m7Zw3ZoNRV7SGJ1erRwfkDICtMqiEQ=;
b=g5p5J3Wkj7z+txx6LXtTMR56Lq54ltptMyfSblc0wnwf//sYR7KUFGWXFI2F5Bl4Rc83iQ
3xxjC6oPiSb7VbSEdxSl4uQi5in/15aieqW0uQspAlJPzfZ0ndNYTqL+0/Znnco+FdKD6J
+5Z2bmtxho6CSBCMx9rm+2nsqX/jlXXvoNEK7+qQ38t7m8hdp+um7SeY9PwS+kcKC4r8uB
/azqwrQxwgKM3YUMWp9O3b8I3kd9iI8zWXCt1Ah3wRTYgplWDO6AQbxaXzRH1YJy/pASvt
leYH0nFGfav5wkjfJSBRFAkUVl8LUuH8xHscTfTspTfNyWZwGuwnsnArHG3O2g==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RjblW4YHczTw7
for <python@FreeBSD.org>; Sat, 9 Sep 2023 15:01:11 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 389F1Bmb046888
for <python@FreeBSD.org>; Sat, 9 Sep 2023 15:01:11 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 389F1B9o046887
for python@FreeBSD.org; Sat, 9 Sep 2023 15:01:11 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: python@FreeBSD.org
Subject: [Bug 273656] security/py-certbot: needs export
CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1 in
${LOCALBASE}/etc/periodic/weekly/500.certbot-3.9 on systems with OpenSSL 3
Date: Sat, 09 Sep 2023 15:01:11 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Ports & Packages
X-Bugzilla-Component: Individual Port(s)
X-Bugzilla-Version: Latest
X-Bugzilla-Keywords:
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: Trond.Endrestol@ximalas.info
X-Bugzilla-Status: New
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: python@FreeBSD.org
X-Bugzilla-Flags: maintainer-feedback?
X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform
op_sys bug_status bug_severity priority component assigned_to reporter
flagtypes.name
Message-ID: <bug-273656-21822@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: FreeBSD-specific Python issues <freebsd-python.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-python
List-Help: <mailto:python+help@freebsd.org>
List-Post: <mailto:python@freebsd.org>
List-Subscribe: <mailto:python+subscribe@freebsd.org>
List-Unsubscribe: <mailto:python+unsubscribe@freebsd.org>
Sender: owner-freebsd-python@freebsd.org
X-BeenThere: freebsd-python@freebsd.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D273656
Bug ID: 273656
Summary: security/py-certbot: needs export
CRYPTOGRAPHY_OPENSSL_NO_LEGACY=3D1 in
${LOCALBASE}/etc/periodic/weekly/500.certbot-3.9 on
systems with OpenSSL 3
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: python@FreeBSD.org
Reporter: Trond.Endrestol@ximalas.info
Flags: maintainer-feedback?(python@FreeBSD.org)
Assignee: python@FreeBSD.org
System is stable/14 as of today. OpenSSL comes from base. Installed version=
is
py39-certbot-2.6.0,1 built from ports.
# certbot renew --standalone
Traceback (most recent call last):
File "/usr/local/bin/certbot", line 33, in <module>
sys.exit(load_entry_point('certbot=3D=3D2.6.0', 'console_scripts',
'certbot')())
File "/usr/local/bin/certbot", line 25, in importlib_load_entry_point
return next(matches).load()
File "/usr/local/lib/python3.9/importlib/metadata.py", line 86, in load
module =3D import_module(match.group('module'))
File "/usr/local/lib/python3.9/importlib/__init__.py", line 127, in
import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "<frozen importlib._bootstrap>", line 1030, in _gcd_import
File "<frozen importlib._bootstrap>", line 1007, in _find_and_load
File "<frozen importlib._bootstrap>", line 986, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line 680, in _load_unlocked
File "<frozen importlib._bootstrap_external>", line 850, in exec_module
File "<frozen importlib._bootstrap>", line 228, in _call_with_frames_remo=
ved
File "/usr/local/lib/python3.9/site-packages/certbot/main.py", line 6, in
<module>
from certbot._internal import main as internal_main
File "/usr/local/lib/python3.9/site-packages/certbot/_internal/main.py", =
line
21, in <module>
import josepy as jose
File "/usr/local/lib/python3.9/site-packages/josepy/__init__.py", line 40=
, in
<module>
from josepy.json_util import (
File "/usr/local/lib/python3.9/site-packages/josepy/json_util.py", line 1=
4,
in <module>
from OpenSSL import crypto
File "/usr/local/lib/python3.9/site-packages/OpenSSL/__init__.py", line 8=
, in
<module>
from OpenSSL import SSL, crypto
File "/usr/local/lib/python3.9/site-packages/OpenSSL/SSL.py", line 9, in
<module>
from OpenSSL._util import (
File "/usr/local/lib/python3.9/site-packages/OpenSSL/_util.py", line 6, in
<module>
from cryptography.hazmat.bindings.openssl.binding import Binding
File
"/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openss=
l/binding.py",
line 167, in <module>
Binding.init_static_locks()
File
"/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openss=
l/binding.py",
line 134, in init_static_locks
cls._ensure_ffi_initialized()
File
"/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openss=
l/binding.py",
line 123, in _ensure_ffi_initialized
_legacy_provider_error(cls._legacy_provider_loaded)
File
"/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openss=
l/binding.py",
line 43, in _legacy_provider_error
raise RuntimeError(
RuntimeError: OpenSSL 3.0's legacy provider failed to load. This is a fatal
error by default, but cryptography supports running without legacy algorith=
ms
by setting the environment variable CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you =
did
not expect this error, you have likely made a mistake with your OpenSSL
configuration.
--=20
You are receiving this mail because:
You are the assignee for the bug.=