greendns: Patch ssl #684
Merged
greendns: Patch ssl #684
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Newer (2.0+) dnspython imports ssl (and requests, which would have eventually imported ssl), so greendns needs a monkey-patched ssl, too. This should prevent a RecursionError with SSLContext. Note that this *does not* bring full dnspython>=2.0 support, but our version pin hasn't stopped people from trying to run with newer dnspython anyway. May as well make it hurt a little less. Fixes eventlet#677, but see also eventlet#619.
Codecov Report
@@ Coverage Diff @@
## master #684 +/- ##
======================================
- Coverage 44% 44% -1%
======================================
Files 87 87
Lines 11913 11914 +1
Branches 1780 1780
======================================
- Hits 5290 5289 -1
- Misses 6220 6222 +2
Partials 403 403
Flags with carried forward coverage won't be shown. Click here to find out more.
Continue to review full report at Codecov.
|
|
This is useful to me. Thanks! |
benthorner
pushed a commit
to alphagov/notifications-admin
that referenced
this pull request
Feb 16, 2021
This downgrades various packages so they are mutually compatible
and "pip install -r requirements.txt" succeeds.
Currently we have a situation where we're not running tests against
new versions of dependencies, as requirements_for_test.txt is not
being kept in-sync with requirements.txt by pyup. Deploys are only
working because Concourse silently ignores version issues.
From a deployment log:
awscli 1.18.211 has requirement PyYAML<5.4,>=3.10; python_version != "3.4", but you'll have pyyaml 5.4 which is incompatible.
This downgrades to pyyaml 5.3.1, despite it having a security issue,
in order to fix the build for the time being. This also downgrades
dnspython, due to a suspected issue with eventlet [1], which caused
the admin app to start failing with errors like this:
File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/connectionpool.py", line 1010, in _validate_conn
conn.connect()
File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/connection.py", line 394, in connect
cert_reqs=resolve_cert_reqs(self.cert_reqs),
File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/util/ssl_.py", line 303, in create_urllib3_context
context.options |= options
File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
super(SSLContext, SSLContext).options.__set__(self, value)
File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
super(SSLContext, SSLContext).options.__set__(self, value)
File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
super(SSLContext, SSLContext).options.__set__(self, value)
[Previous line repeated 280 more times]
RecursionError: maximum recursion depth exceeded while calling a Python object
[1]: eventlet/eventlet#684
benthorner
pushed a commit
to alphagov/notifications-admin
that referenced
this pull request
Feb 16, 2021
This downgrades various packages so they are mutually compatible
and "pip install -r requirements.txt" succeeds.
This downgrades to pyyaml 5.3.1, despite it having a security issue,
in order to fix the build for the time being. This also downgrades
dnspython, due to a suspected issue with eventlet [1], which caused
the admin app to start failing with errors like this:
File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/connectionpool.py", line 1010, in _validate_conn
conn.connect()
File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/connection.py", line 394, in connect
cert_reqs=resolve_cert_reqs(self.cert_reqs),
File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/util/ssl_.py", line 303, in create_urllib3_context
context.options |= options
File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
super(SSLContext, SSLContext).options.__set__(self, value)
File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
super(SSLContext, SSLContext).options.__set__(self, value)
File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
super(SSLContext, SSLContext).options.__set__(self, value)
[Previous line repeated 280 more times]
RecursionError: maximum recursion depth exceeded while calling a Python object
[1]: eventlet/eventlet#684
benthorner
pushed a commit
to alphagov/notifications-admin
that referenced
this pull request
Feb 16, 2021
This downgrades various packages so they are mutually compatible
and "pip install -r requirements.txt" succeeds.
This downgrades to pyyaml 5.3.1, despite it having a security issue,
in order to fix the build for the time being. This also downgrades
dnspython, due to a suspected issue with eventlet [1], which caused
the admin app to start failing with errors like this:
File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/connectionpool.py", line 1010, in _validate_conn
conn.connect()
File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/connection.py", line 394, in connect
cert_reqs=resolve_cert_reqs(self.cert_reqs),
File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/util/ssl_.py", line 303, in create_urllib3_context
context.options |= options
File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
super(SSLContext, SSLContext).options.__set__(self, value)
File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
super(SSLContext, SSLContext).options.__set__(self, value)
File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
super(SSLContext, SSLContext).options.__set__(self, value)
[Previous line repeated 280 more times]
RecursionError: maximum recursion depth exceeded while calling a Python object
[1]: eventlet/eventlet#684
dvjones89
pushed a commit
to bitzesty/notifications-admin
that referenced
this pull request
Feb 17, 2021
This downgrades various packages so they are mutually compatible
and "pip install -r requirements.txt" succeeds.
This downgrades to pyyaml 5.3.1, despite it having a security issue,
in order to fix the build for the time being. This also downgrades
dnspython, due to a suspected issue with eventlet [1], which caused
the admin app to start failing with errors like this:
File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/connectionpool.py", line 1010, in _validate_conn
conn.connect()
File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/connection.py", line 394, in connect
cert_reqs=resolve_cert_reqs(self.cert_reqs),
File "/home/vcap/deps/0/python/lib/python3.6/site-packages/urllib3/util/ssl_.py", line 303, in create_urllib3_context
context.options |= options
File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
super(SSLContext, SSLContext).options.__set__(self, value)
File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
super(SSLContext, SSLContext).options.__set__(self, value)
File "/home/vcap/deps/0/python/lib/python3.6/ssl.py", line 465, in options
super(SSLContext, SSLContext).options.__set__(self, value)
[Previous line repeated 280 more times]
RecursionError: maximum recursion depth exceeded while calling a Python object
[1]: eventlet/eventlet#684
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Newer (2.0+)
dnspythonimportsssl(andrequests, which would have eventually importedssl), sogreendnsneeds a monkey-patchedssl, too. This should prevent aRecursionErrorwithSSLContext.Note that this does not bring full
dnspython>=2.0support, but our version pin hasn't stopped people from trying to run with newerdnspythonanyway. May as well make it hurt a little less.Fixes #677, but see also #619.