Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

salt.crypt broken in develop #23824

Closed
kiorky opened this issue May 17, 2015 · 4 comments · Fixed by #23825
Closed

salt.crypt broken in develop #23824

kiorky opened this issue May 17, 2015 · 4 comments · Fixed by #23825

Comments

@kiorky
Copy link
Contributor

kiorky commented May 17, 2015

using the lxc runner, which calls config.seed, wich generate keys fails

[INFO    ] Executing command "lxc-attach --clear-env --set-var PATH=/bin:/usr/bin:/sbin:/usr/sbin:/opt/bin:/usr/local/bin:/usr/local/sbin  -n foobar24 -- test -e '/lxc.initial_seed'" in directory '/root'
[DEBUG   ] retcode: 1
[DEBUG   ] LazyLoaded seed.mkconfig
[WARNING ] The minion function caused an exception
Traceback (most recent call last):
  File "/salt-venv/salt/src/salt/salt/minion.py", line 1005, in _thread_return
    return_data = func(*args, **kwargs)
  File "/salt-venv/salt/src/salt/salt/modules/lxc.py", line 1487, in init
    bootstrap_args=bootstrap_args)
  File "/salt-venv/salt/src/salt/salt/modules/lxc.py", line 2891, in bootstrap
    pub_key=pub_key, priv_key=priv_key)
  File "/salt-venv/salt/src/salt/salt/modules/seed.py", line 220, in mkconfig
    salt.crypt.gen_keys(tmp, 'minion', 2048)
  File "/salt-venv/salt/src/salt/salt/crypt.py", line 87, in gen_keys
    gen = RSA.generate(bits=keysize, e=65537)
  File "/usr/lib/python2.7/dist-packages/Crypto/PublicKey/RSA.py", line 508, in generate
    obj = _RSA.generate_py(bits, rf, progress_func, e)    # TODO: Don't use legacy _RSA module
  File "/usr/lib/python2.7/dist-packages/Crypto/PublicKey/_RSA.py", line 50, in generate_py
    p = pubkey.getStrongPrime(bits>>1, obj.e, 1e-12, randfunc)
  File "/usr/lib/python2.7/dist-packages/Crypto/Util/number.py", line 265, in getStrongPrime
    randfunc)
  File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 202, in read
    return self._singleton.read(bytes)
  File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 178, in read
    return _UserFriendlyRNG.read(self, bytes)
  File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 132, in read
    retval = self._fa.random_data(N)
  File "/usr/lib/python2.7/dist-packages/Crypto/Random/Fortuna/FortunaAccumulator.py", line 148, in random_data
    return self.generator.pseudo_random_data(bytes)
  File "/usr/lib/python2.7/dist-packages/Crypto/Random/Fortuna/FortunaGenerator.py", line 93, in pseudo_random_data
    for i in xrange(num_full_blocks):
  File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 202, in read
    return self._singleton.read(bytes)
  File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 178, in read
    return _UserFriendlyRNG.read(self, bytes)
  File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 132, in read
    retval = self._fa.random_data(N)
  File "/usr/lib/python2.7/dist-packages/Crypto/Random/Fortuna/FortunaAccumulator.py", line 148, in random_data
    return self.generator.pseudo_random_data(bytes)
  File "/usr/lib/python2.7/dist-packages/Crypto/Random/Fortuna/FortunaGenerator.py", line 93, in pseudo_random_data
    for i in xrange(num_full_blocks):
  File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 202, in read
    return self._singleton.read(bytes)
  File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 178, in read
    return _UserFriendlyRNG.read(self, bytes)
  File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 137, in read
    self._check_pid()
  File "/usr/lib/python2.7/dist-packages/Crypto/Random/_UserFriendlyRNG.py", line 153, in _check_pid
    raise AssertionError("PID check failed. RNG must be re-initialized after fork(). Hint: Try Random.atfork()")
AssertionError: PID check failed. RNG must be re-initialized after fork(). Hint: Try Random.atfork()
@kiorky
Copy link
Contributor Author

kiorky commented May 17, 2015

this refs #23808 #23808 #23772

cc @thatch45 @basepi @terminalmage

@kiorky
Copy link
Contributor Author

kiorky commented May 17, 2015

im testing a patch locally...

@kiorky
Copy link
Contributor Author

kiorky commented May 17, 2015

this also refs #23348
cc @msteed

@kiorky
Copy link
Contributor Author

kiorky commented May 17, 2015

I have to test more the patch before opening the PR.

@kiorky kiorky mentioned this issue May 17, 2015
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix crypto
1 participant
@kiorky