2019-04-05 13:01:32 |
Dimitri John Ledkov |
bug |
|
|
added bug |
2019-04-05 13:02:00 |
Dimitri John Ledkov |
description |
# salt --versions-report
Traceback (most recent call last):
File "/usr/bin/salt", line 10, in <module>
salt_main()
File "/usr/lib/python3/dist-packages/salt/scripts.py", line 476, in salt_main
client.run()
File "/usr/lib/python3/dist-packages/salt/cli/salt.py", line 33, in run
import salt.client
File "/usr/lib/python3/dist-packages/salt/client/__init__.py", line 31, in <module>
import salt.cache
File "/usr/lib/python3/dist-packages/salt/cache/__init__.py", line 18, in <module>
import salt.loader
File "/usr/lib/python3/dist-packages/salt/loader.py", line 26, in <module>
import salt.utils.event
File "/usr/lib/python3/dist-packages/salt/utils/event.py", line 70, in <module>
import tornado.iostream
File "/usr/lib/python3/dist-packages/tornado/iostream.py", line 40, in <module>
from tornado.netutil import ssl_wrap_socket, _client_ssl_defaults, _server_ssl_defaults
File "/usr/lib/python3/dist-packages/tornado/netutil.py", line 45, in <module>
ssl.Purpose.SERVER_AUTH)
File "/usr/lib/python3.6/ssl.py", line 502, in create_default_context
context = SSLContext(PROTOCOL_TLS)
File "/usr/lib/python3.6/ssl.py", line 391, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: unknown error (_ssl.c:2788) |
# sudo apt install salt-master
# sudo salt --versions-report
Traceback (most recent call last):
File "/usr/bin/salt", line 10, in <module>
salt_main()
File "/usr/lib/python3/dist-packages/salt/scripts.py", line 476, in salt_main
client.run()
File "/usr/lib/python3/dist-packages/salt/cli/salt.py", line 33, in run
import salt.client
File "/usr/lib/python3/dist-packages/salt/client/__init__.py", line 31, in <module>
import salt.cache
File "/usr/lib/python3/dist-packages/salt/cache/__init__.py", line 18, in <module>
import salt.loader
File "/usr/lib/python3/dist-packages/salt/loader.py", line 26, in <module>
import salt.utils.event
File "/usr/lib/python3/dist-packages/salt/utils/event.py", line 70, in <module>
import tornado.iostream
File "/usr/lib/python3/dist-packages/tornado/iostream.py", line 40, in <module>
from tornado.netutil import ssl_wrap_socket, _client_ssl_defaults, _server_ssl_defaults
File "/usr/lib/python3/dist-packages/tornado/netutil.py", line 45, in <module>
ssl.Purpose.SERVER_AUTH)
File "/usr/lib/python3.6/ssl.py", line 502, in create_default_context
context = SSLContext(PROTOCOL_TLS)
File "/usr/lib/python3.6/ssl.py", line 391, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: unknown error (_ssl.c:2788) |
|
2019-04-05 13:02:22 |
Dimitri John Ledkov |
bug |
|
|
added subscriber EOLE team |
2019-04-05 13:03:21 |
Dimitri John Ledkov |
nominated for series |
|
Ubuntu Cosmic |
|
2019-04-05 13:03:21 |
Dimitri John Ledkov |
bug task added |
|
salt (Ubuntu Cosmic) |
|
2019-04-05 13:03:21 |
Dimitri John Ledkov |
nominated for series |
|
Ubuntu Disco |
|
2019-04-05 13:03:21 |
Dimitri John Ledkov |
bug task added |
|
salt (Ubuntu Disco) |
|
2019-04-05 13:03:21 |
Dimitri John Ledkov |
nominated for series |
|
Ubuntu Bionic |
|
2019-04-05 13:03:21 |
Dimitri John Ledkov |
bug task added |
|
salt (Ubuntu Bionic) |
|
2019-04-05 13:03:27 |
Dimitri John Ledkov |
salt (Ubuntu Bionic): status |
New |
Confirmed |
|
2019-04-05 13:03:28 |
Dimitri John Ledkov |
salt (Ubuntu Cosmic): status |
New |
Confirmed |
|
2019-04-05 13:21:04 |
Dimitri John Ledkov |
bug watch added |
|
https://github.com/saltstack/salt/issues/49661 |
|
2019-04-05 13:21:04 |
Dimitri John Ledkov |
bug task added |
|
salt |
|
2019-04-05 13:21:10 |
Dimitri John Ledkov |
salt (Ubuntu Disco): status |
New |
Fix Released |
|
2019-04-05 13:46:44 |
Bug Watch Updater |
salt: status |
Unknown |
New |
|
2019-04-05 14:49:14 |
Dimitri John Ledkov |
description |
# sudo apt install salt-master
# sudo salt --versions-report
Traceback (most recent call last):
File "/usr/bin/salt", line 10, in <module>
salt_main()
File "/usr/lib/python3/dist-packages/salt/scripts.py", line 476, in salt_main
client.run()
File "/usr/lib/python3/dist-packages/salt/cli/salt.py", line 33, in run
import salt.client
File "/usr/lib/python3/dist-packages/salt/client/__init__.py", line 31, in <module>
import salt.cache
