M2Crypto 0.20.1 won't build on Red Hat Linux

J

John Nagle

M2Crypto, from

http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-0.20.1.tar.gz

won't build on Red Hat Linux / 386. The error is

swig -python -I/usr/local/include/python2.5 -I/usr/include -includeall -o
SWIG/_m2crypto_wrap.c

SWIG/_m2crypto.i
/usr/include/openssl/opensslconf.h:27: Error: CPP #error ""This openssl-devel
package does not work your architecture?"".
Use the -cpperraswarn option to continue swig processing.
error: command 'swig' failed with exit status 1

It's some incompatibility between Red Hat include file packaging and M2Crypto.

There was at one time a note on how to deal with this problem, but it's been
deleted. It's still in Google's cache, though.
http://74.125.155.132/search?q=cach...s/+M2Crypto+building&cd=2&hl=en&ct=clnk&gl=us

I think I went through this mess two years ago, building M2Crypto 0.17. But
I've forgotten the solution.

What's current thinking on this?

(I know, Python 2.6 has new SSL support, but MySQLdb doesn't support
Python 2.6, so I can't convert yet.)

John Nagle
 
H

Heikki Toivonen

John said:
M2Crypto, from

http://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-0.20.1.tar.gz

won't build on Red Hat Linux / 386. The error is

It's some incompatibility between Red Hat include file packaging and
M2Crypto.

Yup, all Fedora Core-based systems actually.
There was at one time a note on how to deal with this problem, but it's
been deleted. It's still in Google's cache, though.

Not deleted, but my hosting provider made some changes that put my blog
and a number of sites down, without advance notice, while I was on
vacation :( Blog is back up, so the URL works again:
http://www.heikkitoivonen.net/blog/...-wrapper-for-fedora-core-based-distributions/

I've also added this to the FAQ:
http://chandlerproject.org/Projects/MeTooCrypto#Code
 
J

John Nagle

Heikki said:
Yup, all Fedora Core-based systems actually.


I've also added this to the FAQ:
http://chandlerproject.org/Projects/MeTooCrypto#Code

OK, did that. The build is now failing with

-bash-3.1$ ./fedora-setup.sh build
running build
running build_py
creating build
....
building 'M2Crypto.__m2crypto' extension
swigging SWIG/_m2crypto.i to SWIG/_m2crypto_wrap.c
swig -python -I/usr/local/include/python2.5 -I/usr/include -includeall -o
SWIG/_m2crypto_wrap.c SWIG/_m2crypto.i
SWIG/_evp.i:9: Error: Unable to find 'openssl/opensslconf-i686.h'
SWIG/_ec.i:7: Error: Unable to find 'openssl/opensslconf-i686.h'
error: command 'swig' failed with exit status 1
-bash-3.1$


Installed OpenSSL is "OpenSSL 0.9.8a 11 Oct 2005", and it doesn't
have an "openssl/opensslconf-i686.h". It has an "openssl/opensslconf-i386.h".

M2Crypto documentation says:
0.20.1:
* OpenSSL 0.9.7 or newer
o Some optional new features will require OpenSSL 0.9.8 or newer

so that's current.

The problem, of course, is that using "uname -m" is asking the wrong question.
It prints "i686" on CPUs that are 64-bit capable, even when they are running
a 32-bit version of Linux. This is running on a 64-bit capable server.

The right question is "uname --hardware-platform". That returns "i386" if
running on something emulating a 386, even it it's 64-bit capable.

With that change, the build runs to completion and and the regression tests
mostly run. Test failure occurred at:

======================================================================
FAIL: test_cipher_ok (tests.test_ssl.MiscSSLClientTestCase)
----------------------------------------------------------------------
Traceback (most recent call last):
File
"/var/www/vhosts/sitetruth.com/private/downloads/M2Crypto/M2Crypto-0.20.1/tests/test_ssl.py",
line 485, in test_cipher_ok
assert s.get_cipher().name() == 'AES128-SHA', s.get_cipher().name()
AssertionError: AES256-SHA

----------------------------------------------------------------------
Ran 226 tests in 91.672s

Is 'AES128-SHA' a cypher that Fedora Core doesn't support, or what?


