OpenBSD 7.6 & Python Crypto Library
OpenBSD 7.6 / LibreSSl 4.0.0 / cryptography 43.0.1
seems that cryptography library is broken / not yet ready for libressl 4.0.0
Problems adding Crypto
cd /tmp
poetry new test_crypto
cd test_crypto/
poetry add cryptography
root@host /bin# cd tmp
root@host /tmp# poetry new test_crypto
Created package test_crypto in test_crypto
root@host /tmp# cd test_crypto/
root@host /tmp/test_crypto# poetry add cryptography
Creating virtualenv test-crypto in /tmp/test_crypto/.venv
Using version ^43.0.1 for cryptography
Updating dependencies
Resolving dependencies... (0.2s)
Package operations: 3 installs, 0 updates, 0 removals
- Installing pycparser (2.22)
- Installing cffi (1.17.1)
- Installing cryptography (43.0.1): Failed
ChefBuildError
Backend subprocess exited when trying to invoke build_wheel
Running `maturin pep517 build-wheel -i /tmp/tmpm4f6kesa/.venv/bin/python --compatibility off`
π¦ Including license file "/tmp/tmpzw46sfn4/cryptography-43.0.1/LICENSE"
π¦ Including license file "/tmp/tmpzw46sfn4/cryptography-43.0.1/LICENSE.APACHE"
π¦ Including license file "/tmp/tmpzw46sfn4/cryptography-43.0.1/LICENSE.BSD"
πΉ Building a mixed python/rust project
π Found pyo3 bindings with abi3 support for Python β₯ 3.7
π Not using a specific python interpreter
π‘ Using build options features, locked from pyproject.toml
Compiling proc-macro2 v1.0.86
Compiling target-lexicon v0.12.15
Compiling unicode-ident v1.0.12
Compiling pyo3-build-config v0.22.2
Compiling quote v1.0.36
Compiling cc v1.1.6
Compiling syn v2.0.71
Compiling vcpkg v0.2.15
Compiling pkg-config v0.3.30
Compiling once_cell v1.19.0
Compiling openssl-sys v0.9.103
error: failed to run custom build command for `openssl-sys v0.9.103`
Caused by:
process didn't exit successfully: `/tmp/tmpzw46sfn4/cryptography-43.0.1/src/rust/target/release/build/openssl-sys-b9cf452982f5d9f0/build-script-main` (exit status: 101)
--- stdout
cargo:rustc-check-cfg=cfg(osslconf, values("OPENSSL_NO_OCB", "OPENSSL_NO_SM4", "OPENSSL_NO_SEED", "OPENSSL_NO_CHACHA", "OPENSSL_NO_CAST", "OPENSSL_NO_IDEA", "OPENSSL_NO_CAMELLIA", "OPENSSL_NO_RC4", "OPENSSL_NO_BF", "OPENSSL_NO_PSK", "OPENSSL_NO_DEPRECATED_3_0", "OPENSSL_NO_SCRYPT", "OPENSSL_NO_SM3", "OPENSSL_NO_RMD160", "OPENSSL_NO_EC2M", "OPENSSL_NO_OCSP", "OPENSSL_NO_CMS", "OPENSSL_NO_COMP", "OPENSSL_NO_SOCK", "OPENSSL_NO_STDIO"))
cargo:rustc-check-cfg=cfg(openssl)
cargo:rustc-check-cfg=cfg(libressl)
cargo:rustc-check-cfg=cfg(boringssl)
cargo:rustc-check-cfg=cfg(libressl250)
cargo:rustc-check-cfg=cfg(libressl251)
cargo:rustc-check-cfg=cfg(libressl252)
cargo:rustc-check-cfg=cfg(libressl261)
cargo:rustc-check-cfg=cfg(libressl270)
cargo:rustc-check-cfg=cfg(libressl271)
cargo:rustc-check-cfg=cfg(libressl273)
cargo:rustc-check-cfg=cfg(libressl280)
cargo:rustc-check-cfg=cfg(libressl281)
cargo:rustc-check-cfg=cfg(libressl291)
cargo:rustc-check-cfg=cfg(libressl310)
