Last active
December 31, 2015 23:19
-
-
Save spkane/8059362 to your computer and use it in GitHub Desktop.
Ruby 2.0.0-p247 - OpenSSL Patch for CentOS 6.5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require_gcc | |
| install_package "ruby-enterprise-1.8.7-2012.02" "file:///tmp/build/ruby-enterprise-openssl-1.8.7-2012.02.tar.gz" ree_installer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff -r -u ruby-2.0.0-p247/ChangeLog ruby-2.0.0-p247-openssl/ChangeLog | |
| --- ruby-2.0.0-p247/ChangeLog 2013-06-27 04:11:11.000000000 -0700 | |
| +++ ruby-2.0.0-p247-openssl/ChangeLog 2013-12-20 11:16:02.578020480 -0800 | |
| @@ -1,3 +1,16 @@ | |
| +Sat Jul 6 07:37:43 2013 Martin Bosslet <Martin.Bosslet@gmail.com> | |
| + | |
| + * ext/openssl/ossl_pkey_ec.c: Ensure compatibility to builds of | |
| + OpenSSL with OPENSSL_NO_EC2M defined, but OPENSSL_NO_EC not | |
| + defined. | |
| + * test/openssl/test_pkey_ec.rb: Iterate over built-in curves | |
| + (and assert their non-emptiness!) instead of hard-coding them, as | |
| + this may cause problems with respect to the different availability | |
| + of individual curves in individual OpenSSL builds. | |
| + [ruby-core:54881] [Bug #8384] | |
| + | |
| + Thanks to Vit Ondruch for providing the patch! | |
| + | |
| Thu Jun 27 20:10:56 2013 CHIKANAGA Tomoyuki <nagachika@ruby-lang.org> | |
| * ext/openssl/lib/openssl/ssl.rb (verify_certificate_identity): fix | |
| diff -r -u ruby-2.0.0-p247/ext/openssl/ossl_pkey_ec.c ruby-2.0.0-p247-openssl/ext/openssl/ossl_pkey_ec.c | |
| --- ruby-2.0.0-p247/ext/openssl/ossl_pkey_ec.c 2012-07-10 20:46:37.000000000 -0700 | |
| +++ ruby-2.0.0-p247-openssl/ext/openssl/ossl_pkey_ec.c 2013-12-20 11:14:56.466943014 -0800 | |
| @@ -762,8 +762,10 @@ | |
| method = EC_GFp_mont_method(); | |
| } else if (id == s_GFp_nist) { | |
| method = EC_GFp_nist_method(); | |
| +#if !defined(OPENSSL_NO_EC2M) | |
| } else if (id == s_GF2m_simple) { | |
| method = EC_GF2m_simple_method(); | |
| +#endif | |
| } | |
| if (method) { | |
| @@ -817,8 +819,10 @@ | |
| if (id == s_GFp) { | |
| new_curve = EC_GROUP_new_curve_GFp; | |
| +#if !defined(OPENSSL_NO_EC2M) | |
| } else if (id == s_GF2m) { | |
| new_curve = EC_GROUP_new_curve_GF2m; | |
| +#endif | |
| } else { | |
| ossl_raise(rb_eArgError, "unknown symbol, must be :GFp or :GF2m"); | |
| } | |
| diff -r -u ruby-2.0.0-p247/test/openssl/test_pkey_ec.rb ruby-2.0.0-p247-openssl/test/openssl/test_pkey_ec.rb | |
| --- ruby-2.0.0-p247/test/openssl/test_pkey_ec.rb 2012-08-20 21:50:18.000000000 -0700 | |
| +++ ruby-2.0.0-p247-openssl/test/openssl/test_pkey_ec.rb 2013-12-20 11:20:35.694966642 -0800 | |
| @@ -7,28 +7,28 @@ | |
| @data1 = 'foo' | |
| @data2 = 'bar' * 1000 # data too long for DSA sig | |
| - @group1 = OpenSSL::PKey::EC::Group.new('secp112r1') | |
| - @group2 = OpenSSL::PKey::EC::Group.new('sect163k1') | |
| - @group3 = OpenSSL::PKey::EC::Group.new('prime256v1') | |
| - | |
| - @key1 = OpenSSL::PKey::EC.new | |
| - @key1.group = @group1 | |
| - @key1.generate_key | |
| + @groups = [] | |
| + @keys = [] | |
| - @key2 = OpenSSL::PKey::EC.new(@group2.curve_name) | |
| - @key2.generate_key | |
| + OpenSSL::PKey::EC.builtin_curves.each do |curve, comment| | |
| + group = OpenSSL::PKey::EC::Group.new(curve) | |
| - @key3 = OpenSSL::PKey::EC.new(@group3) | |
| - @key3.generate_key | |
| + key = OpenSSL::PKey::EC.new(group) | |
| + key.generate_key | |
| - @groups = [@group1, @group2, @group3] | |
| - @keys = [@key1, @key2, @key3] | |
| + @groups << group | |
| + @keys << key | |
| + end | |
| end | |
