Regression in python-cryptography package

Off-topic discussion/chat/argue area with special rules of engagement.
Forum rules
The Off-Topic area is a general community discussion and chat area with special rules of engagement.

Enter, read and post at your own risk. You have been warned!
While our staff will try to guide the herd into sensible directions, this board is a mostly unrestricted zone where almost anything can be discussed, including matters not directly related to the project, technology or similar adjacent topics.

We do, however, require that you:
  • Do not post anything pornographic.
  • Do not post hate speech in the traditional sense of the term.
  • Do not post content that is illegal (including links to protected software, cracks, etc.)
  • Do not post commercial advertisements, SEO links or SPAM posts.
We also ask that you keep strongly polarizing topics like politics and religion to a minimum. This forum is not the right place to discuss such things.
Please do exercise some common sense. How you act here will inevitably influence how you are treated elsewhere.
User avatar
Mæstro
Astronaut
Astronaut
Posts: 552
Joined: 2019-08-13, 00:30
Location: Casumia

Regression in python-cryptography package

Unread post by Mæstro » 2023-02-21, 22:25

This is a technical problem which has nothing to do with Pale Moon, but I see no harm in mentioning it here for anybody who can offer advice, information or pass this error report to the right places.

I have suffered my first Linux regression ever. The package python-cryptography had upgraded today from version 2.6.1-3+deb10u2 to version 2.6.1-3+deb10u3. As a result, Gajim (v1·1·2), my usual IM client, would not load as it ought when run, but displayed and instantly closed an error message before terminating. My reaction time is too slow for me to have captured the error message for posterity as a screenshot. I could only glimpse ‘Python’ somewhere in its text, which was my hint to what had happened.
I have stayed the immediate problem (restoring Gajim’s functionality) by using Timeshift to undo the regression, after which I have blacklisted it within my upgrade manager. Nevertheless, freezing upgrades like this is not ideal for obvious reasons. Is this a replicable bug in (backporting to?) Debian 10 which should be reported? If not, is there something I, as a lay user, am missing in how to tame this regression?
While I would rather this not become the chat’s focus, are reasons I am using Debian 10 LTS over Debian 11. Chief of these is Gajim itself: Debian 11 uses Gajim 1·3, which has a Discord-like interface which I despise. (I have compared Pidgin, Psi+ and other Jabber clients, but only Gajim has the features I need.) Moreover, I am not in the place to meddle with this, my workstation, until after my current academic term ends in May.
Browser: Pale Moon (official build, updated regularly)
Operating System: Linux Mint Debian Edition 4 (amd64)
※Receiving Debian 10 ELTS security upgrades
Hardware: HP Pavilion DV6-7010 (1400 MHz, 6 GB)
Ash is the best letter.
Top
User avatar
moonbat
Knows the dark side
Knows the dark side
Posts: 5605
Joined: 2015-12-09, 15:45

Re: Regression in python-cryptography package

Unread post by moonbat » 2023-02-21, 23:04

Run gajim from a terminal and you might be able to see the error output.
"One hosts to look them up, one DNS to find them and in the darkness BIND them."

Image
KDE Neon on a Slimbook Excalibur (Ryzen 7 8845HS, 64 GB RAM)
AutoPageColor|PermissionsPlus|PMPlayer|Pure URL|RecordRewind|TextFX
Jabber: moonbat@hot-chili.net
Top
User avatar
Mæstro
Astronaut
Astronaut
Posts: 552
Joined: 2019-08-13, 00:30
Location: Casumia

