Date: Wed, 27 May 2020 14:07:07 +0300 From: Konstantin Belousov <kostikbel@gmail.com> To: gordon@freebsd.org Cc: Kevin Oberman <rkoberman@gmail.com>, Stefan =?utf-8?B?RcOfZXI=?= <se@freebsd.org>, Pete Wright <pete@nomadlogic.org>, FreeBSD Ports ML <freebsd-ports@freebsd.org> Subject: Re: might need to bump version of python ports after recent openssl changes Message-ID: <20200527110707.GD48478@kib.kiev.ua> In-Reply-To: <CAN6yY1v1ZAYndVCTR_yp4CRqO2wVR3tgJ%2BUJ5oun-3xV_P_Rtw@mail.gmail.com> References: <63bc596e-0e78-7ed0-236e-5a11f017ba26@nomadlogic.org> <sgfm-azdx-wny@FreeBSD.org> <b1ab2e2e-651a-bf67-04b5-67be2350f21c@freebsd.org> <CAN6yY1v1ZAYndVCTR_yp4CRqO2wVR3tgJ%2BUJ5oun-3xV_P_Rtw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, May 26, 2020 at 11:31:32PM -0700, Kevin Oberman wrote: > On Tue, May 26, 2020 at 11:09 PM Stefan Eßer <se@freebsd.org> wrote: > > > Am 27.05.20 um 04:24 schrieb Jan Beich: > > > Pete Wright <pete@nomadlogic.org> writes: > > > > > >> hello - on current i found myself in a situation where python37 was > > >> unable to import ssl: > > >> > > >> $ python3.7 > > >> Python 3.7.7 (default, May 9 2020, 01:37:42) > > >> [Clang 10.0.0 (git@github.com:llvm/llvm-project.git > > >> llvmorg-10.0.0-0-gd32170dbd on freebsd13 > > >> Type "help", "copyright", "credits" or "license" for more information. > > >>>>> import ssl > > >> Traceback (most recent call last): > > >> File "<stdin>", line 1, in <module> > > >> File "/usr/local/lib/python3.7/ssl.py", line 98, in <module> > > >> import _ssl # if we can't import it, let the error > > >> propagate > > >> ImportError: /usr/local/lib/python3.7/lib-dynload/_ssl.so: Undefined > > >> symbol "SSLv3_method@OPENSSL_1_1_0" > > >>>>> > > >> > > >> > > >> after a little digging it looks like we recently disabled SSLv3 on > > >> CURRENT (huzzah!): > > >> https://reviews.freebsd.org/D24945 > > >> > > >> After forcing a re-install of python37 things are working again as it > > >> looked like the pbuilder did rebuild python after this commit. But pkg > > >> upgrade didn't detect a new version, so I think it might be helpful to > > >> bump the python version's so that people on CURRENT don't end up in > > >> the same situation I was in? Not sure what the usual process is for > > >> stuff like this... > > > > > > OSVERSION was already bumped in base r361410, so poudriere will > > > force-rebuild all packages. Those who hack .jailversion to avoid > > > rebuilds can only blame themselves. > > > > OSVERSION bumps will be observed by poudriere, but not by other port > > building tools. > > > > Did I miss an announcement that all other methods to keep your system > > in a workable state are now considered obsolete and unsupported? > > > > A port version bump would have enabled rebuilding just the affected > > ports, while a rebuild of all my ports based on OSVERSION will take > > days to complete on my local build server. > > Even if the packages are updated in the repository, does pkg know it? > It looks to me like pkg upgrade will simply not upgrade the port unless > PORT_REVISION is bumped. What this change needed, and missed, is the dso version bump for libssl.so.111.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200527110707.GD48478>