| def compare_keys(k1, k2) | |
| assert_equal(k1.to_pem, k2.to_pem) | |
| end | |
| + def test_builtin_curves | |
| + assert(!OpenSSL::PKey::EC.builtin_curves.empty?) | |
| + end | |
| + | |
| def test_curve_names | |
| @groups.each_with_index do |group, idx| | |
| key = @keys[idx] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| install_package "openssl-1.0.1e" "https://www.openssl.org/source/openssl-1.0.1e.tar.gz#66bf6f10f060d561929de96f9dfe5b8c" mac_openssl --if has_broken_mac_openssl | |
| install_package "ruby-2.0.0-p247" "file:///tmp/build-tmp/ruby-2.0.0-p247-openssl.tar.gz" standard verify_openssl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff -ur ruby-enterprise-1.8.7-2012.02/source/ext/openssl/ossl_pkey_ec.c ruby-enterprise-openssl-1.8.7-2012.02/source/ext/openssl/ossl_pkey_ec.c | |
| --- ruby-enterprise-1.8.7-2012.02/source/ext/openssl/ossl_pkey_ec.c 2012-02-19 06:09:11.000000000 -0800 | |
| +++ ruby-enterprise-openssl-1.8.7-2012.02/source/ext/openssl/ossl_pkey_ec.c 2014-01-03 16:37:11.077561351 -0800 | |
| @@ -757,8 +757,10 @@ | |
| method = EC_GFp_mont_method(); | |
| } else if (id == s_GFp_nist) { | |
| method = EC_GFp_nist_method(); | |
| +#if !defined(OPENSSL_NO_EC2M) | |
| } else if (id == s_GF2m_simple) { | |
| method = EC_GF2m_simple_method(); | |
| +#endif | |
| } | |
| if (method) { | |
| @@ -811,8 +813,10 @@ | |
| if (id == s_GFp) { | |
| new_curve = EC_GROUP_new_curve_GFp; | |
| +#if !defined(OPENSSL_NO_EC2M) | |
| } else if (id == s_GF2m) { | |
| new_curve = EC_GROUP_new_curve_GF2m; | |
| +#endif | |
| } else { | |
| rb_raise(rb_eArgError, "unknown symbol, must be :GFp or :GF2m"); | |
| } |
Hi,
I applied this patch to ruby-unzipped-dir/ext/openssl/ossl_pkey_ec.c when installing ruby-1.9.3p194 on CentOS 6.5 after getting the following error when making:
compiling ossl_pkey_ec.c
ossl_pkey_ec.c: In function ‘ossl_ec_group_initialize’:
ossl_pkey_ec.c:761: warning: implicit declaration of function ‘EC_GF2m_simple_method’
ossl_pkey_ec.c:761: warning: assignment makes pointer from integer without a cast
ossl_pkey_ec.c:816: error: ‘EC_GROUP_new_curve_GF2m’ undeclared (first use in this function)
ossl_pkey_ec.c:816: error: (Each undeclared identifier is reported only once
ossl_pkey_ec.c:816: error: for each function it appears in.)
make[2]: *** [ossl_pkey_ec.o] Error 1
make[2]: Leaving directory `/root/ruby-1.9.3-p194/ext/openssl'
make[1]: *** [ext/openssl/all] Error 2
make[1]: Leaving directory `/root/ruby-1.9.3-p194'
make: *** [build-ext] Error 2Thanks, it suffices for my build!
I tested the 1.8.7 patch, built against the latest openssl-1.0.1e-16 and it works great. Thanks!!
rajerino, this doesn't patch 1.9.x. It's only for 2.0.0 and 1.8.7. You can probably manually fix your build based on what's in the patch. Looks similar to the 1.8.7 patch here.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
And my notes for ree-1.8.7-2012.02:
rm ~/.rbenv/cache/* -rf
mkdir /tmp/build
cp ree-1.8.7-2012.02 /tmp/build/ #original would be found in ~/.rbenv/plugins/ruby-build/share/ruby-build
cp ruby-enterprise-1.8.7-2012.02-openssl-el65.patch /tmp/build/
cd /tmp/build
wget http://rubyenterpriseedition.googlecode.com/files/ruby-enterprise-1.8.7-2012.02.tar.gz
tar -xvzf ruby-enterprise-1.8.7-2012.02.tar.gz
cd ruby-enterprise-1.8.7-2012.02
patch -p1 < ../ruby-enterprise-1.8.7-2012.02-openssl-el65.patch
cd ..
tar -cvzf ruby-enterprise-openssl-1.8.7-2012.02.tar.gz ruby-enterprise-1.8.7-2012.02 #NOTE: The directory name MUST match the original directory name
rbenv install /tmp/build/ree-1.8.7-2012.02
rbenv rehash