test failures on Mac OS X with openssl-0.9.8[gh]
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pyOpenSSL |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Thanks for maintaining pyOpenSSL!
I get the following test failures when I run
PYTHONPATH=
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #2 |
I don't like pycrypto either. The official version's ctr mode is too slow, and AMK didn't accept my patch to speed it up. I never received a rejection letter either.
Actually, I *do* kind of like pycrypto, but it doesn't do TLS, and so we can probably replace both of our libraries -- pyOpenSSL and pycrypto -- with one which provides all the crypto functions we need and which is also portable and maintained and so on.
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #4 |
We've added the OpenSSL exception to our licence.
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #5 |
There appear to be people hacking on pycrypto other than AMK, as discovered by launchpad. I reported bugs on launchpad.
In Tahoe Trac #11, evilrob (evilrob-tahoe-trac) wrote : | #7 |
fwiw the allmydata.com 'ext' repository has a py24 native build of pyopenssl which was also found from trawling the web
In Tahoe Trac #11, evilrob (evilrob-tahoe-trac) wrote : | #8 |
(which I suspect means that we don't have a py25 requirement on windows because of this dependency)
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #9 |
See also:
http://
The Twisted folks are planning to fork pyOpenSSL.
In Tahoe Trac #11, warner (warner-tahoe-trac) wrote : | #10 |
You know, we could probably ditch pycrypto altogether if we just copied implementations of AES-CTR and SHA-256 into our tree. We'll want RSA sooner or later but that can't be all that big. We certainly don't need any of the other block ciphers or hash algorithms that pycrypto offers.
And if we required python2.5 (which I'm !!!not!!! advocating) then it comes with SHA-256 in the batteries-included 'hashlib' module..
In Tahoe Trac #11, warner (warner-tahoe-trac) wrote : | #12 |
I've copied AES-CTR and SHA-256 into our tree, and removed pycrypto (and src/Crypto) altogether.
I also copied RSA in there too, but I've disabled it in setup.py because it requires the GMP package, and I don't want to add another dependency to tahoe until we actually need it (say, when we need RSA for distributed dirnodes and SSK files).
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #13 |
Our new mutable file design (source:
The aforementioned (comment:6) thing about someone maintaing pycrypto hasn't panned out -- nobody responded to the patches I submitted.
Oh boy, and now I see that the current version of pycrypto -- v2.0.1 -- has *another* bug which causes SHA-256 to give incorrect results:
http://
This bug report and accompanying patch has been open since June. This is another demonstration that pycrypto is unmaintained.
This also raises the question: why are we copying our hash function code from pycrypto ? Let's copy hashlib from python 2.5 instead.
Likewise, I'm a bit reluctant to depend on the RSA implementation from pycrypto.
I would be delighted if someone would make a Python wrapper around [http://
I might try it myself.
Crypto++ has the following features:
* actively maintained by Wei Dai, who is very smart
* very portable (see the portability matrix on the front page)
* high quality code -- the first ever open source sofware to get FIPS 140-2 certification, for example
* all the algorithms we could ever want, including Tiger hash, elliptic curve signatures, salsa-20, ...
* extremely high-performance (assembly-
* high-performance (C or C++-implementation) versions of all of the algorithms
It has the following drawback:
* C++, and not your typical "subset of C++" either, but the real deal with cleverly parameterized templates pouring out of its ears
There are so many ways to make Python wrappers nowadays:
* hand-rolled
* pyrex
* ctypes
* SWIG
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #14 |
Apparently the OLPC project has created Python wrappers around libtomcrypt (which is the upstream source for both the pycrypto sha256 and the Python standard library hashlib sha256), but hasn't really packaged or publicized these wrappers:
http://
Also some person named Larry contributed incomplete python wrappers for libtomcrypt in March of this year:
http://
In Tahoe Trac #11, warner (warner-tahoe-trac) wrote : | #16 |
The OLPC wrapper code is [http://
the license is?
Also, it looks like they've got ECC wrappers..
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #17 |
Oh and just for completeness, there is also a 5th way to wrap C++ code in Python code -- boost.python. Truly, we enjoy an abundance of ways to wrap C/C++ in Python...
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #18 |
Oh and just for more complete completeness, there is also cython.
So that's seven Ways To Do It.
But I'm using the hand-rolled technique, as per
http://
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #19 |
See also ticket #199.
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #20 |
Itamar pointed out that M2crypto has been integrated with Twisted, but on the other hand, Guido van Rossum had bad experiences with M2crypto:
http://
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #21 |
Removing "pycrypto" from the subject line of this ticket, since we have removed our dependency on it by switching to pycryptopp. (This fix isn't committed to trunk yet, but I want to point people at this ticket who are interested in pyOpenSSL specifically.)
