** Description changed: + [Impact] + + * salt fails to start with OpenSSL 1.1.1 (which is in cosmic-release, + bionic-proposed) + + [Test Case] + + * bionic-only: install openssl/libssl1.1 from bionic-proposed + + sudo apt install salt-master + sudo salt --versions-report + + [bad] Python traceback ending in: + ssl.SSLError: unknown error (_ssl.c:2788) + + [good] a table of version numbers + Salt Version: + Salt: 2018.3.0 + ... + + + [Fix] + + * Unused imports, and 1.1.1 incompatible libcrypto init functions in + salt are causing it to fail to start with OpenSSL 1.1.1. The upstream + patches that were merged into stable branch make it compatible with + either 1.1.0 or 1.1.1. + + [Regression Potential] + + * The underlying behavior of crypto with or without these patches is + not changed. There are no versioned breaks to prevent upgrading + libssl1.1 whilst salt is installed, but this fix should make salt + compatible with any openssl releases. Currently, salt is completely + broken in cosmic-release (fails to start) so it's hard to regress + further than that in cosmic. + + [Other Info] + + * Full traceback + # sudo apt install salt-master # sudo salt --versions-report Traceback (most recent call last): File "/usr/bin/salt", line 10, in <module> salt_main() File "/usr/lib/python3/dist-packages/salt/scripts.py", line 476, in salt_main client.run() File "/usr/lib/python3/dist-packages/salt/cli/salt.py", line 33, in run import salt.client File "/usr/lib/python3/dist-packages/salt/client/__init__.py", line 31, in <module> import salt.cache File "/usr/lib/python3/dist-packages/salt/cache/__init__.py", line 18, in <module> import salt.loader File "/usr/lib/python3/dist-packages/salt/loader.py", line 26, in <module> import salt.utils.event File "/usr/lib/python3/dist-packages/salt/utils/event.py", line 70, in <module> import tornado.iostream File "/usr/lib/python3/dist-packages/tornado/iostream.py", line 40, in <module> from tornado.netutil import ssl_wrap_socket, _client_ssl_defaults, _server_ssl_defaults File "/usr/lib/python3/dist-packages/tornado/netutil.py", line 45, in <module> ssl.Purpose.SERVER_AUTH) File "/usr/lib/python3.6/ssl.py", line 502, in create_default_context context = SSLContext(PROTOCOL_TLS) File "/usr/lib/python3.6/ssl.py", line 391, in __new__ self = _SSLContext.__new__(cls, protocol) ssl.SSLError: unknown error (_ssl.c:2788)
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1823332 Title: salt --versions-report broken in bionic/cosmic with openssl 1.1.1 To manage notifications about this bug go to: https://bugs.launchpad.net/salt/+bug/1823332/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs