yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #79146
[Bug 1771506] Re: Unit test failure with OpenSSL 1.1.1
This bug was fixed in the package nova - 2:19.0.0-0ubuntu2.3
---------------
nova (2:19.0.0-0ubuntu2.3) disco; urgency=medium
* d/p/bug_1825882.patch: Cherry-picked from upstream to ensure
virsh disk attach does not fail silently (LP: #1825882).
* d/p/bug_1826523.patch: Cherry-picked from upstream to ensure
always disconnect volumes after libvirt exceptions (LP: #1826523).
nova (2:19.0.0-0ubuntu2.2) disco; urgency=medium
* d/p/xenapi-agent-change-openssl-error-handling.patch: Cherry-picked from
upstream to ensure xenapi agent only raises a RuntimeError exception
when openssl returns a non-zero exit code (LP: #1771506).
nova (2:19.0.0-0ubuntu2.1) disco; urgency=medium
* d/gbp.conf: Create stable/stein branch.
* d/p/eventlet-monkey-patching-should-be-as-early-as-possible.patch:
Cherry-picked from upstream stable/stein review to fix py3+wsgi+ssl crash
(LP: #1808951).
-- Sahid Orentino Ferdjaoui <sahid.ferdjaoui@xxxxxxxxxxxxx> Thu, 16
May 2019 10:54:46 +0200
** Changed in: nova (Ubuntu Disco)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1771506
Title:
Unit test failure with OpenSSL 1.1.1
Status in Ubuntu Cloud Archive:
Fix Committed
Status in Ubuntu Cloud Archive queens series:
Fix Released
Status in Ubuntu Cloud Archive rocky series:
Fix Committed
Status in Ubuntu Cloud Archive stein series:
Fix Committed
Status in OpenStack Compute (nova):
In Progress
Status in nova package in Ubuntu:
Fix Released
Status in nova source package in Bionic:
Fix Released
Status in nova source package in Cosmic:
Fix Released
Status in nova source package in Disco:
Fix Released
Bug description:
Hi,
Building the Nova Queens package with OpenSSL 1.1.1 leads to unit test
problems. This was reported to Debian at:
https://bugs.debian.org/898807
The new openssl 1.1.1 is currently in experimental [0]. This package
failed to build against this new package [1] while it built fine
against the openssl version currently in unstable [2]. Could you
please have a look?
FAIL: nova.tests.unit.virt.xenapi.test_xenapi.XenAPIDiffieHellmanTestCase.test_encrypt_newlines_inside_message
|nova.tests.unit.virt.xenapi.test_xenapi.XenAPIDiffieHellmanTestCase.test_encrypt_newlines_inside_message
|----------------------------------------------------------------------
|_StringException: pythonlogging:'': {{{2018-05-01 20:48:09,960 WARNING [oslo_config.cfg] Config option key_manager.api_class is deprecated. Use option key_manager.backend instead.}}}
|
|Traceback (most recent call last):
| File "/<<PKGBUILDDIR>>/nova/tests/unit/virt/xenapi/test_xenapi.py", line 1592, in test_encrypt_newlines_inside_message
| self._test_encryption('Message\nwith\ninterior\nnewlines.')
| File "/<<PKGBUILDDIR>>/nova/tests/unit/virt/xenapi/test_xenapi.py", line 1577, in _test_encryption
| enc = self.alice.encrypt(message)
| File "/<<PKGBUILDDIR>>/nova/virt/xenapi/agent.py", line 432, in encrypt
| return self._run_ssl(text).strip('\n')
| File "/<<PKGBUILDDIR>>/nova/virt/xenapi/agent.py", line 428, in _run_ssl
| raise RuntimeError(_('OpenSSL error: %s') % err)
|RuntimeError: OpenSSL error: *** WARNING : deprecated key derivation used.
|Using -iter or -pbkdf2 would be better.
It looks like due to additional message on stderr.
[0] https://lists.debian.org/msgid-search/20180501211400.GA21460@xxxxxxxxx
[1] https://breakpoint.cc/openssl-rebuild/2018-05-03-rebuild-openssl1.1.1-pre6/attempted/nova_17.0.0-4_amd64-2018-05-01T20%3A39%3A38Z
[2] https://breakpoint.cc/openssl-rebuild/2018-05-03-rebuild-openssl1.1.1-pre6/successful/nova_17.0.0-4_amd64-2018-05-02T18%3A46%3A36Z
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1771506/+subscriptions
References