Re: Regression in python-cryptography package

Unread post by Mæstro » 2023-02-21, 23:57

Code: Select all

maestro@ayaka:~$ gajim
Found default language: de
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/gajim/application.py", line 220, in _activate
    self.interface = Interface()
  File "/usr/lib/python3/dist-packages/gajim/gui_interface.py", line 2704, in __init__
    app.connections[account] = Connection(account)
  File "/usr/lib/python3/dist-packages/gajim/common/connection.py", line 526, in __init__
    self.password = passwords.get_password(name)
  File "/usr/lib/python3/dist-packages/gajim/common/passwords.py", line 149, in get_password
    return get_storage().get_password(account_name)
  File "/usr/lib/python3/dist-packages/gajim/common/passwords.py", line 113, in get_password
    pw = backend.get_password(account_name)
  File "/usr/lib/python3/dist-packages/gajim/common/passwords.py", line 70, in get_password
    return self.keyring.get_password('gajim', account_name)
  File "/usr/lib/python3/dist-packages/keyring/backends/chainer.py", line 46, in get_password
    password = keyring.get_password(service, username)
  File "/usr/lib/python3/dist-packages/keyring/backends/SecretService.py", line 72, in get_password
    return item.get_secret().decode('utf-8')
  File "/usr/lib/python3/dist-packages/secretstorage/item.py", line 104, in get_secret
    padded_secret = decryptor.update(encrypted_secret) + decryptor.finalize()
  File "/usr/lib/python3/dist-packages/cryptography/hazmat/primitives/ciphers/base.py", line 149, in update
    return self._ctx.update(data)
  File "/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/ciphers.py", line 124, in update
    n = self.update_into(data, buf)
  File "/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/ciphers.py", line 140, in update_into
    self._backend._ffi.from_buffer(data, require_writable=True), len(data)
BufferError: Object is not writable.

** (gajim:16791): WARNING **: 18:56:52.840: Error sending SSDP packet to 239.255.255.250: Fehler beim Senden der Nachricht: Die Operation ist nicht erlaubt

** (gajim:16791): WARNING **: 18:56:52.840: Error sending SSDP packet to 239.255.255.250: Fehler beim Senden der Nachricht: Die Operation ist nicht erlaubt
maestro@ayaka:~$
Browser: Pale Moon (official build, updated regularly)
Operating System: Linux Mint Debian Edition 4 (amd64)
※Receiving Debian 10 ELTS security upgrades
Hardware: HP Pavilion DV6-7010 (1400 MHz, 6 GB)
Ash is the best letter.
Top
User avatar
moonbat
Knows the dark side
Knows the dark side
Posts: 5605
Joined: 2015-12-09, 15:45

Re: Regression in python-cryptography package

Unread post by moonbat » 2023-02-22, 02:25

You could open an issue with the error here.
"One hosts to look them up, one DNS to find them and in the darkness BIND them."

Image
KDE Neon on a Slimbook Excalibur (Ryzen 7 8845HS, 64 GB RAM)
AutoPageColor|PermissionsPlus|PMPlayer|Pure URL|RecordRewind|TextFX
Jabber: moonbat@hot-chili.net
Top
User avatar
Mæstro
Astronaut
Astronaut
Posts: 552
Joined: 2019-08-13, 00:30
Location: Casumia

Re: Regression in python-cryptography package

Unread post by Mæstro » 2023-02-22, 22:12

Either some Debian LTS developer is reading this board, or the regression had affected others who could report the problem; there was another upgrade for python-cryptography today. The new version (2.6.1-3+deb10u4) works as desired. :relaxed:
Browser: Pale Moon (official build, updated regularly)
Operating System: Linux Mint Debian Edition 4 (amd64)
※Receiving Debian 10 ELTS security upgrades
Hardware: HP Pavilion DV6-7010 (1400 MHz, 6 GB)
Ash is the best letter.
Top
User avatar
moonbat
Knows the dark side
Knows the dark side
Posts: 5605
Joined: 2015-12-09, 15:45

Re: Regression in python-cryptography package

Unread post by moonbat » 2023-02-22, 23:05

Most likely the latter, since it is a library that would be used by many projects.
"One hosts to look them up, one DNS to find them and in the darkness BIND them."

Image
KDE Neon on a Slimbook Excalibur (Ryzen 7 8845HS, 64 GB RAM)
AutoPageColor|PermissionsPlus|PMPlayer|Pure URL|RecordRewind|TextFX
Jabber: moonbat@hot-chili.net
Top

Return to “Off-Topic”