failing to build with cryptography 3.1

ros2 / sros2

tools to generate and distribute keys for SROS 2

Apache License 2.0

89 stars 44 forks source link

failing to build with cryptography 3.1 #234

Closed dirk-thomas closed 4 years ago

dirk-thomas commented 4 years ago

The nightly ROS 2 builds failed on macOS and Windows. I assume due to the new cryptography version 3.1 being released.

dirk-thomas commented 4 years ago

Upstream ticket: pyca/cryptography#5433.

kyrofa commented 4 years ago

Oh that's unfortunate. I see three paths forward:

Wait for cryptography to add a proper API to replace the bindings
Move back to shelling out to openssl directly
Pin to cryptography 3.0

I think (1) is really the only real solution here-- the others are workarounds and temporary solutions at best. They at least seem interested in exposing this via the API though, maybe we can help. We'll push on that a little, it looks like you've started on (3) for now?

dirk-thomas commented 4 years ago

The referenced PR implements option 3 to get the jobs passing now.

Upstream is working on re-adding the necessary API as described in option 1 (see discussion on the upstream ticket). If that has been released we could unpin (which is tracked in ros2/ci#507).

kyrofa commented 4 years ago

Excellent, thanks @dirk-thomas, sounds like a plan. We'll join the upstream discussion.