In Tahoe Trac #11, heikki (heikki-tahoe-trac) wrote : | #22 |
Replying to [comment:21 zooko]:
> Itamar pointed out that M2crypto has been integrated with Twisted, but on the other hand, Guido van Rossum had bad experiences with M2crypto:
>
> http://
I'd like to point out that Guido wrote that almost three years ago! As far as I know, all the issues he experienced were fixed long time ago.
Itamar is also correct: M2Crypto has a Twisted protocol wrapper, which can be used to do SSL instead of pyOpenSSL. It was modeled after similar thing in TLS Lite. We use Twisted in Chandler, and M2Crypto does the SSL part using this wrapper. More on Chandler at http://
If you try M2Crypto and run into any issues, please let me know. I can't fix issues I don't know about. You can find the mailing list and bugzilla info on the M2Crypto homepage at http://
Heikki Toivonen - M2Crypto maintainer
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #23 |
Heikki:
Thanks for the post. If M2Crypto is actively maintained, then this is a big advantage that it has over pyOpenSSL!
We could use M2Crypto for both our SSL needs and our filesystem crypto needs, thus removing the need for pyOpenSSL and removing the need for pycryptopp. (This latter part makes me a little sad because I like pycryptopp -- it is my newest baby.)
Brian: are you interested in using M2Crypto for foolscap's SSL layer?
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #24 |
[yassl http://
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #25 |
Heikki Toivonen, the M2Crypto maintainer, posted the following comment [http://
people use something more robust than plain M2Crypto for a server
application (like Apache or Twisted)."
This makes me think that M2Crypto might not be best for allmydata.org.
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #26 |
The aforementioned discussion leads to two further options:
1. http://
yet another openssl wrapper
2. http://
This is a backport of the SSL implementation that is intended to be standard in Python >= v2.6.
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #27 |
Also, allmydata.com has decided that it would be okay to go ahead and use GPL'ed source code such as yassl, so that opens up some more options.
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #28 |
Oh, by the way, I forgot to mention that the reason I am looking at this ticket is that I can't compile pyOpenSSL 0.6 on Mac OS X against openssl-0.9.8g. There is a callback defined in openssl that takes (const SSL*, int, int), and pyOpenSSL passes a function that takes (SSL*, int, int). Patching pyOpenSSL to add the const keyword makes the gcc warning/error go away, but when I try to import it I still get:
{{{
HACK wonwin-
Traceback (most recent call last):
File "<string>", line 1, in ?
File "/usr/local/
import rand, crypto, SSL, tsafe
ImportError: Failure linking new module: /usr/local/
Referenced from: /usr/local/
Expected in: dynamic lookup
}}}
In Tahoe Trac #11, heikki (heikki-tahoe-trac) wrote : | #29 |
Replying to [comment:26 zooko]:
> Heikki Toivonen, the M2Crypto maintainer, posted the following comment [http://
> people use something more robust than plain M2Crypto for a server
> application (like Apache or Twisted)."
>
> This makes me think that M2Crypto might not be best for allmydata.org.
It really depends on what you need. If your website is not a high traffic site, M2Crypto is probably ok. But if you need traffic shaping, load balancing, guaranteed high availability etc. then I believe none of the simple libraries will be robust enough for you. That is why I mentioned Apache etc. which certainly can handle high traffic sites.
In Tahoe Trac #11, warner (warner-tahoe-trac) wrote : | #30 |
FYI, I started playing with a port of Foolscap to M2Crypto. The Twisted interface seems pretty well implemented, but the way that you get access to the certificate (and the way you control validation) is pretty different, so I haven't gotten it working yet. When I get back next week I'll post my results and maybe beg Heikki for some help :).
Most of what we need is just reactor.connectTCP, transport.
In Tahoe Trac #11, heikki (heikki-tahoe-trac) wrote : | #31 |
Replying to [comment:31 warner]:
> FYI, I started playing with a port of Foolscap to M2Crypto. The Twisted interface seems pretty well implemented, but the way that you get access to the certificate (and the way you control validation) is pretty different, so I haven't gotten it working yet. When I get back next week I'll post my results and maybe beg Heikki for some help :).
M2Crypto is used in Chandler, and since the certificates are stored in a database in Chandler, the validation is a bit different. Also, Chandler will present the user with a dialog if there are errors in the SSL connection (the users can choose to ignore these), so this presents additional challenges for the SSL implementation. You can see how it is done in here:
http://
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #32 |
Rejoice -- exarkun and bigdog are working on pyOpenSSL. That makes the path of least resistance for us (continuing to use pyOpenSSL) also be the path of future promise, since exarkun is an excellent engineer.
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #33 |
binary builds from exarkun and company:
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #34 |
Okay, I like {{{pyOpenSSL}}} now since exarkun et alia are maintaining it. Closing as, um, "fixed".
