Closed howbazaar closed 1 year ago
Possibly has same underlying problem as #1115
This is almost certainly due to the bundling of OpenSSL 1.0.2k (https://github.com/libgit2/pygit2/issues/1136#issuecomment-1087645337, https://github.com/libgit2/pygit2/issues/1136#issuecomment-1223786378).
Try with the latest release v1.11.1 which includes openssl 1.1 Reopen if it does not work with v1.11.1
Platform: linux x86_64 (ubuntu 20.04) Python: 3.9.12
Reproduction script: https://gist.github.com/howbazaar/b4e46806d0c5350623bf8d9ff49c6b4c
works with pygit2 v1.7.1 fails with v1.7.2, 1.9.1
The script is a bit weird because it builds and runs the code the same way our production code does, and I was attempting to find a minimal reproduction of the problem.
Personally I had an older 4096 bit RSA SSH key, but newer users were using ed25519 type SSH keys as recommended by github's own docs.
I created some new keys:
And added them to my github profile.
Was using poetry to manage versions inside a local virtual env to easily switch between versions of pygit2.
Failure looks like:
ecdsa keys are fine
ldd for v1.7.1 of the pygit2 shared object file has
whereas for v1.7.2 we get
Given that the primary difference between 1.7.1 and 1.7.2 is just how the wheels were built, it seems a little extreme.
The hash on libssh2 doesn't appear to be a commit hash from their mainline, and the version number isn't set to match, so I'm guessing that some other process is setting these.