Summary: | dev-python/cryptography fails with "sslv2_method redeclared" | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | piotr5 |
Component: | Current packages | Assignee: | Gentoo Linux bug wranglers <bug-wranglers> |
Status: | RESOLVED DUPLICATE | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
piotr5
2016-07-01 20:20:20 UTC
If openssl is compiled with USE="sslv2" as proposed, then openssl becomes vulnerable to DROWN attack[1]. I think it is better that dev-python/cryptography is version bumped to 1.3.1 instead. [1] https://drownattack.com/ -- Regards, Mick dev-python/cryptography-1.1.2 fails to build with openssl-1.0.2h-r2 for me. I agree that enabling sslv2 is not a good solution. I don't know why is it actually rebuilding, but I will try if keywording cryptography-1.3.1 helps. [ebuild rR ] dev-python/cryptography-1.1.2::gentoo USE="(-libressl) {-test}" PYTHON_TARGETS="python2_7 python3_4 (-pypy) -python3_3 (-python3_5)" 0 KiB <build log snippet> i686-pc-linux-gnu-gcc -O2 -pipe -march=native -fPIC -I/usr/include/python2.7 -c /tmp/portage/dev-python/cryptography-1.1.2/work/cryptography-1.1.2-python2_7/temp.linux-i686-2.7/_openssl.c -o /tmp/portage/dev-python/cryptography-1.1.2/work/cryptography-1.1.2-python2_7/temp.linux-i686-2.7/tmp/portage/dev-python/cryptography-1.1.2/work/cryptography-1.1.2-python2_7/temp.linux-i686-2.7/_openssl.o /tmp/portage/dev-python/cryptography-1.1.2/work/cryptography-1.1.2-python2_7/temp.linux-i686-2.7/_openssl.c:2096:15: error: 'SSLv2_method' redeclared as different kind of symbol SSL_METHOD* (*SSLv2_method)(void) = NULL; ^ In file included from /tmp/portage/dev-python/cryptography-1.1.2/work/cryptography-1.1.2-python2_7/temp.linux-i686-2.7/_openssl.c:520:0: /usr/include/openssl/ssl.h:2349:19: note: previous declaration of 'SSLv2_method' was here const SSL_METHOD *SSLv2_method(void); /* SSLv2 */ .. and similar for SSLv2_client_method and SSLv2_server_method </build log snippet> I have tested with keyword dev-python/cryptography-1.3.1 ~x86 and it merges fine. Importing a module and calling a function seems to work as well. See https://bugs.gentoo.org/show_bug.cgi?id=587240#c3 *** This bug has been marked as a duplicate of bug 584142 *** |