cryptography-1.3 breaks unit tests

Bug #1559241 reported by Ben Nemec
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Invalid
High
Brian Haley
os-cloud-config
Fix Released
Critical
Ben Nemec

Bug Description

With cryptography 1.3, the unit tests are failing with:

Traceback (most recent call last):
  File "os_cloud_config/tests/test_keystone_pki.py", line 36, in test_create_ca_and_signing_pairs
    self.assertTrue(ca_key.check())
  File "/home/fedora/os-cloud-config/.tox/py27/lib/python2.7/site-packages/OpenSSL/crypto.py", line 243, in check
    if _lib.EVP_PKEY_type(self._pkey.type) != _lib.EVP_PKEY_RSA:
AttributeError: '_cffi_backend.CDataGCP' object has no attribute 'type'

I've opened https://github.com/pyca/cryptography/issues/2837 upstream to get this fixed. In the meantime we may need to exclude cryptography 1.3 in global requirements.

logstash query: http://logstash.openstack.org/#dashboard/file/logstash.json?query=build_status%3A%20FAILURE%20AND%20message%3A%20%5C%22_cffi_backend.CDataGCP%5C%22

Appears to be affecting os-cloud-config and neutron-lbaas right now.

Tags: unittest
Revision history for this message
Armando Migliaccio (armando-migliaccio) wrote :

As far as Neutron is concerned, we see this in stable/liberty only.

Changed in neutron:
status: New → Confirmed
importance: Undecided → High
assignee: nobody → Brian Haley (brian-haley)
Revision history for this message
Armando Migliaccio (armando-migliaccio) wrote :

Not sure if the fix lies with Neutron though. There might be infra changes required, more triaging is needed. Waiting for Brian to report back.

tags: added: liberty-backport-potential
tags: added: unittest
Revision history for this message
Ben Nemec (bnemec) wrote :

pyOpenSSL 16.0.0 has been released, which appears to have fixed this.

Changed in os-cloud-config:
status: Triaged → Fix Released
assignee: nobody → Ben Nemec (bnemec)
tags: removed: liberty-backport-potential
Changed in neutron:
status: Confirmed → Incomplete
Changed in neutron:
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.