Create an account

Very important

  • To access the important data of the forums, you must be active in each forum and especially in the leaks and database leaks section, send data and after sending the data and activity, data and important content will be opened and visible for you.
  • You will only see chat messages from people who are at or below your level.
  • More than 500,000 database leaks and millions of account leaks are waiting for you, so access and view with more activity.
  • Many important data are inactive and inaccessible for you, so open them with activity. (This will be done automatically)

Thread Rating:
  • 167 Vote(s) - 3.58 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Ruby not finding new version of OpenSSL

Where and when does `OpenSSL::OPENSSL_VERSION_NUMBER` get set? And why isn't it getting set to the latest OpenSSL that I've just installed?

First the error(s):

$ gem install activesupport -v '3.2.13'
Error while executing gem ... (RuntimeError)
Unsupported digest algorithm (SHA512)

If I go directly into irb, I can see that Ruby is using the "old" openssl:

$ irb
>> require 'openssl'
=> true
RuntimeError: Unsupported digest algorithm (sha512)

This tells me that Ruby isn't finding the local version of OpenSSL that I just built, which should be at least 0x908000. The relevant code:

# file: usr/lib/ruby/2.0.0/openssl/digest.rb
alg = %w(DSS DSS1 MD2 MD4 MD5 MDC2 RIPEMD160 SHA SHA1)
alg += %w(SHA224 SHA256 SHA384 SHA512)

explains why it's not finding SHA512.

But I don't know why Ruby is using the old version of OpenSSL. I built OpenSSL and Ruby from fresh sources using


# Create a fresh OpenSSL from sources
(downloaded and unpacked

[To see links please register here]

$ ./config --prefix=$(SANDBOX)/usr --openssldir=$(SANDBOX)/usr/openssl
$ make ; make install ; make clean
# verify openssl
$ which openssl
$ openssl version
OpenSSL 1.0.1e 11 Feb 2013

# Create a fresh Ruby from sources
(download and unpack

[To see links please register here]

$ ./configure --prefix=$(SANDBOX)/usr --with-open-ssl-dir=$(SANDBOX)/usr/openssl
$ make ; make intalll ; make clean
# verify ruby
$ which ruby

But this ruby doesn't appear to find the openssl 1.0.1e that I just built.

My understanding was that the `--with-open-ssl-dir` argument to `./configure` was necessary and sufficient to tell ruby to use the new OpenSSL, but that didn't seem to work.

Any ideas on how to get Ruby to recognize the new OpenSSL that I've built?

I've tried running `ruby extconf.rb ; make ; make install` as suggested by @Gaurish (below), but that still finds the OpenSSL installed in the system, not in my project root directory.

For mac

sudo gem install openssl --install-dir vendor/bundle -- --with-openssl-dir=/usr/local/Cellar/[email protected]/1.1.1k

#### **TL;DR**

When OpenSSL changes, always recompile Ruby or the openssl native extension.

### Why

Ruby compiles the OpenSSL version into the openssl native extension, even when it links to a shared OpenSSL library. Either reinstall Ruby or recompile the openssl extension to fix it.

$ ruby -ropenssl -e'puts OpenSSL::OPENSSL_VERSION'
OpenSSL 1.0.2e 3 Dec 2015
$ /usr/local/opt/openssl/bin/openssl version
OpenSSL 1.0.2g 1 Mar 2016
$ strings {{redacted}/ruby-2.3.0/lib/ruby/2.3.0/x86_64-darwin15/openssl.bundle | grep '1.0.2'
OpenSSL 1.0.2e 3 Dec 2015
$ otool -L {{redacted}}/ruby-2.3.0/lib/ruby/2.3.0/x86_64-darwin15/openssl.bundle
{{redacted}}/ruby-2.3.0/lib/libruby.2.3.0.dylib (compatibility version 2.3.0, current version 2.3.0)
/usr/local/opt/openssl/lib/libssl.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
/usr/local/opt/openssl/lib/libcrypto.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
/usr/lib/libz.1.dylib (compatibility version 1.0.0, current version 1.2.5)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1226.10.1)
/usr/local/opt/gmp/lib/libgmp.10.dylib (compatibility version 14.0.0, current version 14.0.0)
/usr/lib/libobjc.A.dylib (compatibility version 1.0.0, current version 228.0.0)

