Date: Mon, 20 Nov 2023 14:08:11 +0000
From: bugzilla-noreply@freebsd.org
To: python@FreeBSD.org
Subject: [Bug 273656] security/py-certbot: needs export CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1 in ${LOCALBASE}/etc/periodic/weekly/500.certbot-3.9 on systems with OpenSSL 3
Message-ID: <bug-273656-21822-fFFY1HjrRV@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-273656-21822@https.bugs.freebsd.org/bugzilla/>
References: <bug-273656-21822@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=273656 Franco Fichtner <franco@opnsense.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |franco@opnsense.org --- Comment #3 from Franco Fichtner <franco@opnsense.org> --- It appears that crypto parts of Python simply require legacy.so to be present for OpenSSL 3 by default. In security/openssl that is the LEGACY option, which is also off by default. Should each Python port be modified to add CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1 ? The comment in the patch is misleading: "If you did not expect this error, you have likely made a mistake with your OpenSSL configuration." Cheers, Franco -- You are receiving this mail because: You are the assignee for the bug.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-273656-21822-fFFY1HjrRV>