In your requirements.txt, cryptography is currently pinned to version 3.4.8:
# We pin cryptography to 3.4.8 due to a build error that occurs with the
# current version (36.0.0 at the time of this commit). In short, building
# the cryptography package with Rust results in a segfault, so we need to
# set the CRYPTOGRAPHY_DONT_BUILD_RUST env var to force the package to build
# with C instead. This env var is only present in cryptography<3.5.
cryptography==3.4.8
We have recently been updating the packaging of your Mozilla Sync Storage Rust application to support Synology devices. When building with OpenSSL 3, we encountered the following runtime error:
failed to create Tokenserver OAuth verifier: [..] undefined symbol: FIPS_mode
Upgrading to cryptography 41.0.3 in our packaging requirements resolved the problem. We suggest the team reevaluate if a newer cryptography version can now be used, as the original compilation issue may have been fixed in later releases. Leveraging newer versions can ensure compatibility with modern OpenSSL builds.
In your requirements.txt, cryptography is currently pinned to version 3.4.8:
We have recently been updating the packaging of your Mozilla Sync Storage Rust application to support Synology devices. When building with OpenSSL 3, we encountered the following runtime error:
Investigating further, we found cryptography 3.4.8 is incompatible because FIPS_mode no longer exists in OpenSSL 3 per this issue: https://github.com/openssl/openssl/issues/20266.
Upgrading to cryptography 41.0.3 in our packaging requirements resolved the problem. We suggest the team reevaluate if a newer cryptography version can now be used, as the original compilation issue may have been fixed in later releases. Leveraging newer versions can ensure compatibility with modern OpenSSL builds.
┆Issue is synchronized with this Jira Task