Bug #8557

rubygems/security.rb is loaded twice if openssl is unavailable

Added by Nobuyoshi Nakada 10 months ago. Updated 7 months ago.

[ruby-core:55581]
Status:Closed
Priority:Normal
Assignee:Eric Hodel
Category:lib/rubygems
Target version:2.1.0
ruby -v:2.1.0dev Backport:2.0.0: DONE

Description

=begin
Since r39606, ((%rubygems/security.rb%)) is loaded twice if ((%openssl%)) is unavailable.

$ make TESTS=rubygems test-all
CC = clang
LD = ld
LDSHARED = clang -dynamiclib
CFLAGS = -O3 -fno-fast-math -ggdb3 -Wall -Wextra -Wno-unused-parameter -Wno-parentheses -Wno-long-long -Wno-missing-field-initializers -Wunused-variable -Werror=pointer-arith -Werror=write-strings -Werror=declaration-after-stateme
XCFLAGS = -DFORTIFYSOURCE=2 -fstack-protector -fno-strict-overflow -fvisibility=hidden -DRUBYEXPORT
CPPFLAGS = -D
XOPENSOURCE -DDARWINCSOURCE -DDARWINUNLIMITEDSELECT -DREENTRANT -I. -I.ext/include/x8664-darwin11 -I../src/include -I../src
DLDFLAGS = -Wl,-undefined,dynamic
lookup -Wl,-multiplydefined,suppress -installname @executablepath/../lib/libruby.2.1.0.dylib -currentversion 2.1.0 -compatibilityversion 2.1.0 -fstack-protector -Wl,-u,objcmsgSend -fstack
SOLIBS =
Apple LLVM version 4.2 (clang-425.0.27) (based on LLVM 3.2svn)
Target: x86
64-apple-darwin11.4.2
Thread model: posix
./miniruby -I../src/lib -I. -I.ext/common ../src/tool/runruby.rb --extout=.ext -- --disable-gems "../src/test/runner.rb" --ruby="./miniruby -I../src/lib -I. -I.ext/common ../src/tool/runruby.rb --extout=.ext -- --disable-gems" rubyge
/Users/nobu/src/ruby/trunk/src/lib/rubygems/security.rb:355: warning: already initialized constant Gem::Security::DIGESTALGORITHM
/Users/nobu/src/ruby/trunk/src/lib/rubygems/security.rb:355: warning: previous definition of DIGEST
ALGORITHM was here

$ nmake TESTS=rubygems test-all
CC = cl -nologo
LD = cl -nologo
LDSHARED = cl -nologo -LD
CFLAGS = -MD -Zi -W2 -wd4996 -we4028 -we4142 -O2sy- -Zm600
XCFLAGS = -DRUBYEXPORT -I. -I.ext/include/i386-mswin32110 -I../src/include -I../src -I../src/missing
CPPFLAGS =
DLDFLAGS = -incremental:no -debug -opt:ref -opt:icf -dll
SOLIBS =
.\ruby.exe -I../src/lib -I".ext/i386-mswin32110" -I. "../src/tool/runruby.rb" --extout=".ext" -- --disable-gems "../src/test/runner.rb" --ruby=".\ruby.exe -I../src/lib -I".ext/i386-mswin32110" -I. "../src/tool/runruby.rb" --extout=".ext" -- --disable-gems" rubygems
C:/Users/nobu/build/ruby/trunk/src/lib/rubygems/security.rb:355: warning: already initialized constant Gem::Security::DIGESTALGORITHM
C:/Users/nobu/build/ruby/trunk/src/lib/rubygems/security.rb:355: warning: previous definition of DIGEST
ALGORITHM was here

It seems to intend to fake (({OpenSSL})) but doesn't work actually, because (({Gem::Security::Policy})) requires ((%openssl%)).