John Nagle
 
H

Heikki Toivonen

John said:
The right question is "uname --hardware-platform". That returns "i386" if
running on something emulating a 386, even it it's 64-bit capable.

Thanks, I'll make a note that I'll need to clarify that part.
With that change, the build runs to completion and and the regression tests
mostly run. Test failure occurred at:

======================================================================
FAIL: test_cipher_ok (tests.test_ssl.MiscSSLClientTestCase)
----------------------------------------------------------------------
Traceback (most recent call last):
File
"/var/www/vhosts/sitetruth.com/private/downloads/M2Crypto/M2Crypto-0.20.1/tests/test_ssl.py",
line 485, in test_cipher_ok
assert s.get_cipher().name() == 'AES128-SHA', s.get_cipher().name()
AssertionError: AES256-SHA

That seems strange. OpenSSL does allow fine tuning what ciphers to build
and operate with, but this is the first I hear AES128-SHA might not be
turned on anymore. And even stranger still is that the test is
explicitly asking for 128 yet it is getting 256 back. Could you rerun
the test again just to make sure you can repeat it, and if so, let me
know the fedora core, openssl, swig and python versions?
 
J

John Nagle

Heikki said:
Thanks, I'll make a note that I'll need to clarify that part.


That seems strange. OpenSSL does allow fine tuning what ciphers to build
and operate with, but this is the first I hear AES128-SHA might not be
turned on anymore. And even stranger still is that the test is
explicitly asking for 128 yet it is getting 256 back. Could you rerun
the test again just to make sure you can repeat it, and if so, let me
know the fedora core, openssl, swig and python versions?

Ran it again. Same error.

python setup.py test
....
test_blocking0 (tests.test_ssl.MiscSSLClientTestCase) ... ok
test_blocking1 (tests.test_ssl.MiscSSLClientTestCase) ... ok
test_cipher_mismatch (tests.test_ssl.MiscSSLClientTestCase) ... ok
test_cipher_ok (tests.test_ssl.MiscSSLClientTestCase) ... FAIL
test_info_callback (tests.test_ssl.MiscSSLClientTestCase) ... LOOP: SSL connect:
before/connect initialization
LOOP: SSL connect: SSLv2/v3 write client hello A
....
test_26_compat (tests.test_ssl.FtpslibTestCase) ... ok

======================================================================
FAIL: test_cipher_ok (tests.test_ssl.MiscSSLClientTestCase)
----------------------------------------------------------------------
Traceback (most recent call last):
File
"/var/www/vhosts/sitetruth.com/private/downloads/M2Crypto/M2Crypto-0.20.1/tests/test_ssl.py",
line 485, in test_cipher_ok
assert s.get_cipher().name() == 'AES128-SHA', s.get_cipher().name()
AssertionError: AES256-SHA

----------------------------------------------------------------------
Ran 226 tests in 166.875s

FAILED (failures=1)

System info:

-bash-3.1$ uname -r -v
2.6.18-1.2239.fc5smp #1 SMP Fri Nov 10 13:22:44 EST 2006

-bash-3.1$ python --version
Python 2.5

-bash-3.1$ swig -version

SWIG Version 1.3.31

Compiled with i386-redhat-linux-g++ [i386-redhat-linux-gnu]
Please see http://www.swig.org for reporting bugs and further information

-bash-3.1$ openssl
OpenSSL> version
OpenSSL 0.9.8a 11 Oct 2005
OpenSSL>

So, per "http://chandlerproject.org/bin/view/Projects/MeTooCrypto":

Required Python version: 2.4 or newer. Using Python 2.5. REQUIREMENT MET.
Required SWIG version: 1.3.30 or newer. Using SWIG 1.3.31 REQUIREMENT MET.
Required OpenSSL version: 0.9.8 or newer: Using OpenSSL 0.9.8a. REQUIREMENT MET.

John Nagle
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top