might need to bump version of python ports after recent openssl changes
Kirill Ponomarev
kp at krion.cc
Tue Jun 16 18:05:28 UTC 2020
On 05/27, Konstantin Belousov wrote:
> On Tue, May 26, 2020 at 11:31:32PM -0700, Kevin Oberman wrote:
> > On Tue, May 26, 2020 at 11:09 PM Stefan Eßer <se at freebsd.org> wrote:
> >
> > > Am 27.05.20 um 04:24 schrieb Jan Beich:
> > > > Pete Wright <pete at nomadlogic.org> writes:
> > > >
> > > >> hello - on current i found myself in a situation where python37 was
> > > >> unable to import ssl:
> > > >>
> > > >> $ python3.7
> > > >> Python 3.7.7 (default, May 9 2020, 01:37:42)
> > > >> [Clang 10.0.0 (git at github.com:llvm/llvm-project.git
> > > >> llvmorg-10.0.0-0-gd32170dbd on freebsd13
> > > >> Type "help", "copyright", "credits" or "license" for more information.
> > > >>>>> import ssl
> > > >> Traceback (most recent call last):
> > > >> File "<stdin>", line 1, in <module>
> > > >> File "/usr/local/lib/python3.7/ssl.py", line 98, in <module>
> > > >> import _ssl # if we can't import it, let the error
> > > >> propagate
> > > >> ImportError: /usr/local/lib/python3.7/lib-dynload/_ssl.so: Undefined
> > > >> symbol "SSLv3_method at OPENSSL_1_1_0"
> > > >>>>>
> > > >>
> > > >>
> > > >> after a little digging it looks like we recently disabled SSLv3 on
> > > >> CURRENT (huzzah!):
> > > >> https://reviews.freebsd.org/D24945
> > > >>
> > > >> After forcing a re-install of python37 things are working again as it
> > > >> looked like the pbuilder did rebuild python after this commit. But pkg
> > > >> upgrade didn't detect a new version, so I think it might be helpful to
> > > >> bump the python version's so that people on CURRENT don't end up in
> > > >> the same situation I was in? Not sure what the usual process is for
> > > >> stuff like this...
> > > >
> > > > OSVERSION was already bumped in base r361410, so poudriere will
> > > > force-rebuild all packages. Those who hack .jailversion to avoid
> > > > rebuilds can only blame themselves.
> > >
> > > OSVERSION bumps will be observed by poudriere, but not by other port
> > > building tools.
> > >
> > > Did I miss an announcement that all other methods to keep your system
> > > in a workable state are now considered obsolete and unsupported?
> > >
> > > A port version bump would have enabled rebuilding just the affected
> > > ports, while a rebuild of all my ports based on OSVERSION will take
> > > days to complete on my local build server.
> >
> > Even if the packages are updated in the repository, does pkg know it?
> > It looks to me like pkg upgrade will simply not upgrade the port unless
> > PORT_REVISION is bumped.
> What this change needed, and missed, is the dso version bump for libssl.so.111.
It seems even after rebuilding some ports, we've still got the runtime error:
ImportError: /usr/local/lib/python3.7/lib-dynload/_ssl.so: Undefined symbol "SSLv3_method at OPENSSL_1_1_0"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20200616/e82b6277/attachment.sig>
More information about the freebsd-ports
mailing list