FS#65036 - [python2-boto] Apply upstream PR#3843 to fix SNI with Google
Attached to Project:
Community Packages
Opened by Troy Engel (TE) - Saturday, 04 January 2020, 00:16 GMT
Last edited by Felix Yan (felixonmars) - Monday, 09 March 2020, 10:39 GMT
Opened by Troy Engel (TE) - Saturday, 04 January 2020, 00:16 GMT
Last edited by Felix Yan (felixonmars) - Monday, 09 March 2020, 10:39 GMT
|
Details
Description:
Hi packagers, I use the duply + duplicity software, which is still using this old python2-boto; there is an outstanding bugfix to the last tagged version upstream which only exists on the `devel` branch - it appears after looking at their activity upstream has not actually released a year's worth of bugfixes to the master branch and popped a release. The one we need is this one: https://github.com/boto/boto/pull/3843 https://patch-diff.githubusercontent.com/raw/boto/boto/pull/3843.diff I apparently patched this manually a long time ago and forgot about it, the recent python3 rebuild of this package (2.49.0-1 -> 2.49.0-3) undid my local patch but I didn't catch it so I started getting the errors again in my logs and went back down this rabbit hole to re-fix it, as I use Google Cloud Storage as a backend datastore. Re-applying this PR diff directly (no edits) re-fixed my problem and my backups are working again. (I really should look at my logs more it was telling me it was broken for over a month. :() So, I'd like to see if we can get this added to our Arch package since upstream has basically walked away from the project and moved on to their boto3 newer version (no commits since March 2019, even to devel). Thanks, -te Additional Information: Here's the collected software stack which is emitted to the logs by duplicity: Using installed duplicity version 0.7.19, python 2.7.17 (/usr/bin/python2), gpg 2.2.19 (Home: /home/tengel/.gnupg), awk 'GNU Awk 5.0.1, API: 2.0 (GNU MPFR 4.0.2, GNU MP 6.1.2)', grep 'grep (GNU grep) 3.3', bash '5.0.11(1)-release (x86_64-pc-linux-gnu)'. The python SSL-to-Google crashes without the patch applied: --- Start running command BKP at 17:46:49.590 --- Traceback (innermost last): File "/usr/bin/duplicity", line 1581, in <module> with_tempdir(main) File "/usr/bin/duplicity", line 1567, in with_tempdir fn() File "/usr/bin/duplicity", line 1406, in main action = commandline.ProcessCommandLine(sys.argv[1:]) File "/usr/lib/python2.7/site-packages/duplicity/commandline.py", line 1140, in ProcessCommandLine backup, local_pathname = set_backend(args[0], args[1]) File "/usr/lib/python2.7/site-packages/duplicity/commandline.py", line 1015, in set_backend globals.backend = backend.get_backend(bend) File "/usr/lib/python2.7/site-packages/duplicity/backend.py", line 223, in get_backend obj = get_backend_object(url_string) File "/usr/lib/python2.7/site-packages/duplicity/backend.py", line 209, in get_backend_object return factory(pu) File "/usr/lib/python2.7/site-packages/duplicity/backends/_boto_single.py", line 166, in __init__ self.resetConnection() File "/usr/lib/python2.7/site-packages/duplicity/backends/_boto_single.py", line 191, in resetConnection location=self.my_location) File "/usr/lib/python2.7/site-packages/boto/gs/connection.py", line 95, in create_bucket data=get_utf8_value(data)) File "/usr/lib/python2.7/site-packages/boto/s3/connection.py", line 671, in make_request retry_handler=retry_handler File "/usr/lib/python2.7/site-packages/boto/connection.py", line 1071, in make_request retry_handler=retry_handler) File "/usr/lib/python2.7/site-packages/boto/connection.py", line 1030, in _mexe raise ex SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727) |
This task depends upon
https://git.archlinux.org/svntogit/community.git/commit/trunk?h=packages/duplicity&id=62737b2aae650fad436c9c31872946da804ea9ad
-te
FS#64935python2-boto can be dropped.FS#65239. Anything still needs to be done here?FS#64935it's a candidate to drop as well. Kinda on the Arch Packaging team I think at this point...