Date: Mon, 20 Nov 2023 14:08:11 +0000
From: bugzilla-noreply@freebsd.org
To: python@FreeBSD.org
Subject: [Bug 273656] security/py-certbot: needs export CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1 in ${LOCALBASE}/etc/periodic/weekly/500.certbot-3.9 on systems with OpenSSL 3
Message-ID: <bug-273656-21822-fFFY1HjrRV@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-273656-21822@https.bugs.freebsd.org/bugzilla/>
References: <bug-273656-21822@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D273656 Franco Fichtner <franco@opnsense.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |franco@opnsense.org --- Comment #3 from Franco Fichtner <franco@opnsense.org> --- It appears that crypto parts of Python simply require legacy.so to be prese= nt for OpenSSL 3 by default. In security/openssl that is the LEGACY option, w= hich is also off by default. Should each Python port be modified to add CRYPTOGRAPHY_OPENSSL_NO_LEGACY= =3D1 ? The comment in the patch is misleading: "If you did not expect this error, = you have likely made a mistake with your OpenSSL configuration." Cheers, Franco --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-273656-21822-fFFY1HjrRV>