mjcarroll
commented
1 year ago Confirmed that this also happens with OpenSSL from Conda.
Closed Yadunund closed 8 months ago
mjcarroll
commented
1 year ago Confirmed that this also happens with OpenSSL from Conda.
mjcarroll
commented
1 year ago I think this is a resurrection of this issue: https://github.com/ros2/sros2/pull/240
At least on my system, I have cryptography 40.x.x installed.
pradyum
commented
1 year ago I downgrading the python module to "cryptography==38.0.4". It is due to version incompatibility between cryptography and pyopenssl modules.
I was able to run this tutorial https://github.com/ros2/sros2/blob/master/SROS2_Windows.md (Windows - Binary install) after downgrading.
mjcarroll
commented
1 year ago I downgrading the python module to "cryptography==38.0.4". It is due to version incompatibility between cryptography and pyopenssl modules.
Great, that gives a place to bisect, but I think the longer answer is to move away from the PKCS7_DETACHED constant.
mjcarroll
commented
1 year ago Here is the commit that caused the issue: https://github.com/pyca/cryptography/pull/8332
ros-discourse
commented
1 year ago This issue has been mentioned on ROS Discourse. There might be relevant details there:
https://discourse.ros.org/t/ros-2-tsc-meeting-minutes-2023-06-15/32038/1
songyuc
commented
11 months ago Hello @Yadunund, @mjcarroll, and the ROS 2 security team,
I came across this issue while working with ROS 2 Iron and encountered the same AttributeError with PKCS7_DETACHED. I see that there has been some discussion on possible workarounds and the identification of the problematic commit in the cryptography library.
Could you please confirm if there is a planned fix for this issue in an upcoming ROS 2 Iron release? It would be helpful to know if I should wait for an update or proceed with the workaround suggested here.
Thank you for your time and efforts in maintaining and improving the ROS 2 security features.
Yadunund
commented
11 months ago Hello @Yadunund, @mjcarroll, and the ROS 2 security team,
I came across this issue while working with ROS 2 Iron and encountered the same AttributeError with
PKCS7_DETACHED. I see that there has been some discussion on possible workarounds and the identification of the problematic commit in thecryptographylibrary.Could you please confirm if there is a planned fix for this issue in an upcoming ROS 2 Iron release? It would be helpful to know if I should wait for an update or proceed with the workaround suggested here.
Thank you for your time and efforts in maintaining and improving the ROS 2 security features.
@songyuc the issue is not something we can resolve with any changes to the Iron codebase as it pertains to system versions of certain python modules. For now, id suggest relying on the workaround mentioned above. Sorry about that.
clalancette
commented
8 months ago This one has been fixed by #290 , so closing this out.
As reported here https://github.com/osrf/ros2_test_cases/issues/537
OpenSSL was installed following the instructions here https://docs.ros.org/en/rolling/Installation/Windows-Install-Binary.html#install-openssl