Message12972
In a newly-installed v2.7.2b2 or b3, test_ssl fails like this:
test test_ssl_jy failed -- Traceback (most recent call last):
File "...\inst\Lib\test\test_ssl.py", line 940, in test_load_cert_chain
ctx.load_cert_chain(CERTFILE_PROTECTED, password=KEY_PASSWORD)
...
File "...\inst\Lib\_sslcerts.py", line 281, in _read_pem_cert_from_data
key_pair = key_converter.getKeyPair(obj.decryptKeyPair(provider))
PEMException: org.python.bouncycastle.openssl.PEMException: Unable to create OpenSSL PBDKF: PBKDF-OpenSSL SecretKeyFactory not available
This does not happen in the development configuration, nor if I introduce the Bouncy Castle JARs to the class path. It began after upgrading the JARs.
It seems likely the cause is the shading of the JAR that we do when embedding it in jython.jar during the Ant build. We do not do this shading to all the JARs we depend on. Some we name-translate:
org/python/apache/commons/compress
org/python/bouncycastle
And some we just copy:
com/ziclix/python/sql
jnr/ffi
Options appear to be:
1. hope the cause is within our library and fix it. (But maybe it is a BC feature?)
2. include the library unshaded. (Not known if this would be a problem.) |
|
Date |
User |
Action |
Args |
2020-02-03 20:43:46 | jeff.allen | set | recipients:
+ jeff.allen |
2020-02-03 20:43:46 | jeff.allen | set | messageid: <1580762626.64.0.480248923673.issue2858@roundup.psfhosted.org> |
2020-02-03 20:43:46 | jeff.allen | link | issue2858 messages |
2020-02-03 20:43:46 | jeff.allen | create | |
|