#6054: fedpkg build broken after crypto-policies update to disable SSL3
Fedora Release Engineering
rel-eng at fedoraproject.org
Fri Nov 21 10:14:09 UTC 2014
#6054: fedpkg build broken after crypto-policies update to disable SSL3
-----------------------------+------------------------
Reporter: amigadave | Owner: rel-eng@…
Type: task | Status: new
Milestone: Fedora 21 Final | Component: koji
Keywords: | Blocked By:
Blocking: |
-----------------------------+------------------------
I came across this today, after updating crypto-policies in Rawhide:
fedpkg -v build
Creating repo object from /home/david/checkout/rpms/gnome-logs
Could not read /home/david/.koji/config for config values
Initiating a koji session to http://koji.fedoraproject.org/kojihub
Could not execute build: [('SSL routines', 'SSL3_CLIENT_HELLO', 'no
ciphers available')]
Traceback (most recent call last):
File "/usr/bin/fedpkg", line 16, in <module>
main()
File "/usr/lib/python2.7/site-packages/fedpkg/__main__.py", line 68,
in main
sys.exit(client.args.command())
File "/usr/lib/python2.7/site-packages/pyrpkg/cli.py", line 938, in
build
sets, nvr_check)
File "/usr/lib/python2.7/site-packages/pyrpkg/__init__.py", line
1717, in build
build_target = self.kojisession.getBuildTarget(self.target)
File "/usr/lib/python2.7/site-packages/pyrpkg/__init__.py", line
396, in kojisession
self.load_kojisession()
File "/usr/lib/python2.7/site-packages/pyrpkg/__init__.py", line
248, in load_kojisession
defaults['serverca'])
File "/usr/lib/python2.7/site-packages/koji/__init__.py", line 1729,
in ssl_login
sinfo = self.callMethod('sslLogin', proxyuser)
File "/usr/lib/python2.7/site-packages/koji/__init__.py", line 1778,
in callMethod
return self._callMethod(name, args, opts)
File "/usr/lib/python2.7/site-packages/koji/__init__.py", line 1898,
in _callMethod
return self._sendCall(handler, headers, request)
File "/usr/lib/python2.7/site-packages/koji/__init__.py", line 1809,
in _sendCall
return self._sendOneCall(handler, headers, request)
File "/usr/lib/python2.7/site-packages/koji/__init__.py", line 1827,
in _sendOneCall
cnx.endheaders()
File "/usr/lib64/python2.7/httplib.py", line 991, in endheaders
self._send_output(message_body)
File "/usr/lib64/python2.7/httplib.py", line 844, in _send_output
self.send(msg)
File "/usr/lib64/python2.7/httplib.py", line 820, in send
self.sock.sendall(data)
File "/usr/lib/python2.7/site-packages/koji/ssl/SSLConnection.py",
line 108, in sendall
sent = con.send(data, flags)
OpenSSL.SSL.Error: [('SSL routines', 'SSL3_CLIENT_HELLO', 'no ciphers
available')]
I was advised to file it as a releng ticket by pingou on #fedora-devel. It
seems like this change is only on the master branch of crypto-policies,
not f21:
http://pkgs.fedoraproject.org/cgit/crypto-
policies.git/commit/?id=9e4e7ddc76b3f22db8fd4a15eba9ed4140a831fa
--
Ticket URL: <https://fedorahosted.org/rel-eng/ticket/6054>
Fedora Release Engineering <http://fedorahosted.org/rel-eng>
Release Engineering for the Fedora Project
More information about the rel-eng
mailing list