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #35 |
Re-opening this since I get unit test failures when I try to use the current pyOpenSSL-0.7 with Tahoe, and different unit test failures when I run pyOpenSSL-0.7's own unit tests. Here's the bug report for the pyOpenSSL project:
https:/
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #36 |
Another reason why I still don't like pyOpenSSL, and therefore this ticket should remain open, is ticket #402 (bug in Twisted, triggered by pyOpenSSL-0.7).
Zooko Wilcox-O'Hearn (zooko) wrote : test failures on Mac OS X with openssl-0.9.8g | #37 |
Thanks for maintaining pyOpenSSL!
I get the following test failures when I run
PYTHONPATH=
Zooko Wilcox-O'Hearn (zooko) wrote : | #38 |
Zooko Wilcox-O'Hearn (zooko) wrote : | #39 |
By the way, here is the ticket at http://
this ticket:
Zooko Wilcox-O'Hearn (zooko) wrote : | #40 |
I tried it with the brand spankin' new openssl-0.9.8h and got similar errors.
I hereby volunteer a Mac OS X buildslave for pyOpenSSL.
Zooko Wilcox-O'Hearn (zooko) wrote : Re: test failures on Mac OS X | #41 |
Changing the name to reflect that it isn't specific to one version of openssl.
Jean-Paul Calderone (exarkun) wrote : Re: test failures on Mac OS X with openssl-0.9.8g | #42 |
Find me on IRC sometime and I'll get you credentials for a slave.
I wonder if this is as 10.3-specific issue (somehow)? http://
Zooko Wilcox-O'Hearn (zooko) wrote : | #44 |
Okay, when I uninstall the openssl-0.9.8h that I compiled myself, and add the following stanza to pyOpenSSL's setup.cfg file, then it compiles and passes tests:
--- old-dw/setup.cfg 2008-06-20 09:26:42.000000000 -0700
+++ new-dw/setup.cfg 2008-06-20 09:26:42.000000000 -0700
@@ -8,3 +8,6 @@
group = Development/
build_script = rpm/build_script
doc-files = doc/pyOpenSSL.txt doc/pyOpenSSL.ps doc/html
+
+[build_ext]
+include-dirs = /Developer/
So the openssl that comes with Mac OS 10.4 works, and openssl-0.9.8h works on other platforms, but openssl-0.9.8h, as I compiled it, yields these errors. For reference, here is the command that I used to configure and compile openssl-0.9.8h:
./config -shared --prefix=
Zooko Wilcox-O'Hearn (zooko) wrote : | #45 |
I spelled that wrong. The actual command line is:
./config -shared --prefix=
Zooko Wilcox-O'Hearn (zooko) wrote : | #46 |
Okay, we have a builder showing this compile failure:
http://
Per my earlier experiment, if we can configure pyOpenSSL somehow so that it adds /Developer/
Jean-Paul Calderone (exarkun) wrote : | #47 |
I changed the master configuration to set CFLAGS to include that directory. The build succeeded:
http://
Changed in pyopenssl: | |
status: | New → Fix Released |
In Tahoe Trac #11, zooko (zooko-tahoe-trac) wrote : | #48 |
Okay, now I like pyOpenSSL. See also #456 (it would be nice if the dependency on OpenSSL could be automatically resolved), but basically ticket #11 can finally be closed, thanks to JP Calderone and bigdog's stewardship of pyOpenSSL.
The guy who made the tracdarcs plugin work is K. S. Sreeram. I was idly
looking for alternate python crypto modules when I found ncrypt by K. S.
Sreeram. Then I saw that ncrypt is sponsored by a p2p company, tachyon.in,
which also makes a secure decentralized (?) instant messaging protocol:
It has a very nice straightforward explanation up front:
http:// cspace. in/
I was thinking that it might be a nice optional underlay protocol for Foolscap.
Unfortunately it is GPL'ed, so it is a non-starter for Allmydata unless
tachyon.in wants to give us a more permissive licence.
But the OpenSSL Python wrappers that they wrote are permissively licensed:
http:// tachyon. in/ncrypt/
And it works well on Windows:
http:// tachyon. in/pipermail/ ncrypt- users/2007- February/ 000016. html
Here's K. S. Sreeram's page:
http:// sreeram. cc/
So all Python crypto libraries that I know of that do TLS and that have
compatible licences:
{{{
pyOpenSSL
tlslite
M2Crypto
ncrypt
}}}
I vaguely remember that Brian Warner investigated tlslite and had trouble with
it. I've heard bad things about M2Crypto. I would be interested in trying
ncrypt.
By the way, I was reminded while doing this browsing that we need to add "the
OpenSSL+GPL exception" to our licence.
http:// en.wikipedia. org/wiki/ OpenSSL# The_exception