-
-
Save spkane/8059362 to your computer and use it in GitHub Desktop.
require_gcc | |
install_package "ruby-enterprise-1.8.7-2012.02" "file:///tmp/build/ruby-enterprise-openssl-1.8.7-2012.02.tar.gz" ree_installer |
diff -r -u ruby-2.0.0-p247/ChangeLog ruby-2.0.0-p247-openssl/ChangeLog | |
--- ruby-2.0.0-p247/ChangeLog 2013-06-27 04:11:11.000000000 -0700 | |
+++ ruby-2.0.0-p247-openssl/ChangeLog 2013-12-20 11:16:02.578020480 -0800 | |
@@ -1,3 +1,16 @@ | |
+Sat Jul 6 07:37:43 2013 Martin Bosslet <Martin.Bosslet@gmail.com> | |
+ | |
+ * ext/openssl/ossl_pkey_ec.c: Ensure compatibility to builds of | |
+ OpenSSL with OPENSSL_NO_EC2M defined, but OPENSSL_NO_EC not | |
+ defined. | |
+ * test/openssl/test_pkey_ec.rb: Iterate over built-in curves | |
+ (and assert their non-emptiness!) instead of hard-coding them, as | |
+ this may cause problems with respect to the different availability | |
+ of individual curves in individual OpenSSL builds. | |
+ [ruby-core:54881] [Bug #8384] | |
+ | |
+ Thanks to Vit Ondruch for providing the patch! | |
+ | |
Thu Jun 27 20:10:56 2013 CHIKANAGA Tomoyuki <nagachika@ruby-lang.org> | |
* ext/openssl/lib/openssl/ssl.rb (verify_certificate_identity): fix | |
diff -r -u ruby-2.0.0-p247/ext/openssl/ossl_pkey_ec.c ruby-2.0.0-p247-openssl/ext/openssl/ossl_pkey_ec.c | |
--- ruby-2.0.0-p247/ext/openssl/ossl_pkey_ec.c 2012-07-10 20:46:37.000000000 -0700 | |
+++ ruby-2.0.0-p247-openssl/ext/openssl/ossl_pkey_ec.c 2013-12-20 11:14:56.466943014 -0800 | |
@@ -762,8 +762,10 @@ | |
method = EC_GFp_mont_method(); | |
} else if (id == s_GFp_nist) { | |
method = EC_GFp_nist_method(); | |
+#if !defined(OPENSSL_NO_EC2M) | |
} else if (id == s_GF2m_simple) { | |
method = EC_GF2m_simple_method(); | |
+#endif | |
} | |
if (method) { | |
@@ -817,8 +819,10 @@ | |
if (id == s_GFp) { | |
new_curve = EC_GROUP_new_curve_GFp; | |
+#if !defined(OPENSSL_NO_EC2M) | |
} else if (id == s_GF2m) { | |
new_curve = EC_GROUP_new_curve_GF2m; | |
+#endif | |
} else { | |
ossl_raise(rb_eArgError, "unknown symbol, must be :GFp or :GF2m"); | |
} | |
diff -r -u ruby-2.0.0-p247/test/openssl/test_pkey_ec.rb ruby-2.0.0-p247-openssl/test/openssl/test_pkey_ec.rb | |
--- ruby-2.0.0-p247/test/openssl/test_pkey_ec.rb 2012-08-20 21:50:18.000000000 -0700 | |
+++ ruby-2.0.0-p247-openssl/test/openssl/test_pkey_ec.rb 2013-12-20 11:20:35.694966642 -0800 | |
@@ -7,28 +7,28 @@ | |
@data1 = 'foo' | |
@data2 = 'bar' * 1000 # data too long for DSA sig | |
- @group1 = OpenSSL::PKey::EC::Group.new('secp112r1') | |
- @group2 = OpenSSL::PKey::EC::Group.new('sect163k1') | |
- @group3 = OpenSSL::PKey::EC::Group.new('prime256v1') | |
- | |
- @key1 = OpenSSL::PKey::EC.new | |
- @key1.group = @group1 | |
- @key1.generate_key | |
+ @groups = [] | |
+ @keys = [] | |
- @key2 = OpenSSL::PKey::EC.new(@group2.curve_name) | |
- @key2.generate_key | |
+ OpenSSL::PKey::EC.builtin_curves.each do |curve, comment| | |
+ group = OpenSSL::PKey::EC::Group.new(curve) | |
- @key3 = OpenSSL::PKey::EC.new(@group3) | |
- @key3.generate_key | |
+ key = OpenSSL::PKey::EC.new(group) | |
+ key.generate_key | |
- @groups = [@group1, @group2, @group3] | |
- @keys = [@key1, @key2, @key3] | |
+ @groups << group | |
+ @keys << key | |
+ end | |
end | |
def compare_keys(k1, k2) | |
assert_equal(k1.to_pem, k2.to_pem) | |
end | |
+ def test_builtin_curves | |
+ assert(!OpenSSL::PKey::EC.builtin_curves.empty?) | |
+ end | |
+ | |
def test_curve_names | |
@groups.each_with_index do |group, idx| | |
key = @keys[idx] |
install_package "openssl-1.0.1e" "https://www.openssl.org/source/openssl-1.0.1e.tar.gz#66bf6f10f060d561929de96f9dfe5b8c" mac_openssl --if has_broken_mac_openssl | |
