[Bug 1752660] Re: keystone requires cffi to be installed for fernat tokens
Graham Hayes
1752660 at bugs.launchpad.net
Fri Mar 2 15:36:12 UTC 2018
The stack trace I am getting looks like:
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/keystone/common/wsgi.py", line 226, in __call__
result = method(req, **params)
File "/usr/lib/python2.7/dist-packages/keystone/auth/controllers.py", line 154, in authenticate_for_token
parent_audit_id=token_audit_id)
File "/usr/lib/python2.7/dist-packages/keystone/common/manager.py", line 116, in wrapped
__ret_val = __f(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/keystone/token/provider.py", line 210, in issue_token
parent_audit_id=parent_audit_id)
File "/usr/lib/python2.7/dist-packages/keystone/token/providers/fernet/core.py", line 53, in issue_token
*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/keystone/token/providers/common.py", line 605, in issue_token
token_id = self._get_token_id(token_data)
File "/usr/lib/python2.7/dist-packages/keystone/token/providers/fernet/core.py", line 187, in _get_token_id
app_cred_id=app_cred_id
File "/usr/lib/python2.7/dist-packages/keystone/token/token_formatters.py", line 160, in create_token
token = self.pack(serialized_payload)
File "/usr/lib/python2.7/dist-packages/keystone/token/token_formatters.py", line 79, in pack
return self.crypto.encrypt(payload).rstrip(b'=').decode('utf-8')
File "/usr/lib/python2.7/dist-packages/cryptography/fernet.py", line 135, in encrypt
return self._fernets[0].encrypt(msg)
File "/usr/lib/python2.7/dist-packages/cryptography/fernet.py", line 51, in encrypt
return self._encrypt_from_parts(data, current_time, iv)
File "/usr/lib/python2.7/dist-packages/cryptography/fernet.py", line 62, in _encrypt_from_parts
ciphertext = encryptor.update(padded_data) + encryptor.finalize()
File "/usr/lib/python2.7/dist-packages/cryptography/hazmat/primitives/ciphers/base.py", line 149, in update
return self._ctx.update(data)
File "/usr/lib/python2.7/dist-packages/cryptography/hazmat/backends/openssl/ciphers.py", line 120, in update
n = self.update_into(data, buf)
File "/usr/lib/python2.7/dist-packages/cryptography/hazmat/backends/openssl/ciphers.py", line 131, in update_into
"unsigned char *", self._backend._ffi.from_buffer(buf)
TypeError: from_buffer() cannot return the address of the raw string within a str or unicode or bytearray object
It looks like it is transitive via cryptography when using fernat
encryption.
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to keystone in Ubuntu.
https://bugs.launchpad.net/bugs/1752660
Title:
keystone requires cffi to be installed for fernat tokens
Status in Ubuntu Cloud Archive:
Incomplete
Status in OpenStack Identity (keystone):
New
Status in keystone package in Ubuntu:
Incomplete
Bug description:
When installing keystone (via apt-get install keystone) apt does not
install python-cffi, which is required for keystone to implement
fernat tokens (the current recommended token type)
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: keystone 2:13.0.0-0ubuntu1~cloud0 [origin: Canonical]
Uname: Linux 4.4.88-mainline-rev1 x86_64
ApportVersion: 2.20.1-0ubuntu2.15
Architecture: amd64
CrashDB:
{
"impl": "launchpad",
"project": "cloud-archive",
"bug_pattern_url": "http://people.canonical.com/~ubuntu-archive/bugpatterns/bugpatterns.xml",
}
Date: Thu Mar 1 17:19:34 2018
PackageArchitecture: all
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: keystone
UpgradeStatus: No upgrade log present (probably fresh install)
mtime.conffile..etc.keystone.keystone.conf: 2018-03-01T16:51:52.734036
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1752660/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list