asn1crypto uses system default libcrypto instead of cryptography's one. #4460
Comments
|
Are you are compiling your own cryptography against your own custom OpenSSL, not the statically linked wheels we provide via PyPI? If so, are you statically or dynamically linking? What call are you making that causes the segfault? |
|
Ah, you filed wbond/asn1crypto#113 (which is likely where any potential workaround would live anyway) |
|
This is another casualty of unbit/uwsgi#1590, see wbond/asn1crypto#113 (comment) |
|
I just commented at wbond/asn1crypto#113 (comment) explaining that in all likelihood, the libcrypto dependency will be dropped since asn1crypto will likely drop the ability to compute the public key from a private key. Instead it will likely defer to a true crypto package. |
|
Thanks for the update @wbond, we'll go ahead and close it on this side for now :) |
|
Thank you! |
|
Just for historical reference, version 1.0.0 of asn1crypto dropped the libcrypto dependency. |
When buidling uwsgi, Python, and cryptography, we can specify custom location of OpenSSL.
We use such option to use OpenSSL different from system's default one.
But asn1crypto loads system libcrypto for faster
inverse_mod()implementation.https://github.com/wbond/asn1crypto/blob/master/asn1crypto/_perf/_big_num_ctypes.py#L35
This may cause trouble. In our case, it caused SEGV in uwsgi application because
ABI is incompatible from libcrypto used by uwsgi.
We can avoid this SEGV by removing
_perfdirectory in the asn1crypto. But I wantmixing incompatible OpenSSL is avoided by default.
How about embed asn1crypto without
_perfmodule, or with custom_perfmodule usingcryptography's OpenSSL?
"Embedding asn1crypto without
_perf" seems supported:https://github.com/wbond/asn1crypto/blob/master/changelog.md#0182
The text was updated successfully, but these errors were encountered: