Hi, I'm porting S3QL, see https://bitbucket.org/nikratio/s3ql/overview. It creates a mountable filesystem on a Amazon S3 bucket. I already came this far: https://github.com/niklaas/freebsd-port-s3ql which also requires two python modules there are so far no ports for too:
llfuse: https://github.com/niklaas/freebsd-port-llfuse dugong: https://github.com/niklaas/freebsd-port-dugong `poudriere testport` works fine. I installed the port on a FreeBSD system successfully and it seems to work fine. S3QL connects to the S3 bucket via SSL. But the connection only works if I use the following command, explicitly stating the location of ca-root-nss.crt: mkfs.s3ql --backend-options ssl-ca-path=/usr/local/share/certs/ca-root-nss.crt s3://<bucket-name> Not doing so causes the following errors: > Traceback (most recent call last): > File "/usr/local/bin/mount.s3ql", line 9, in <module> > load_entry_point('s3ql==2.15', 'console_scripts', 'mount.s3ql')() > File "/usr/local/lib/python3.4/site-packages/s3ql/mount.py", line 120, in > main > options.authfile, options.compress) > File "/usr/local/lib/python3.4/site-packages/s3ql/common.py", line 340, in > get_backend_factory > backend.fetch('s3ql_passphrase') > File "/usr/local/lib/python3.4/site-packages/s3ql/backends/common.py", line > 351, in fetch > return self.perform_read(do_read, key) > File "/usr/local/lib/python3.4/site-packages/s3ql/backends/common.py", line > 107, in wrapped > return method(*a, **kw) > File "/usr/local/lib/python3.4/site-packages/s3ql/backends/common.py", line > 314, in perform_read > fh = self.open_read(key) > File "/usr/local/lib/python3.4/site-packages/s3ql/backends/common.py", line > 107, in wrapped > return method(*a, **kw) > File "/usr/local/lib/python3.4/site-packages/s3ql/backends/s3c.py", line > 302, in open_read > resp = self._do_request('GET', '/%s%s' % (self.prefix, key)) > File "/usr/local/lib/python3.4/site-packages/s3ql/backends/s3c.py", line > 437, in _do_request > query_string=query_string, body=body) > File "/usr/local/lib/python3.4/site-packages/s3ql/backends/s3c.py", line > 668, in _send_request > self.conn.send_request(method, path, body=body, headers=headers) > File "/usr/local/lib/python3.4/site-packages/dugong/__init__.py", line 508, > in send_request > self.timeout) > File "/usr/local/lib/python3.4/site-packages/dugong/__init__.py", line > 1396, in eval_coroutine > if not next(crt).poll(timeout=timeout): > File "/usr/local/lib/python3.4/site-packages/dugong/__init__.py", line 535, > in co_send_request > self.connect() > File "/usr/local/lib/python3.4/site-packages/dugong/__init__.py", line 444, > in connect > self._sock = self.ssl_context.wrap_socket(self._sock, > server_hostname=server_hostname) > File "/usr/local/lib/python3.4/ssl.py", line 365, in wrap_socket > _context=self) > File "/usr/local/lib/python3.4/ssl.py", line 583, in __init__ > self.do_handshake() > File "/usr/local/lib/python3.4/ssl.py", line 810, in do_handshake > self._sslobj.do_handshake() > ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed > (_ssl.c:600) I did some research and found this *fixed* bug which is more or less recent: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196431 I was wondering whether there are still some issues with security/ca_root_nss or whether I forgot to specify something in the Makefile? How can I find out where python is looking for the certificates? This would enable me to create a symlink which could be added to the final version of my port of net/s3ql then too. (Note: I don't know python.) Any help is very much appreciated. Best, -- Niklaas _______________________________________________ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