$ ./bin/ruby -rrubygems/security -ep
C:/Users/nobu/build/ruby/trunk/i386-mswin32110/lib/ruby/vendorruby/rubygems/coreext/kernelrequire.rb:45:in require': cannot load such file -- openssl (LoadError)
from C:/Users/nobu/build/ruby/trunk/i386-mswin32_110/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_require.rb:45:in
require'
from C:/Users/nobu/build/ruby/trunk/i386-mswin32110/lib/ruby/vendorruby/rubygems/security/policy.rb:23:in initialize'
from C:/Users/nobu/build/ruby/trunk/i386-mswin32_110/lib/ruby/vendor_ruby/rubygems/security/policies.rb:6:in
new'
from C:/Users/nobu/build/ruby/trunk/i386-mswin32110/lib/ruby/vendorruby/rubygems/security/policies.rb:6:in <module:Security>'
from C:/Users/nobu/build/ruby/trunk/i386-mswin32_110/lib/ruby/vendor_ruby/rubygems/security/policies.rb:1:in
'
from C:/Users/nobu/build/ruby/trunk/i386-mswin32110/lib/ruby/vendorruby/rubygems/coreext/kernelrequire.rb:45:in require'
from C:/Users/nobu/build/ruby/trunk/i386-mswin32_110/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_require.rb:45:in
require'
from C:/Users/nobu/build/ruby/trunk/i386-mswin32110/lib/ruby/vendorruby/rubygems/security.rb:583:in <top (required)>'
from C:/Users/nobu/build/ruby/trunk/i386-mswin32_110/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_require.rb:45:in
require'
from C:/Users/nobu/build/ruby/trunk/i386-mswin32110/lib/ruby/vendorruby/rubygems/coreext/kernelrequire.rb:45:in `require'
bash: exit 1

$ ./bin/ruby -rrubygems/security -ep
/Users/nobu/build/ruby/trunk/x8664-darwin/lib/ruby/vendorruby/rubygems/coreext/kernelrequire.rb:45:in require': cannot load such file -- openssl (LoadError)
from /Users/nobu/build/ruby/trunk/x86_64-darwin/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_require.rb:45:in
require'
from /Users/nobu/build/ruby/trunk/x8664-darwin/lib/ruby/vendorruby/rubygems/security/policy.rb:23:in initialize'
from /Users/nobu/build/ruby/trunk/x86_64-darwin/lib/ruby/vendor_ruby/rubygems/security/policies.rb:6:in
new'
from /Users/nobu/build/ruby/trunk/x8664-darwin/lib/ruby/vendorruby/rubygems/security/policies.rb:6:in <module:Security>'
from /Users/nobu/build/ruby/trunk/x86_64-darwin/lib/ruby/vendor_ruby/rubygems/security/policies.rb:1:in
'
from /Users/nobu/build/ruby/trunk/x8664-darwin/lib/ruby/vendorruby/rubygems/coreext/kernelrequire.rb:45:in require'
from /Users/nobu/build/ruby/trunk/x86_64-darwin/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_require.rb:45:in
require'
from /Users/nobu/build/ruby/trunk/x8664-darwin/lib/ruby/vendorruby/rubygems/security.rb:583:in <top (required)>'
from /Users/nobu/build/ruby/trunk/x86_64-darwin/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_require.rb:45:in
require'
from /Users/nobu/build/ruby/trunk/x8664-darwin/lib/ruby/vendorruby/rubygems/coreext/kernelrequire.rb:45:in `require'
bash: exit 1

Moreover, since (({LoadError#path})) returns required library name with its suffix, so (({e.path == 'openssl'})) never become true.
=end

History

#1 Updated by Nobuyoshi Nakada 10 months ago

  • Description updated (diff)

#2 Updated by Eric Hodel 10 months ago

=begin
How can LoadError#path return the required library name if the file is missing?

It seems (({e.path == "openssl"})) will return true:

$ ruby -e 'begin; require "nonexistent"; rescue LoadError; p $!.path; end'
"nonexistent"

I get the same result (required file name in #path) if the file is not loadable due to permissions.
=end

#3 Updated by Eric Hodel 10 months ago

I have this fixed on RubyGems master and will merge to ruby trunk after releasing RubyGems 2.0.4 (later this week).

#4 Updated by Eric Hodel 9 months ago

  • Status changed from Assigned to Closed

Fixed by r41873

#5 Updated by Tomoyuki Chikanaga 7 months ago

  • Backport changed from 2.0.0: REQUIRED to 2.0.0: DONE

I believe this issue was fixed on ruby20_0, isn't it?

Also available in: Atom PDF