We use [ruby-install](

[To see links please register here]

) and [chruby](

[To see links please register here]

). Instead of `/opt/rubies`, we use `/usr/local/rubies` to avoid `sudo`. You can also `sudo ln -s /usr/local/rubies /opt/rubies` if you don't want to bother setting `RUBIES` for chruby.

brew install openssl && \
ruby-install ruby-2.3.0 \
--no-install-deps \
-- \
--without-X11 \
--without-tk \
--enable-shared \
--disable-install-doc \
--with-openssl-dir="$(brew --prefix openssl)"

### Update

There's yet another constant which **is** derived from the actual, loaded OpenSSL library.


Old question but still relevant if you have to deal with old setups:

In my case the problem lay within the OpenSSL installation.
As described [in this blog][1] you have to **make sure the shared libraries are installed** with OpenSSL :

$ ./config --prefix=/path/to/openssl-0.9.8g shared
$ make depend
$ make
$ make install

And then installed OpenSSL as usual.

For ruby I used this configure line:

$ ./configure --prefix=/path/to/ruby-2.2.2/ --with-openssl-dir=/path/to/openssl-0.9.8g
$ make
$ make install


$ /path/to/ruby-2.2.2/bin/irb
irb(main):001:0> require "openssl"
=> true
=> #<OpenSSL::Digest: cf83e13000efb8bd00042850d66d8007d620e4050b0005dc83f4a921d36ce00047d0d13c5d85f2b0ff8318d2877eec2f000931bd47417a81a538327af927da3e>


[To see links please register here]


I think the correct flag to pass to `./configure` is `--with-openssl-dir`, not `--with-open-ssl-dir`.

Also, the correct value to pass to `--with-openssl-dir` in this case is `$SANDBOX/usr`, not `$SANDBOX/usr/openssl`.

Moreover, you might need to compile OpenSSL for 64-bit architecture.

This process worked for me (OS X 10.8):

$ export SANDBOX=/Users/me/sandboxes/ruby2
$ mkdir -p $SANDBOX/usr/bin

# Install OpenSSL 1.0.1e
$ curl -O

[To see links please register here]

$ tar -xzvf openssl-1.0.1e.tar.gz
$ cd openssl-1.0.1e
# Copied from the Homebrew recipe for OpenSSL
$ perl ./Configure --prefix=$SANDBOX/usr --openssldir=$SANDBOX/usr/openssl zlib-dynamic shared darwin64-x86_64-cc enable-ec_nistp_64_gcc_128
$ make depend
$ make
$ make install

# Install Ruby 2.0.0-p0
$ curl -O

[To see links please register here]

$ tar -xzvf ruby-2.0.0-p0.tar.gz
$ cd ruby-2.0.0-p0
$ ./configure --prefix=$SANDBOX/usr --with-openssl-dir=$SANDBOX/usr
$ make
$ make install

# Setting PATH before compiling Ruby can can cause the compilation to fail
$ export PATH=$SANDBOX/usr/bin:$PATH
$ which ruby #=>/Users/me/sandboxes/ruby2/usr/bin/ruby
$ which openssl #=> /Users/me/sandboxes/ruby2/usr/bin/openssl
$ openssl version #=> OpenSSL 1.0.1e 11 Feb 2013

$ irb
>> require "openssl"
=> true
=> #<OpenSSL::Digest: cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e>

You could also install [Homebrew](

[To see links please register here]

) and [chruby](

[To see links please register here]

) (or [rbenv](

[To see links please register here]

)) and follow the [instructions for installing Ruby 2.0.0 for chruby](

[To see links please register here]


brew install openssl readline libyaml gdbm libffi

[To see links please register here]

tar -xzvf ruby-2.0.0-p0.tar.gz
cd ruby-2.0.0-p0
./configure --prefix=/opt/rubies/ruby-2.0.0-p0 --with-openssl-dir=$(brew --prefix openssl)
sudo make install

Turns out, to get OpenSSL to compile and install with Ruby on Ubuntu, you need to follow these steps *after you've installed ruby*:

cd ruby_src_dir/ext/openssl
ruby extconf.rb
make install

Let me know if it works

Forum Jump:

Users browsing this thread:
1 Guest(s)

©0Day  2016 - 2023 | All Rights Reserved.  Made with    for the community. Connected through