Hi,
pyOpenSSL deprecated[0] many of the APIs that create_certs.py uses
awhile ago and as of the latest release has removed the
OpenSSL.crypto.PKCS12 APIs.
[0]: https://www.pyopenssl.org/en/latest/changelog.html
The cryptography[1] module is supposed to be used as the replacement.
[1]: https://c
[
https://issues.apache.org/jira/browse/SERF-202?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17487609#comment-17487609
]
James McCoy commented on SERF-202:
--
OpenSSL released on 2021/09/07.
The {{ERR_GET_
On Tue, Oct 05, 2021 at 08:31:54PM +0300, Alexandr Miloslavskiy wrote:
> In the time since the last 1.3.9 release, test certificates has
> already expired two times, causing tests to fail. Our build script runs
> tests, so entire build fails for us. Let's fix that.
For what it's worth, in the Debi
On Fri, Jan 15, 2021 at 08:36:22AM -0500, Justin Erenkrantz wrote:
> Sadly, my Debian sid box ran into other issues and is currently inaccessible.
>
> I *think* that this would address the 1.3.x test issues, but 1.3.x doesn't
> build on Mac OS for me for other reasons...so, let me know how it goes
Happy New Year!
On Wed, Dec 30, 2020 at 10:39:28PM -0500, James McCoy wrote:
> On Tue, Dec 29, 2020 at 02:35:11PM -0500, Justin Erenkrantz wrote:
> > The OpenSSL devs intended this to be a breaking change - but it's not
> > documented anywhere. Sigh.
> >
> > I&
On Tue, Dec 29, 2020 at 02:35:11PM -0500, Justin Erenkrantz wrote:
> The OpenSSL devs intended this to be a breaking change - but it's not
> documented anywhere. Sigh.
>
> I've got a WIP patch against trunk that causes test_ssl to pass - see below.
> It also seems to work with OpenSSL 1.1.1h as
On Sun, Dec 27, 2020 at 10:46:24AM -0500, Justin Erenkrantz wrote:
> Thanks. I expect that this might be due to the last change - erroring out on
> an expired self-signed root cert. Though I thought we didn’t check in a root
> cert for our test chain...could Debian’s packaging be including a cert
On Sat, Dec 26, 2020 at 11:09:41PM +0100, Lucas Nussbaum wrote:
> Source: serf
> Version: 1.3.9-8
> [...]
> > Trailer-Test: f
> > ...F..
> >
> > There was 1 failure:
> > 1) test_ssl_handshake: test/test_util.c:456: expected <0> but was <1
On Mon, Mar 30, 2020 at 07:00:46PM -0400, James McCoy wrote:
> On Mon, Mar 30, 2020 at 02:53:40PM -0400, Justin Erenkrantz wrote:
> > Here's a tentative patch that causes the test cases to pass with OpenSSL
> > 1.1.1e+ for me on Debian Sid.
> >
> > James, can you
On Tue, Mar 31, 2020 at 09:39:12AM -0400, Justin Erenkrantz wrote:
> In reviewing your Python 3.x patches, I noticed a change to build/gen_def.py ;
> in my local tests, it didn't seem to be required; plus, trunk/1.4.x has a
> slightly different patch.
The changes for gen_def.py in the 1.3.x patch
On Tue, Mar 31, 2020 at 04:13:40PM -0400, Justin Erenkrantz wrote:
> On Tue, Mar 31, 2020 at 2:33 PM Branko Čibej wrote:
>
> > Thanks, Justin. I don't know if we need another 1.3.x release, given
> > that 1.4 will be API compatible and has more robust OpenSSL 1.1.x and
> > LibreSSL support.
> >
>
On Mon, Mar 30, 2020 at 02:53:40PM -0400, Justin Erenkrantz wrote:
> Here's a tentative patch that causes the test cases to pass with OpenSSL
> 1.1.1e+ for me on Debian Sid.