install_package "ruby-2.0.0-p247" "file:///tmp/build-tmp/ruby-2.0.0-p247-openssl.tar.gz" standard verify_openssl |
diff -ur ruby-enterprise-1.8.7-2012.02/source/ext/openssl/ossl_pkey_ec.c ruby-enterprise-openssl-1.8.7-2012.02/source/ext/openssl/ossl_pkey_ec.c | |
--- ruby-enterprise-1.8.7-2012.02/source/ext/openssl/ossl_pkey_ec.c 2012-02-19 06:09:11.000000000 -0800 | |
+++ ruby-enterprise-openssl-1.8.7-2012.02/source/ext/openssl/ossl_pkey_ec.c 2014-01-03 16:37:11.077561351 -0800 | |
@@ -757,8 +757,10 @@ | |
method = EC_GFp_mont_method(); | |
} else if (id == s_GFp_nist) { | |
method = EC_GFp_nist_method(); | |
+#if !defined(OPENSSL_NO_EC2M) | |
} else if (id == s_GF2m_simple) { | |
method = EC_GF2m_simple_method(); | |
+#endif | |
} | |
if (method) { | |
@@ -811,8 +813,10 @@ | |
if (id == s_GFp) { | |
new_curve = EC_GROUP_new_curve_GFp; | |
+#if !defined(OPENSSL_NO_EC2M) | |
} else if (id == s_GF2m) { | |
new_curve = EC_GROUP_new_curve_GF2m; | |
+#endif | |
} else { | |
rb_raise(rb_eArgError, "unknown symbol, must be :GFp or :GF2m"); | |
} |
And my notes for ree-1.8.7-2012.02:
rm ~/.rbenv/cache/* -rf
mkdir /tmp/build
cp ree-1.8.7-2012.02 /tmp/build/ #original would be found in ~/.rbenv/plugins/ruby-build/share/ruby-build
cp ruby-enterprise-1.8.7-2012.02-openssl-el65.patch /tmp/build/
cd /tmp/build
wget http://rubyenterpriseedition.googlecode.com/files/ruby-enterprise-1.8.7-2012.02.tar.gz
tar -xvzf ruby-enterprise-1.8.7-2012.02.tar.gz
cd ruby-enterprise-1.8.7-2012.02
patch -p1 < ../ruby-enterprise-1.8.7-2012.02-openssl-el65.patch
cd ..
tar -cvzf ruby-enterprise-openssl-1.8.7-2012.02.tar.gz ruby-enterprise-1.8.7-2012.02 #NOTE: The directory name MUST match the original directory name
rbenv install /tmp/build/ree-1.8.7-2012.02
rbenv rehash
Hi,
I applied this patch to ruby-unzipped-dir/ext/openssl/ossl_pkey_ec.c when installing ruby-1.9.3p194 on CentOS 6.5 after getting the following error when making:
compiling ossl_pkey_ec.c
ossl_pkey_ec.c: In function ‘ossl_ec_group_initialize’:
ossl_pkey_ec.c:761: warning: implicit declaration of function ‘EC_GF2m_simple_method’
ossl_pkey_ec.c:761: warning: assignment makes pointer from integer without a cast
ossl_pkey_ec.c:816: error: ‘EC_GROUP_new_curve_GF2m’ undeclared (first use in this function)
ossl_pkey_ec.c:816: error: (Each undeclared identifier is reported only once
ossl_pkey_ec.c:816: error: for each function it appears in.)
make[2]: *** [ossl_pkey_ec.o] Error 1
make[2]: Leaving directory `/root/ruby-1.9.3-p194/ext/openssl'
make[1]: *** [ext/openssl/all] Error 2
make[1]: Leaving directory `/root/ruby-1.9.3-p194'
make: *** [build-ext] Error 2
Thanks, it suffices for my build!
I tested the 1.8.7 patch, built against the latest openssl-1.0.1e-16 and it works great. Thanks!!
rajerino, this doesn't patch 1.9.x. It's only for 2.0.0 and 1.8.7. You can probably manually fix your build based on what's in the patch. Looks similar to the 1.8.7 patch here.
See patch here: https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/41808/diff
How to Patch Ruby with RBENV: http://philippe.bourgau.net/how-to-install-a-patched-ruby-interpreter-wit/
And my notes for 2.0.0-p247:
rm ~/.rbenv/cache/* -rf
mkdir /tmp/build
cp ruby-build-2.0.0-p247 /tmp/build/ #original would be found in ~/.rbenv/plugins/ruby-build/share/ruby-build
cp ruby-2.0.0-p247-openssl-el65.patch /tmp/build/
cd /tmp/build
wget http://ftp.ruby-lang.org/pub/ruby/2.0/ruby-2.0.0-p247.tar.gz
tar -xvzf ruby-2.0.0-p247.tar.gz
cd ruby-2.0.0-p247
patch -p1 < ../ruby-2.0.0-p247-openssl-el65.patch
cd ..
tar -cvzf ruby-2.0.0-p247-openssl.tar.gz ruby-2.0.0-p247 #NOTE: The directory name MUST match the original directory name
rbenv install /tmp/build/2.0.0-p247
rbenv rehash