search

Uninett / nav-debian

Debian Package for NAV, based on a fork of the original repo
https://github.com/UNINETT/nav
GNU General Public License v3.0
4 stars 3 forks source link

[BUG] ipdevpoll and wsgi web process crash with OpenSSL error on Debian Buster #15

Closed lunkwill42 closed 1 year ago

lunkwill42 commented 1 year ago

Describe the bug

Several NAV components do not work under Debian Buster when installing version 5.5.0-1 of the package. Particularly ipdevpoll and the web/wsgi process will crash on startup, with a variation of the same traceback, which indicates some sort of error in pyOpenSSL.

It seems this is due to Twisted (from the NAV virtualenv) is Debian Bullseye's version of the pyOpenSSL library (version 19.0.0), and these do not seem to be compatible.

The best course of action may be to include a compatible version of the pyOpenSSL library in NAV's virtualenv, rather than relying the OS package.

To Reproduce

  1. Install 5.5.0-1 on Debian Buster.
  2. Attempt to start ipdevpoll with the --verbose flag set (or just check the system logs for this error):
nav --verbose start ipdevpoll

Expected behavior

The package should work without problems, just as 5.4.0-1 did.

Screenshots

If applicable, add screenshots to help explain your problem.

Tracebacks

Traceback (most recent call last):
  File "/usr/bin/ipdevpolld", line 19, in <module>
    from nav.ipdevpoll.epollreactor2 import install
  File "/opt/venvs/nav/lib/python3.7/site-packages/nav/ipdevpoll/epollreactor2.py", line 24, in <module>
    from twisted.internet import epollreactor
  File "/opt/venvs/nav/lib/python3.7/site-packages/twisted/internet/epollreactor.py", line 24, in <module>
    from twisted.internet import posixbase
  File "/opt/venvs/nav/lib/python3.7/site-packages/twisted/internet/posixbase.py", line 18, in <module>
    from twisted.internet import error, udp, tcp
  File "/opt/venvs/nav/lib/python3.7/site-packages/twisted/internet/tcp.py", line 31, in <module>
    from twisted.internet._newtls import (
  File "/opt/venvs/nav/lib/python3.7/site-packages/twisted/internet/_newtls.py", line 21, in <module>
    from twisted.protocols.tls import TLSMemoryBIOFactory, TLSMemoryBIOProtocol
  File "/opt/venvs/nav/lib/python3.7/site-packages/twisted/protocols/tls.py", line 41, in <module>
    from OpenSSL.SSL import Error, ZeroReturnError, WantReadError
  File "/opt/venvs/nav/lib/python3.7/site-packages/OpenSSL/__init__.py", line 8, in <module>
    from OpenSSL import crypto, SSL
  File "/opt/venvs/nav/lib/python3.7/site-packages/OpenSSL/crypto.py", line 1556, in <module>
    class X509StoreFlags(object):
  File "/opt/venvs/nav/lib/python3.7/site-packages/OpenSSL/crypto.py", line 1577, in X509StoreFlags
    CB_ISSUER_CHECK = _lib.X509_V_FLAG_CB_ISSUER_CHECK
AttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK'

Environment (please complete the following information):

lunkwill42 commented 1 year ago

Closed by 79562347292419e24a67c1390c25fa1363dfbc58