File "/usr/lib/python3/dist-packages/salt/cache/__init__.py", line 18, in <module>
import salt.loader
File "/usr/lib/python3/dist-packages/salt/loader.py", line 26, in <module>
import salt.utils.event
File "/usr/lib/python3/dist-packages/salt/utils/event.py", line 70, in <module>
import tornado.iostream
File "/usr/lib/python3/dist-packages/tornado/iostream.py", line 40, in <module>
from tornado.netutil import ssl_wrap_socket, _client_ssl_defaults, _server_ssl_defaults
File "/usr/lib/python3/dist-packages/tornado/netutil.py", line 45, in <module>
ssl.Purpose.SERVER_AUTH)
File "/usr/lib/python3.6/ssl.py", line 502, in create_default_context
context = SSLContext(PROTOCOL_TLS)
File "/usr/lib/python3.6/ssl.py", line 391, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: unknown error (_ssl.c:2788) |
[Impact]
* salt fails to start with OpenSSL 1.1.1 (which is in cosmic-release, bionic-proposed)
[Test Case]
* bionic-only: install openssl/libssl1.1 from bionic-proposed
sudo apt install salt-master
sudo salt --versions-report
[bad] Python traceback ending in:
ssl.SSLError: unknown error (_ssl.c:2788)
[good] a table of version numbers
Salt Version:
Salt: 2018.3.0
...
[Fix]
* Unused imports, and 1.1.1 incompatible libcrypto init functions in salt are causing it to fail to start with OpenSSL 1.1.1. The upstream patches that were merged into stable branch make it compatible with either 1.1.0 or 1.1.1.
[Regression Potential]
* The underlying behavior of crypto with or without these patches is not changed. There are no versioned breaks to prevent upgrading libssl1.1 whilst salt is installed, but this fix should make salt compatible with any openssl releases. Currently, salt is completely broken in cosmic-release (fails to start) so it's hard to regress further than that in cosmic.
[Other Info]
* Full traceback
# sudo apt install salt-master
# sudo salt --versions-report
Traceback (most recent call last):
File "/usr/bin/salt", line 10, in <module>
salt_main()
File "/usr/lib/python3/dist-packages/salt/scripts.py", line 476, in salt_main
client.run()
File "/usr/lib/python3/dist-packages/salt/cli/salt.py", line 33, in run
import salt.client
File "/usr/lib/python3/dist-packages/salt/client/__init__.py", line 31, in <module>
import salt.cache
File "/usr/lib/python3/dist-packages/salt/cache/__init__.py", line 18, in <module>
import salt.loader
File "/usr/lib/python3/dist-packages/salt/loader.py", line 26, in <module>
import salt.utils.event
File "/usr/lib/python3/dist-packages/salt/utils/event.py", line 70, in <module>
import tornado.iostream
File "/usr/lib/python3/dist-packages/tornado/iostream.py", line 40, in <module>
from tornado.netutil import ssl_wrap_socket, _client_ssl_defaults, _server_ssl_defaults
File "/usr/lib/python3/dist-packages/tornado/netutil.py", line 45, in <module>
ssl.Purpose.SERVER_AUTH)
File "/usr/lib/python3.6/ssl.py", line 502, in create_default_context
context = SSLContext(PROTOCOL_TLS)
File "/usr/lib/python3.6/ssl.py", line 391, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: unknown error (_ssl.c:2788) |
|
2019-04-05 16:24:55 |
Dimitri John Ledkov |
salt (Ubuntu Bionic): status |
Confirmed |
In Progress |
|
2019-04-05 16:26:52 |
Dimitri John Ledkov |
description |
[Impact]
* salt fails to start with OpenSSL 1.1.1 (which is in cosmic-release, bionic-proposed)
[Test Case]
* bionic-only: install openssl/libssl1.1 from bionic-proposed
sudo apt install salt-master
sudo salt --versions-report
[bad] Python traceback ending in:
ssl.SSLError: unknown error (_ssl.c:2788)
[good] a table of version numbers
Salt Version:
Salt: 2018.3.0
...
[Fix]
* Unused imports, and 1.1.1 incompatible libcrypto init functions in salt are causing it to fail to start with OpenSSL 1.1.1. The upstream patches that were merged into stable branch make it compatible with either 1.1.0 or 1.1.1.
[Regression Potential]
* The underlying behavior of crypto with or without these patches is not changed. There are no versioned breaks to prevent upgrading libssl1.1 whilst salt is installed, but this fix should make salt compatible with any openssl releases. Currently, salt is completely broken in cosmic-release (fails to start) so it's hard to regress further than that in cosmic.