>
> James, can you please give it a go and confirm that it works for you?
The package does build and pass tests with the pa
On Fri, Mar 27, 2020 at 05:15:24PM -0400, Justin Erenkrantz wrote:
> James,
>
> I finally got a Debian sid environment up. However, I'm seeing a different
> sets of test failures right now against vanilla serf 1.4.x and trunk (which
> works with the scons/python3 in sid without a patch AFAICT) -
On Sun, Dec 29, 2019 at 12:03:55AM +0100, Branko Čibej wrote:
> On 28.12.2019 17:49, James McCoy wrote:
> > On Wed, Dec 04, 2019 at 10:34:00PM -0500, James McCoy wrote:
> >> I use create_certs.py at build time in the Debian packaging to avoid
> >> dealing with expired
On Wed, Mar 25, 2020 at 08:57:14AM -0400, Justin Erenkrantz wrote:
> James,
>
> Thanks for the bug report. For reference, the upstream OpenSSL commit looks
> to
> be:
>
> https://github.com/openssl/openssl/commit/
> d924dbf4ae127c68463bcbece04b6e06abc58928
>
> I strongly suspect that the patch
Looping in upstream:
On Sun, Mar 22, 2020 at 02:57:54PM +0100, Lucas Nussbaum wrote:
> Version: 1.3.9-8
This is the same version of the serf package that's been in Debian since
2019/12/31, so something else seems to have changed.
> [...]
> During a rebuild of all packages in sid, your package fa
On Wed, Dec 04, 2019 at 10:34:00PM -0500, James McCoy wrote:
> I use create_certs.py at build time in the Debian packaging to avoid
> dealing with expired certs. Since Debian is in the process of trying to
> remove Python 2, I've updated the script to work with Python 3.
>
&
[
https://issues.apache.org/jira/browse/SERF-184?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16988762#comment-16988762
]
James McCoy commented on SERF-184:
--
{quote}2. Source-based distributions can ea
I use create_certs.py at build time in the Debian packaging to avoid
dealing with expired certs. Since Debian is in the process of trying to
remove Python 2, I've updated the script to work with Python 3.
It would also be useful if 1.4 were released, so I could switch to the
CMake build.
Cheers,
Starting in 17.1.0, the OpenSSL.crypto.CRL.export() fuction requires the
caller to specify the digest type, after a few years of not specifying
one being a deprecation warning. Since this is just used for tests, I
kept the old default of md5.
Cheers,
--
James
GPG Key: 4096R/91BF BF4D 6956 BD5D F
On Wed, Oct 11, 2017 at 10:51:59AM +0200, Falko Matthies wrote:
> I have a small issue. It looks like that the serf lib is the reason, why
> subversion does not work anymore while
> accessing HTTPS repositories.
>
> I am using
> - the current debian testing (buster) amd64
> - subversion 1.9.7-2 (r
On Mon, Jun 13, 2016 at 10:07:51PM +0200, Bert Huijben wrote:
>
>
> > -Original Message-
> > From: James McCoy [mailto:vega.ja...@gmail.com] On Behalf Of James
> > McCoy
> > Sent: zondag 12 juni 2016 20:56
> > To: dev@serf.apache.org
> > Sub
On Sun, Jun 12, 2016 at 02:56:07PM -0400, James McCoy wrote:
> OpenSSL is preparing a 1.1.0 release which introduces API and ABI
> incompatibilities (described in an in-progress[0] wiki page).
>
> [0]: https://wiki.openssl.org/index.php/1.1_API_Changes
>
> A rebuild[1] of a
OpenSSL is preparing a 1.1.0 release which introduces API and ABI
incompatibilities (described in an in-progress[0] wiki page).
[0]: https://wiki.openssl.org/index.php/1.1_API_Changes
A rebuild[1] of all Debian packages using OpenSSL found that serf is
affected by these changes, specifically maki
24 matches
Mail list logo