cargo:rustc-check-cfg=cfg(libressl321)
cargo:rustc-check-cfg=cfg(libressl332)
cargo:rustc-check-cfg=cfg(libressl340)
cargo:rustc-check-cfg=cfg(libressl350)
cargo:rustc-check-cfg=cfg(libressl360)
cargo:rustc-check-cfg=cfg(libressl361)
cargo:rustc-check-cfg=cfg(libressl370)
cargo:rustc-check-cfg=cfg(libressl380)
cargo:rustc-check-cfg=cfg(libressl381)
cargo:rustc-check-cfg=cfg(libressl382)
cargo:rustc-check-cfg=cfg(libressl390)
cargo:rustc-check-cfg=cfg(libressl400)
cargo:rustc-check-cfg=cfg(ossl101)
cargo:rustc-check-cfg=cfg(ossl102)
cargo:rustc-check-cfg=cfg(ossl102f)
cargo:rustc-check-cfg=cfg(ossl102h)
cargo:rustc-check-cfg=cfg(ossl110)
cargo:rustc-check-cfg=cfg(ossl110f)
cargo:rustc-check-cfg=cfg(ossl110g)
cargo:rustc-check-cfg=cfg(ossl110h)
cargo:rustc-check-cfg=cfg(ossl111)
cargo:rustc-check-cfg=cfg(ossl111b)
cargo:rustc-check-cfg=cfg(ossl111c)
cargo:rustc-check-cfg=cfg(ossl111d)
cargo:rustc-check-cfg=cfg(ossl300)
cargo:rustc-check-cfg=cfg(ossl310)
cargo:rustc-check-cfg=cfg(ossl320)
cargo:rustc-check-cfg=cfg(ossl330)
cargo:rerun-if-env-changed=X86_64_UNKNOWN_OPENBSD_OPENSSL_LIB_DIR
X86_64_UNKNOWN_OPENBSD_OPENSSL_LIB_DIR unset
cargo:rerun-if-env-changed=OPENSSL_LIB_DIR
OPENSSL_LIB_DIR unset
cargo:rerun-if-env-changed=X86_64_UNKNOWN_OPENBSD_OPENSSL_INCLUDE_DIR
X86_64_UNKNOWN_OPENBSD_OPENSSL_INCLUDE_DIR unset
cargo:rerun-if-env-changed=OPENSSL_INCLUDE_DIR
OPENSSL_INCLUDE_DIR unset
cargo:rerun-if-env-changed=X86_64_UNKNOWN_OPENBSD_OPENSSL_DIR
X86_64_UNKNOWN_OPENBSD_OPENSSL_DIR unset
cargo:rerun-if-env-changed=OPENSSL_DIR
OPENSSL_DIR unset
cargo:rerun-if-env-changed=OPENSSL_NO_PKG_CONFIG
cargo:rerun-if-env-changed=PKG_CONFIG_x86_64-unknown-openbsd
cargo:rerun-if-env-changed=PKG_CONFIG_x86_64_unknown_openbsd
cargo:rerun-if-env-changed=HOST_PKG_CONFIG
cargo:rerun-if-env-changed=PKG_CONFIG
cargo:rerun-if-env-changed=OPENSSL_STATIC
cargo:rerun-if-env-changed=OPENSSL_DYNAMIC
cargo:rerun-if-env-changed=PKG_CONFIG_ALL_STATIC
cargo:rerun-if-env-changed=PKG_CONFIG_ALL_DYNAMIC
cargo:rerun-if-env-changed=PKG_CONFIG_PATH_x86_64-unknown-openbsd
cargo:rerun-if-env-changed=PKG_CONFIG_PATH_x86_64_unknown_openbsd
cargo:rerun-if-env-changed=HOST_PKG_CONFIG_PATH
cargo:rerun-if-env-changed=PKG_CONFIG_PATH
cargo:rerun-if-env-changed=PKG_CONFIG_LIBDIR_x86_64-unknown-openbsd
cargo:rerun-if-env-changed=PKG_CONFIG_LIBDIR_x86_64_unknown_openbsd
cargo:rerun-if-env-changed=HOST_PKG_CONFIG_LIBDIR
cargo:rerun-if-env-changed=PKG_CONFIG_LIBDIR
cargo:rerun-if-env-changed=PKG_CONFIG_SYSROOT_DIR_x86_64-unknown-openbsd
cargo:rerun-if-env-changed=PKG_CONFIG_SYSROOT_DIR_x86_64_unknown_openbsd
cargo:rerun-if-env-changed=HOST_PKG_CONFIG_SYSROOT_DIR
cargo:rerun-if-env-changed=PKG_CONFIG_SYSROOT_DIR
cargo:rerun-if-env-changed=PKG_CONFIG_SYSROOT_DIR
cargo:rerun-if-env-changed=SYSROOT
cargo:rerun-if-env-changed=OPENSSL_STATIC
cargo:rerun-if-env-changed=OPENSSL_DYNAMIC