[Other Info]
* Full traceback
# sudo apt install salt-master
# sudo salt --versions-report
Traceback (most recent call last):
File "/usr/bin/salt", line 10, in <module>
salt_main()
File "/usr/lib/python3/dist-packages/salt/scripts.py", line 476, in salt_main
client.run()
File "/usr/lib/python3/dist-packages/salt/cli/salt.py", line 33, in run
import salt.client
File "/usr/lib/python3/dist-packages/salt/client/__init__.py", line 31, in <module>
import salt.cache
File "/usr/lib/python3/dist-packages/salt/cache/__init__.py", line 18, in <module>
import salt.loader
File "/usr/lib/python3/dist-packages/salt/loader.py", line 26, in <module>
import salt.utils.event
File "/usr/lib/python3/dist-packages/salt/utils/event.py", line 70, in <module>
import tornado.iostream
File "/usr/lib/python3/dist-packages/tornado/iostream.py", line 40, in <module>
from tornado.netutil import ssl_wrap_socket, _client_ssl_defaults, _server_ssl_defaults
File "/usr/lib/python3/dist-packages/tornado/netutil.py", line 45, in <module>
ssl.Purpose.SERVER_AUTH)
File "/usr/lib/python3.6/ssl.py", line 502, in create_default_context
context = SSLContext(PROTOCOL_TLS)
File "/usr/lib/python3.6/ssl.py", line 391, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: unknown error (_ssl.c:2788) |
[Impact]
* salt fails to start with OpenSSL 1.1.1 (which is in cosmic-release, bionic-proposed)
[Test Case]
* install openssl/libssl1.1 from bionic-proposed
sudo apt install salt-master
sudo salt --versions-report
[bad] Python traceback ending in:
ssl.SSLError: unknown error (_ssl.c:2788)
[good] a table of version numbers
Salt Version:
Salt: 2018.3.0
...
[Fix]
* Unused imports, and 1.1.1 incompatible libcrypto init functions in salt are causing it to fail to start with OpenSSL 1.1.1. The upstream patches that were merged into stable branch make it compatible with either 1.1.0 or 1.1.1.
* Note that for bionic above is sufficent by itself. In cosmic, python-tornado got upgraded from v4 to v5 and salt is incompatible with it. Hence salt in cosmic is currently complete busted due to this issue and lack of tornado4. I have now requested and SRU to reintroduce tornado4 into cosmic to unbreak salt in cosmic. But it may take much longer than the smaller fix for bionic.
[Regression Potential]
* The underlying behavior of crypto with or without these patches is not changed. There are no versioned breaks to prevent upgrading libssl1.1 whilst salt is installed, but this fix should make salt compatible with any openssl releases. Currently, salt is completely broken in cosmic-release (fails to start) so it's hard to regress further than that in cosmic.
[Other Info]
* Full traceback
# sudo apt install salt-master
# sudo salt --versions-report
Traceback (most recent call last):
File "/usr/bin/salt", line 10, in <module>
salt_main()
File "/usr/lib/python3/dist-packages/salt/scripts.py", line 476, in salt_main
client.run()
File "/usr/lib/python3/dist-packages/salt/cli/salt.py", line 33, in run
import salt.client
File "/usr/lib/python3/dist-packages/salt/client/__init__.py", line 31, in <module>
import salt.cache
File "/usr/lib/python3/dist-packages/salt/cache/__init__.py", line 18, in <module>
import salt.loader
File "/usr/lib/python3/dist-packages/salt/loader.py", line 26, in <module>
import salt.utils.event
File "/usr/lib/python3/dist-packages/salt/utils/event.py", line 70, in <module>
import tornado.iostream
File "/usr/lib/python3/dist-packages/tornado/iostream.py", line 40, in <module>
from tornado.netutil import ssl_wrap_socket, _client_ssl_defaults, _server_ssl_defaults
File "/usr/lib/python3/dist-packages/tornado/netutil.py", line 45, in <module>
ssl.Purpose.SERVER_AUTH)
File "/usr/lib/python3.6/ssl.py", line 502, in create_default_context
context = SSLContext(PROTOCOL_TLS)
File "/usr/lib/python3.6/ssl.py", line 391, in __new__
self = _SSLContext.__new__(cls, protocol)
ssl.SSLError: unknown error (_ssl.c:2788) |
|
2019-04-17 20:57:53 |
Bug Watch Updater |
salt: status |
New |
Fix Released |
|
2019-05-03 23:48:56 |
Steve Langasek |
salt (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
2019-05-03 23:49:00 |
Steve Langasek |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2019-05-03 23:49:03 |
Steve Langasek |
bug |
|
|
added subscriber SRU Verification |
2019-05-03 23:49:06 |
Steve Langasek |
tags |
|
verification-needed verification-needed-bionic |
|
2019-05-07 14:57:19 |
Dimitri John Ledkov |
tags |
verification-needed verification-needed-bionic |
verification-done verification-done-bionic |
|
2019-05-13 10:18:17 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2019-05-13 10:28:18 |
Launchpad Janitor |
salt (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|