OPNsense Forum
English Forums => 23.7 Legacy Series => Topic started by: newsense on November 14, 2023, 07:56:08 am
-
Posting it here for visibility, unsure if this is specific to OpenSSL 3.0.12 that I'm testing or happens on 1.1.1.w as well.
Both FWs where I'm seeing this are configured with DuckDNS and were fine before _1
Error configd.py [2750a2c9-94ac-466c-b786-d31293c304b1] Script action failed with Command '/usr/local/opnsense/scripts/ddclient/ddclient_opn.py -l' returned non-zero exit status 1. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/actions/script_output.py", line 44, in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.9/subprocess.py", line 373, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command '/usr/local/opnsense/scripts/ddclient/ddclient_opn.py -l' returned non-zero exit status 1.
-
Can you run that command? The "traceback" doesn't tell us why it fails.
# /usr/local/opnsense/scripts/ddclient/ddclient_opn.py -l
Cheers,
Franco
-
Here it is
root@OPNsense:~ # /usr/local/opnsense/scripts/ddclient/ddclient_opn.py -l
Traceback (most recent call last):
File "/usr/local/opnsense/scripts/ddclient/ddclient_opn.py", line 46, in <module>
print(json.dumps(AccountFactory().known_services()))
File "/usr/local/opnsense/scripts/ddclient/lib/poller.py", line 41, in __init__
self._register()
File "/usr/local/opnsense/scripts/ddclient/lib/poller.py", line 50, in _register
importlib.import_module(".%s" % os.path.splitext(os.path.basename(filename))[0], pkg_name)
File "/usr/local/lib/python3.9/importlib/__init__.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "<frozen importlib._bootstrap>", line 1030, in _gcd_import
File "<frozen importlib._bootstrap>", line 1007, in _find_and_load
File "<frozen importlib._bootstrap>", line 986, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line 680, in _load_unlocked
File "<frozen importlib._bootstrap_external>", line 850, in exec_module
File "<frozen importlib._bootstrap>", line 228, in _call_with_frames_removed
File "/usr/local/opnsense/scripts/ddclient/lib/account/aws.py", line 33, in <module>
import boto3
File "/usr/local/lib/python3.9/site-packages/boto3/__init__.py", line 17, in <module>
from boto3.session import Session
File "/usr/local/lib/python3.9/site-packages/boto3/session.py", line 17, in <module>
import botocore.session
File "/usr/local/lib/python3.9/site-packages/botocore/session.py", line 26, in <module>
import botocore.client
File "/usr/local/lib/python3.9/site-packages/botocore/client.py", line 15, in <module>
from botocore import waiter, xform_name
File "/usr/local/lib/python3.9/site-packages/botocore/waiter.py", line 18, in <module>
from botocore.docs.docstring import WaiterDocstring
File "/usr/local/lib/python3.9/site-packages/botocore/docs/__init__.py", line 15, in <module>
from botocore.docs.service import ServiceDocumenter
File "/usr/local/lib/python3.9/site-packages/botocore/docs/service.py", line 14, in <module>
from botocore.docs.client import (
File "/usr/local/lib/python3.9/site-packages/botocore/docs/client.py", line 18, in <module>
from botocore.docs.example import ResponseExampleDocumenter
File "/usr/local/lib/python3.9/site-packages/botocore/docs/example.py", line 13, in <module>
from botocore.docs.shape import ShapeDocumenter
File "/usr/local/lib/python3.9/site-packages/botocore/docs/shape.py", line 19, in <module>
from botocore.utils import is_json_value_header
File "/usr/local/lib/python3.9/site-packages/botocore/utils.py", line 37, in <module>
import botocore.httpsession
File "/usr/local/lib/python3.9/site-packages/botocore/httpsession.py", line 45, in <module>
from urllib3.contrib.pyopenssl import (
File "/usr/local/lib/python3.9/site-packages/urllib3/contrib/pyopenssl.py", line 50, in <module>
import OpenSSL.crypto
File "/usr/local/lib/python3.9/site-packages/OpenSSL/__init__.py", line 8, in <module>
from OpenSSL import SSL, crypto
File "/usr/local/lib/python3.9/site-packages/OpenSSL/SSL.py", line 9, in <module>
from OpenSSL._util import (
File "/usr/local/lib/python3.9/site-packages/OpenSSL/_util.py", line 6, in <module>
from cryptography.hazmat.bindings.openssl.binding import Binding
File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 167, in <module>
Binding.init_static_locks()
File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 134, in init_static_locks
cls._ensure_ffi_initialized()
File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 123, in _ensure_ffi_initialized
_legacy_provider_error(cls._legacy_provider_loaded)
File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 43, in _legacy_provider_error
raise RuntimeError(
RuntimeError: OpenSSL 3.0's legacy provider failed to load. This is a fatal error by default, but cryptography supports running without legacy algorithms by setting the environment variable CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you did not expect this error, you have likely made a mistake with your OpenSSL configuration.