cargo:rerun-if-env-changed=PKG_CONFIG_ALL_STATIC
cargo:rerun-if-env-changed=PKG_CONFIG_ALL_DYNAMIC
cargo:rustc-link-lib=ssl
cargo:rustc-link-lib=crypto
cargo:rerun-if-env-changed=PKG_CONFIG_x86_64-unknown-openbsd
cargo:rerun-if-env-changed=PKG_CONFIG_x86_64_unknown_openbsd
cargo:rerun-if-env-changed=HOST_PKG_CONFIG
cargo:rerun-if-env-changed=PKG_CONFIG
cargo:rerun-if-env-changed=OPENSSL_STATIC
cargo:rerun-if-env-changed=OPENSSL_DYNAMIC
cargo:rerun-if-env-changed=PKG_CONFIG_ALL_STATIC
cargo:rerun-if-env-changed=PKG_CONFIG_ALL_DYNAMIC
cargo:rerun-if-env-changed=PKG_CONFIG_PATH_x86_64-unknown-openbsd
cargo:rerun-if-env-changed=PKG_CONFIG_PATH_x86_64_unknown_openbsd
cargo:rerun-if-env-changed=HOST_PKG_CONFIG_PATH
cargo:rerun-if-env-changed=PKG_CONFIG_PATH
cargo:rerun-if-env-changed=PKG_CONFIG_LIBDIR_x86_64-unknown-openbsd
cargo:rerun-if-env-changed=PKG_CONFIG_LIBDIR_x86_64_unknown_openbsd
cargo:rerun-if-env-changed=HOST_PKG_CONFIG_LIBDIR
cargo:rerun-if-env-changed=PKG_CONFIG_LIBDIR
cargo:rerun-if-env-changed=PKG_CONFIG_SYSROOT_DIR_x86_64-unknown-openbsd
cargo:rerun-if-env-changed=PKG_CONFIG_SYSROOT_DIR_x86_64_unknown_openbsd
cargo:rerun-if-env-changed=HOST_PKG_CONFIG_SYSROOT_DIR
cargo:rerun-if-env-changed=PKG_CONFIG_SYSROOT_DIR
cargo:rerun-if-changed=build/expando.c
OPT_LEVEL = Some(3)
TARGET = Some(x86_64-unknown-openbsd)
OUT_DIR = Some(/tmp/tmpzw46sfn4/cryptography-43.0.1/src/rust/target/release/build/openssl-sys-69c53327ca178616/out)
HOST = Some(x86_64-unknown-openbsd)
cargo:rerun-if-env-changed=CC_x86_64-unknown-openbsd
CC_x86_64-unknown-openbsd = None
cargo:rerun-if-env-changed=CC_x86_64_unknown_openbsd
CC_x86_64_unknown_openbsd = None
cargo:rerun-if-env-changed=HOST_CC
HOST_CC = None
cargo:rerun-if-env-changed=CC
CC = None
cargo:rerun-if-env-changed=CC_ENABLE_DEBUG_OUTPUT
RUSTC_WRAPPER = None
cargo:rerun-if-env-changed=CRATE_CC_NO_DEFAULTS
CRATE_CC_NO_DEFAULTS = None
DEBUG = Some(false)
cargo:rerun-if-env-changed=CFLAGS_x86_64-unknown-openbsd
CFLAGS_x86_64-unknown-openbsd = None
cargo:rerun-if-env-changed=CFLAGS_x86_64_unknown_openbsd
CFLAGS_x86_64_unknown_openbsd = None
cargo:rerun-if-env-changed=HOST_CFLAGS
HOST_CFLAGS = None
cargo:rerun-if-env-changed=CFLAGS
CFLAGS = None
cargo:rustc-cfg=osslconf="OPENSSL_NO_BUF_FREELISTS"
cargo:rustc-cfg=osslconf="OPENSSL_NO_COMP"
cargo:rustc-cfg=osslconf="OPENSSL_NO_EC2M"
cargo:rustc-cfg=osslconf="OPENSSL_NO_ENGINE"
cargo:rustc-cfg=osslconf="OPENSSL_NO_KRB5"
cargo:rustc-cfg=osslconf="OPENSSL_NO_PSK"
cargo:rustc-cfg=osslconf="OPENSSL_NO_SRP"
cargo:rustc-cfg=osslconf="OPENSSL_NO_SSL3_METHOD"
cargo:rustc-cfg=osslconf="OPENSSL_NO_SEED"
cargo:rustc-cfg=osslconf="OPENSSL_NO_SCRYPT"
cargo:conf=OPENSSL_NO_BUF_FREELISTS,OPENSSL_NO_COMP,OPENSSL_NO_EC2M,OPENSSL_NO_ENGINE,OPENSSL_NO_KRB5,OPENSSL_NO_PSK,OPENSSL_NO_SRP,OPENSSL_NO_SSL3_METHOD,OPENSSL_NO_SEED,OPENSSL_NO_SCRYPT
cargo:rustc-cfg=openssl
