Project

General

Profile

Actions

Bug #9714

closed

Ruby configured to call OpenSSL engine API when it shouldn't

Added by steakknife (Barry Allard) almost 10 years ago. Updated over 7 years ago.

Status:
Rejected
Assignee:
-
Target version:
-
ruby -v:
ruby 2.1.1p76 (2014-02-24 revision 45161) [x86_64-darwin13.0]
[ruby-core:61905]

Description

(This issue is NOT related to the Heartbleed vulnerability.)

There is an issue compiling under OSX where system dependencies and homebrew dependencies get mixed together, resulting in an incorrectly configured Ruby which fails at runtime.

The attached patch to ext/openssl/ossl.h checks the actual configuration from openssl/ssl.h:

#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ST_ENGINE) && !defined(OPENSSL_NO_ENGINE)

instead of just

#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ST_ENGINE)

Patches

(Patches also available at https://gist.github.com/10092587)

Testing

I've tested it on several ruby 1.9.x - 2.1.1 rebuilt from source, and it seems to Do The Right Thing (tm).

All Rubies fail in a similar manner, which was expected.

Environment

Ruby 2.1.1 configure options:

--with-openssl-dir=/usr/local/opt/openssl --disable-install-doc --enable-shared

OpenSSL 1.0.1g Configure options:

zlib-dynamic shared enable-cms no-hw no-rdrand no-sctp no-md4 no-mdc2 no-rc4 no-fips no-engine

Symptoms

0 ~ ❯❯❯ gem list a -r

*** REMOTE GEMS ***

/usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require': dlopen(/usr/local/ruby/ruby-2.1.1/lib/ruby/2.1.0/x86_64-darwin13.0/openssl.bundle, 9): Symbol not found: _ENGINE_free (LoadError)
  Referenced from: /usr/local/ruby/ruby-2.1.1/lib/ruby/2.1.0/x86_64-darwin13.0/openssl.bundle
  Expected in: /usr/local/opt/openssl/lib/libcrypto.1.0.0.dylib
 in /usr/local/ruby/ruby-2.1.1/lib/ruby/2.1.0/x86_64-darwin13.0/openssl.bundle - /usr/local/ruby/ruby-2.1.1/lib/ruby/2.1.0/x86_64-darwin13.0/openssl.bundle
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/2.1.0/openssl.rb:17:in `<top (required)>'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/2.1.0/net/https.rb:22:in `<top (required)>'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/request.rb:39:in `configure_connection_for_https'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/request.rb:93:in `connection_for'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/request.rb:122:in `fetch'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/remote_fetcher.rb:337:in `request'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/remote_fetcher.rb:231:in `fetch_http'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/remote_fetcher.rb:266:in `fetch_path'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/remote_fetcher.rb:296:in `cache_update_path'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/source.rb:177:in `load_specs'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/spec_fetcher.rb:266:in `tuples_for'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/spec_fetcher.rb:226:in `block in available_specs'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/source_list.rb:97:in `each'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/source_list.rb:97:in `each_source'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/spec_fetcher.rb:222:in `available_specs'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/spec_fetcher.rb:147:in `detect'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/commands/query_command.rb:167:in `show_gems'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/commands/query_command.rb:109:in `block in execute'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/commands/query_command.rb:109:in `each'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/commands/query_command.rb:109:in `execute'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/command.rb:305:in `invoke_with_build_args'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/command_manager.rb:167:in `process_args'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/command_manager.rb:137:in `run'
	from /usr/local/ruby/ruby-2.1.1/lib/ruby/site_ruby/2.1.0/rubygems/gem_runner.rb:54:in `run'
	from /usr/local/ruby/ruby-2.1.1/bin/gem:21:in `<main>'
1 ~ ❯❯❯

Files

fix_ruby_openssl_no_engine.2.x.diff (442 Bytes) fix_ruby_openssl_no_engine.2.x.diff 2.0.0 + steakknife (Barry Allard), 04/08/2014 05:11 AM
fix_ruby_openssl_no_engine.1.9.x.diff (442 Bytes) fix_ruby_openssl_no_engine.1.9.x.diff < 2.0.0 steakknife (Barry Allard), 04/08/2014 05:12 AM
Actions

Also available in: Atom PDF

Like0
Like0Like0