-
Ok, definitely related. Thanks.
-
And the one from 3.11.1
/var/cache/pkg/ddclient-devel-3.11.1~21ca5d48d9.pkg
/var/cache/pkg/ddclient-devel-3.11.1.pkg
The cleanup will free 59 KiB
Deleting files: 100%
All done
root@OPNsense:~ # /usr/local/opnsense/scripts/ddclient/ddclient_opn.py -l
Traceback (most recent call last):
File "/usr/local/opnsense/scripts/ddclient/ddclient_opn.py", line 46, in <module>
print(json.dumps(AccountFactory().known_services()))
File "/usr/local/opnsense/scripts/ddclient/lib/poller.py", line 41, in __init__
self._register()
File "/usr/local/opnsense/scripts/ddclient/lib/poller.py", line 50, in _register
importlib.import_module(".%s" % os.path.splitext(os.path.basename(filename))[0], pkg_name)
File "/usr/local/lib/python3.9/importlib/__init__.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "<frozen importlib._bootstrap>", line 1030, in _gcd_import
File "<frozen importlib._bootstrap>", line 1007, in _find_and_load
File "<frozen importlib._bootstrap>", line 986, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line 680, in _load_unlocked
File "<frozen importlib._bootstrap_external>", line 850, in exec_module
File "<frozen importlib._bootstrap>", line 228, in _call_with_frames_removed
File "/usr/local/opnsense/scripts/ddclient/lib/account/aws.py", line 33, in <module>
import boto3
File "/usr/local/lib/python3.9/site-packages/boto3/__init__.py", line 17, in <module>
from boto3.session import Session
File "/usr/local/lib/python3.9/site-packages/boto3/session.py", line 17, in <module>
import botocore.session
File "/usr/local/lib/python3.9/site-packages/botocore/session.py", line 26, in <module>
import botocore.client
File "/usr/local/lib/python3.9/site-packages/botocore/client.py", line 15, in <module>
from botocore import waiter, xform_name
File "/usr/local/lib/python3.9/site-packages/botocore/waiter.py", line 18, in <module>
from botocore.docs.docstring import WaiterDocstring
File "/usr/local/lib/python3.9/site-packages/botocore/docs/__init__.py", line 15, in <module>
from botocore.docs.service import ServiceDocumenter
File "/usr/local/lib/python3.9/site-packages/botocore/docs/service.py", line 14, in <module>
from botocore.docs.client import (
File "/usr/local/lib/python3.9/site-packages/botocore/docs/client.py", line 18, in <module>
from botocore.docs.example import ResponseExampleDocumenter
File "/usr/local/lib/python3.9/site-packages/botocore/docs/example.py", line 13, in <module>
from botocore.docs.shape import ShapeDocumenter
File "/usr/local/lib/python3.9/site-packages/botocore/docs/shape.py", line 19, in <module>
from botocore.utils import is_json_value_header
File "/usr/local/lib/python3.9/site-packages/botocore/utils.py", line 37, in <module>
import botocore.httpsession
File "/usr/local/lib/python3.9/site-packages/botocore/httpsession.py", line 45, in <module>
from urllib3.contrib.pyopenssl import (
File "/usr/local/lib/python3.9/site-packages/urllib3/contrib/pyopenssl.py", line 50, in <module>
import OpenSSL.crypto
File "/usr/local/lib/python3.9/site-packages/OpenSSL/__init__.py", line 8, in <module>
from OpenSSL import SSL, crypto
File "/usr/local/lib/python3.9/site-packages/OpenSSL/SSL.py", line 9, in <module>
from OpenSSL._util import (
File "/usr/local/lib/python3.9/site-packages/OpenSSL/_util.py", line 6, in <module>
from cryptography.hazmat.bindings.openssl.binding import Binding
File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 167, in <module>
Binding.init_static_locks()
File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 134, in init_static_locks
cls._ensure_ffi_initialized()
File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 123, in _ensure_ffi_initialized
_legacy_provider_error(cls._legacy_provider_loaded)
File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 43, in _legacy_provider_error
raise RuntimeError(
RuntimeError: OpenSSL 3.0's legacy provider failed to load. This is a fatal error by default, but cryptography supports running without legacy algorithms by setting the environment variable CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you did not expect this error, you have likely made a mistake with your OpenSSL configuration.
-
This is the native backend, not ddclient. ddclient works fine as far as I can tell. Check backend ;)
-
Confirmed, thank you. They're fine now on ddclient backend.
They've been running for months on native though and only had the crash post 8_1...
-
It looks like an issue with botocore/boto3 on the aws/route53 updater. I don't think we're doing anything wrong here. Those libs are constantly being updated so it might go away sooner than later. For now we have to let this roll.
Cheers,
Franco