cargo:rustc-cfg=libressl
cargo:rustc-cfg=libressl251
cargo:rustc-cfg=libressl252
cargo:rustc-cfg=libressl261
cargo:rustc-cfg=libressl270
cargo:rustc-cfg=libressl271
cargo:rustc-cfg=libressl273
cargo:rustc-cfg=libressl280
cargo:rustc-cfg=libressl281
cargo:rustc-cfg=libressl291
cargo:rustc-cfg=libressl310
cargo:rustc-cfg=libressl321
cargo:rustc-cfg=libressl332
cargo:rustc-cfg=libressl340
cargo:rustc-cfg=libressl350
cargo:rustc-cfg=libressl360
cargo:rustc-cfg=libressl370
cargo:rustc-cfg=libressl380
cargo:rustc-cfg=libressl381
cargo:rustc-cfg=libressl382
cargo:rustc-cfg=libressl390
cargo:rustc-cfg=libressl400
cargo:libressl_version_number=4000000f
--- stderr
thread 'main' panicked at /root/.cargo/registry/src/index.crates.io-6f17d22bba15001f/openssl-sys-0.9.103/build/main.rs:420:5:
This crate is only compatible with OpenSSL (version 1.0.1 through 1.1.1, or 3), or LibreSSL 2.5
through 3.9.x, but a different version of OpenSSL was found. The build is now aborting
due to this version mismatch.
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
warning: build failed, waiting for other jobs to finish...
π₯ maturin failed
Caused by: Failed to build a native library through cargo
Caused by: Cargo build finished with "exit status: 101": `env -u CARGO PYO3_ENVIRONMENT_SIGNATURE="cpython-3.11-64bit" PYO3_PYTHON="/tmp/tmpm4f6kesa/.venv/bin/python" PYTHON_SYS_EXECUTABLE="/tmp/tmpm4f6kesa/.venv/bin/python" "cargo" "rustc" "--features" "pyo3/abi3-py37" "--message-format" "json-render-diagnostics" "--locked" "--manifest-path" "/tmp/tmpzw46sfn4/cryptography-43.0.1/src/rust/Cargo.toml" "--release" "--lib"`
Error: command ['maturin', 'pep517', 'build-wheel', '-i', '/tmp/tmpm4f6kesa/.venv/bin/python', '--compatibility', 'off'] returned non-zero exit status 1
at ~/.local/lib/python3.11/site-packages/poetry/installation/chef.py:164 in _prepare
160β
161β error = ChefBuildError("\n\n".join(message_parts))
162β
163β if error is not None:
β 164β raise error from None
165β
166β return path
167β
168β def _prepare_sdist(self, archive: Path, destination: Path | None = None) -> Path:
Note: This error originates from the build backend, and is likely not a problem with poetry but with cryptography (43.0.1) not supporting PEP 517 builds. You can verify this by running 'pip wheel --no-cache-dir --use-pep517 "cryptography (==43.0.1)"'.
root@host 1 /tmp/test_crypto#
Install LibreSSL 3.9.2
cd /root
ftp https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.9.2.tar.gz
tar xzf libressl-3.9.2.tar.gz
cd libressl-3.9.2
./configure
make
make install DESTDIR=/tmp/
root@host /libressl-3.9.2# ./configure
checking build system type... x86_64-unknown-openbsd7.6
checking host system type... x86_64-unknown-openbsd7.6
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a race-free mkdir -p... /usr/local/bin/gmkdir -p
checking for gawk... no
checking for mawk... no
checking for nawk... no
...
