py37-certbot and py37-certbot-dns-rfc2136 requires py37-openssl. packages are set to latest. upgraded today, and it installed py37-openssl-0.20.1. It seems that python package requires py-cryptography >= 3.2, and only 2.9.2 is installed. Then running certbot exits on a trackback: ``` Traceback (most recent call last): File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 583, in _build_master ws.require(__requires__) File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 900, in require needed = self.resolve(parse_requirements(requirements)) File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 791, in resolve raise VersionConflict(dist, req).with_context(dependent_req) pkg_resources.ContextualVersionConflict: (cryptography 2.9.2 (/usr/local/lib/python3.7/site-packages), Requirement.parse('cryptography>=3.2'), {'PyOpenSSL'}) During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/local/bin/certbot", line 6, in <module> from pkg_resources import load_entry_point File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 3251, in <module> @_call_aside File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 3235, in _call_aside f(*args, **kwargs) File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 3264, in _initialize_master_working_set working_set = WorkingSet._build_master() File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 585, in _build_master return cls._build_from_requirements(__requires__) File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 598, in _build_from_requirements dists = ws.resolve(reqs, Environment()) File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 791, in resolve raise VersionConflict(dist, req).with_context(dependent_req) pkg_resources.ContextualVersionConflict: (cryptography 2.9.2 (/usr/local/lib/python3.7/site-packages), Requirement.parse('cryptography>=3.2'), {'PyOpenSSL'}) ``` To fix, I had to deinstall py37-openssl-0.20.1 and reinstall py37-openssl-0.19.1 from package cache on my server.
Hi Guillaume, Thanks for your bug report, I will looking deeply at it and be back to you.
Created attachment 223695 [details] update run dependency with py-cryptography >= 3.2 Could you try to apply the following patch and run certbot again? You need to rebuild the package locally for that before. You can use the commands below to rebuild your py-openssl new package on the host or your could use a poudriere jail: # cd /usr/ports/security/py-openssl # patch -p0 < py-openssl-20.0.1_1.diff # make package reinstall clean Then you will end up with the new package reported by pkg info|egrep openssl Please run again certbot for confirmation it fixes the dependency bug.
Hello, Thank you for looking into it, I've been using packages updates since then and managed to upgrade py-cryptography and py-openssl. I can't try your patch since I'm not using ports on the server I had the problem. I think this bug can be closed.
Submitter said it can be closed now.