[Bug 1903890] [NEW] python3-openssl appears to be built against the wrong version of libffi

Tom Cook 1903890 at bugs.launchpad.net
Wed Nov 11 17:10:28 UTC 2020 

Public bug reported:

I've just upgraded to Ubuntu 20.10 which comes with python3-openssl
version 19.0.1-2.  It breaks (at least some) Python applications that
use the `requests` library to access HTTPS URLS.  For instance, this
stack trace (note that I have clipped the first few frames from the
stack as they are proprietary):

  File "/home/tkcook/.local/lib/python3.8/site-packages/requests/api.py", line 76, in get
    return request('get', url, params=params, **kwargs)
  File "/home/tkcook/.local/lib/python3.8/site-packages/requests/api.py", line 61, in request
    return session.request(method=method, url=url, **kwargs)
  File "/home/tkcook/.local/lib/python3.8/site-packages/requests/sessions.py", line 530, in request
    resp = self.send(prep, **send_kwargs)
  File "/home/tkcook/.local/lib/python3.8/site-packages/requests/sessions.py", line 643, in send
    r = adapter.send(request, **kwargs)
  File "/home/tkcook/.local/lib/python3.8/site-packages/requests/adapters.py", line 439, in send
    resp = conn.urlopen(
  File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 670, in urlopen
    httplib_response = self._make_request(
  File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 381, in _make_request
    self._validate_conn(conn)
  File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 978, in _validate_conn
    conn.connect()
  File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 342, in connect
    self.ssl_context = create_urllib3_context(
  File "/usr/lib/python3/dist-packages/urllib3/util/ssl_.py", line 289, in create_urllib3_context
    context.verify_mode = cert_reqs
  File "/usr/lib/python3/dist-packages/urllib3/contrib/pyopenssl.py", line 438, in verify_mode
    self._ctx.set_verify(_stdlib_to_openssl_verify[value], _verify_callback)
  File "/usr/lib/python3/dist-packages/OpenSSL/SSL.py", line 1119, in set_verify
    self._verify_helper = _VerifyHelper(callback)
  File "/usr/lib/python3/dist-packages/OpenSSL/SSL.py", line 337, in __init__
    self.callback = _ffi.callback(
SystemError: ffi_prep_closure(): bad user_data (it seems that the version of the libffi library seen at runtime is different from the 'ffi.h' file seen at compile-time)

** Affects: pyopenssl (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to pyopenssl in Ubuntu.
https://bugs.launchpad.net/bugs/1903890

Title:
  python3-openssl appears to be built against the wrong version of
  libffi

Status in pyopenssl package in Ubuntu:
  New

Bug description:
  I've just upgraded to Ubuntu 20.10 which comes with python3-openssl
  version 19.0.1-2.  It breaks (at least some) Python applications that
  use the `requests` library to access HTTPS URLS.  For instance, this
  stack trace (note that I have clipped the first few frames from the
  stack as they are proprietary):

    File "/home/tkcook/.local/lib/python3.8/site-packages/requests/api.py", line 76, in get
      return request('get', url, params=params, **kwargs)
    File "/home/tkcook/.local/lib/python3.8/site-packages/requests/api.py", line 61, in request
      return session.request(method=method, url=url, **kwargs)
    File "/home/tkcook/.local/lib/python3.8/site-packages/requests/sessions.py", line 530, in request
      resp = self.send(prep, **send_kwargs)
    File "/home/tkcook/.local/lib/python3.8/site-packages/requests/sessions.py", line 643, in send
      r = adapter.send(request, **kwargs)
    File "/home/tkcook/.local/lib/python3.8/site-packages/requests/adapters.py", line 439, in send
      resp = conn.urlopen(
    File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 670, in urlopen
      httplib_response = self._make_request(
    File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 381, in _make_request
      self._validate_conn(conn)
    File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 978, in _validate_conn
      conn.connect()
    File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 342, in connect
      self.ssl_context = create_urllib3_context(
    File "/usr/lib/python3/dist-packages/urllib3/util/ssl_.py", line 289, in create_urllib3_context
      context.verify_mode = cert_reqs
    File "/usr/lib/python3/dist-packages/urllib3/contrib/pyopenssl.py", line 438, in verify_mode
      self._ctx.set_verify(_stdlib_to_openssl_verify[value], _verify_callback)
    File "/usr/lib/python3/dist-packages/OpenSSL/SSL.py", line 1119, in set_verify
      self._verify_helper = _VerifyHelper(callback)
    File "/usr/lib/python3/dist-packages/OpenSSL/SSL.py", line 337, in __init__
      self.callback = _ffi.callback(
  SystemError: ffi_prep_closure(): bad user_data (it seems that the version of the libffi library seen at runtime is different from the 'ffi.h' file seen at compile-time)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pyopenssl/+bug/1903890/+subscriptions

More information about the foundations-bugs mailing list