config.status: creating libssl.pc
config.status: creating libtls.pc
config.status: creating openssl.pc
config.status: executing depfiles commands
config.status: executing libtool commands
root@host /libressl-3.9.2#
root@host /libressl-3.9.2# make
Making all in include
Making all in openssl
echo "generating opensslconf.h ..."
generating opensslconf.h ...
cp ../../include/arch/amd64/opensslconf.h opensslconf.h
make all-am
Making all in crypto
echo "generating crypto_portable.sym ..."
generating crypto_portable.sym ...
cp ../crypto/crypto.sym crypto_portable.sym
chmod u+w crypto_portable.sym
make all-am
CPPAS aes/libcrypto_la-aes-elf-x86_64.lo
CPPAS aes/libcrypto_la-bsaes-elf-x86_64.lo
CPPAS aes/libcrypto_la-vpaes-elf-x86_64.lo
...
CC netcat.o
CC socks.o
CC compat/socket.o
CC compat/base64.o
CCLD nc
ld: warning: netcat.c:470(netcat.o:(main)): warning: mktemp() possibly used unsafely; consider using mkstemp()
Making all in man
Making all in tests
CC empty.lo
CCLD libtest.la
root@host /libressl-3.9.2#
root@host /libressl-3.9.2# make install DESTDIR=/tmp/
Making install in include
Making install in openssl
make install-am
/usr/local/bin/gmkdir -p '/tmp//usr/local/include/openssl'
/usr/bin/install -c -m 644 opensslconf.h aes.h asn1.h asn1t.h bio.h blowfish.h bn.h buffer.h camellia.h cast.h chacha.h cmac.h cms.h comp.h conf.h conf_api.h crypto.h ct.h curve25519.h des.h dh.h dsa.h dtls1.h ec.h ecdh.h ecdsa.h engine.h err.h evp.h hkdf.h hmac.h idea.h kdf.h lhash.h md4.h md5.h modes.h obj_mac.h objects.h ocsp.h '/tmp//usr/local/include/openssl'
/usr/bin/install -c -m 644 opensslfeatures.h opensslv.h ossl_typ.h pem.h pem2.h pkcs12.h pkcs7.h poly1305.h posix_time.h rand.h rc2.h rc4.h ripemd.h rsa.h safestack.h sha.h sm3.h sm4.h srtp.h ssl.h ssl2.h ssl23.h ssl3.h stack.h tls1.h ts.h txt_db.h ui.h ui_compat.h whrlpool.h x509.h x509_vfy.h x509v3.h '/tmp//usr/local/include/openssl'
/usr/local/bin/gmkdir -p '/tmp//usr/local/include'
/usr/bin/install -c -m 644 tls.h '/tmp//usr/local/include'
Making install in crypto
make install-am
/usr/local/bin/gmkdir -p '/tmp//usr/local/lib'
/bin/sh ../libtool --mode=install /usr/bin/install -c libcrypto.la '/tmp//usr/local/lib'
libtool: install: /usr/bin/install -c -m 644 .libs/libcrypto.so.53.0 /tmp//usr/local/lib/libcrypto.so.53.0
libtool: install: /usr/bin/install -c -m 644 .libs/libcrypto.lai /tmp//usr/local/lib/libcrypto.la
libtool: install: /usr/bin/install -c .libs/libcrypto.a /tmp//usr/local/lib/libcrypto.a
...
ln -sf "x509_verify.3" "/tmp//usr/local/share/man/man3/x509_verify_ctx_set_purpose.3"
Making install in tests
make install-exec-hook
/usr/local/bin/gmkdir -p '/tmp//usr/local/lib/pkgconfig'
/usr/bin/install -c -m 644 libtls.pc libcrypto.pc libssl.pc openssl.pc '/tmp//usr/local/lib/pkgconfig'
root@host /libressl-3.9.2#
Build Cryptography with LibreSSL 3.9.2
export OPENSSL_DIR="/tmp/usr/local/"; time poetry add cryptography@43
root@host /tmp/gugus# export OPENSSL_DIR="/tmp/usr/local/"; time poetry add cryptography@43
Creating virtualenv gugus in /tmp/gugus/.venv
Updating dependencies
Resolving dependencies... (0.3s)
Package operations: 3 installs, 0 updates, 0 removals
- Installing pycparser (2.22)
- Installing cffi (1.17.1)
- Installing cryptography (43.0.0)
Writing lock file
1m40.77s real 2m31.68s user 0m15.74s system
root@host /tmp/gugus#
have phun!