Created attachment 373210 [details] emerge --info Hello, I tried today to emerge OpenSSL with the USE flag bindist, but sometimes after, I noticed some programs using python and ssl are crashing with this message error (in this example, with youtube-dl): Traceback (most recent call last): File "/usr/bin/youtube-dl", line 3, in <module> import youtube_dl File "/usr/lib64/python3.3/site-packages/youtube_dl/__init__.py", line 70, in <module> from .utils import ( File "/usr/lib64/python3.3/site-packages/youtube_dl/utils.py", line 19, in <module> import ssl File "/usr/lib64/python3.3/ssl.py", line 60, in <module> import _ssl # if we can't import it, let the error propagate ImportError: /usr/lib64/python3.3/lib-dynload/_ssl.cpython-33.so: undefined symbol: EC_KEY_new_by_curve_name So, I think therefore python needs a better check dependency with openssl: -ssl? ( dev-libs/openssl ) +ssl? ( dev-libs/openssl[-bindist] ) Or maybe, check if it can work with other crypto program, like GNUTLS for example. Steps to Reproduce: 1. Set ssl USE flag to python. 2. Set bindist USE flag to dev-libs/openssl (current version is 1.0.1f) and emerge/rebuild it. 3. Execute a program using ssl, like youtube-dl. 4. fail with above error message. Reproductible: Always. Expect results: No error. Thanks for support.
If you rebuild dev-lang/python:3.3, does that resolve the issue?
Hello, (In reply to Mike Gilbert from comment #1) > If you rebuild dev-lang/python:3.3, does that resolve the issue? Yes, Mike, it does, but unfortunately, neither revdep-rebuild nor python-updater detected the dependency error. Here are my steps: 1. USE="bindist" emerge -vat1O openssl (-O because some other programs like openssh and bind will fail and/or have dependency detections); 2. testing: * python3 >>> import ssl Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/lib64/python3.3/ssl.py", line 60, in <module> import _ssl # if we can't import it, let the error propagate ImportError: /usr/lib64/python3.3/lib-dynload/_ssl.cpython-33.so: undefined symbol: EC_KEY_new_by_curve_name * python2 >>> import ssl (Success silently, but maybe will fail later, when it will be actually use, I don't have enough knowledges to test by myself) 3. Threfore, failure with python3; 4. revdep-rebuild --ignore -v -- -va --keep-going --quiet-build → nothing; 5. python-updater → nothing; 6. re-testing: → same behavior has step 2. 7. emerge -vat python (for rebuilding); 8. re-re-testing: python3's “import ssl” looks like to work, I try to download a file through HTTPS, it worked. So, here we are, rebuilding by our own will resolvs the problem, but I think this is weird neither revdep-rebuild nor python-updater solved this by themselves. Do you have any idea? Maybe put a warning message after rebuilding when this USE flag is switched. Best regards,
A warning message certainly sounds like a good idea.
should be all set now in the tree; thanks for the report! Commit message: Note that USE=bindist changes ABI. http://sources.gentoo.org/dev-libs/openssl/metadata.xml?r1=1.9&r2=1.10
Hello, Just for asking, why neither revdep-rebuild nor python-updater didn't solve this problem? I tought those tools look for links between librairies and programs.
Please do not mess with the bug status. revdep-rebuild looks for binaries which are linked to library versions (sonames) which no longer exist. It does not detect missing symbols. python-updater isn't designed to detect breakage at all, but rather to rebuild programs when a new version of python is installed.
Also see bug 63643, which is a request to add detection of unresolved symbols to revdep-rebuild.
OK, thanks for informations. (In reply to Mike Gilbert from comment #6) > Please do not mess with the bug status. PS: Sorry, but I didn't change the status on purpose, I just clicked on “Add comment”, and it switched on its own.
