Closed xfim closed 8 years ago
I'm assuming openssl >= 1.0 on many places. It would be easier if you build a full version of openssl from source and link against that.
Jeroen Ooms vas escriure el dia dv, 29 gen 2016:
I'm assuming openssl >= 1.0 on many places. It would be easier if you build a full version of openssl from source and link against that.
Yes, I'm on 1.0.2e.
The problem is that Gentoo's compilation by default includes the possibiltity of allowing distribution of binaries (bindist), and then the ellipse stuff is disabled due to licensing issues.
But if I compile openssh without bindist, then other packages complain that they need it.
So my question was that if the ellipse stuff is really necessary and core to the package, it is OK and I will have to invent something (maybe keeping an openssl version compiled by myself only for this package), but if it is not, disabling it would be better.
I hope I have made myself clear.
Thank you for the effort of making R better and a safer place.
I am usually opposed to making R packages overly configurable, because other packages that depend on the openssl
package assume that certain functionality is available given a certain version of the package. If some installations don't include the ec stuff, we might get strange errors from other R packages that rely on that functionality.
Maybe you can build a static version of libssl
and libcrypto
in a temporary directory and link the R package against that?
I'll leave this topic open, if this turns out to be a common problem we'll have to find a better solution.
Jeroen Ooms vas escriure el dia dv, 29 gen 2016:
Oh hmm interesting. I general I am opposed to making R packages overly configurable, because other packages that depend on the
openssl
package assume that certain functionality is available given a certain version of the package. If we rip that out on particular platforms, you get all kind of strange import errors.
This is a very good point. I also think so.
Maybe you can build a static version of
libssl
andlibcrypto
in a temporary directory and link the R package against that?
Yes, I will have to do something like this, I'm afraid.
Thank you anyway.
I have been able to compile openssl with all support, but I am stuck trying to make "openssl" package link against it. I have compiled at "/usr/local/openssl". How should I tell openssl where to look for? I guess I must pass an argument configure.args
in install.packages()
, but I am quite lost.
Thank you.
Do you have a pkg-config file? What do you get for:
pkg-config --cflags openssl
pkg-config --libs openssl
If you put the proper openssl.pc
file in your PKG_CONFIG_PATH
it should pick up in it automatically. Alternatively you can also try setting the include/lib dir manually:
wget https://cran.r-project.org/src/contrib/openssl_0.9.1.tar.gz
R CMD INSTALL openssl_0.9.1.tar.gz \
--configure-vars='INCLUDE_DIR=/usr/local/openssl/include LIB_DIR=/usr/local/openssl/lib'
Some systems might require you set LD_LIBRARY_PATH
at runtime to the shared library path I think, but usually that is not needed.
Almost there! If I use the last option (setting include/lib dir manually) "openssl" package compiles (which is better that what I got before, with openssl being stuck in the compilation process), but it fails in the part of testing if the package can be loaded:
** testing if installed package can be loaded
Error in dyn.load(file, DLLpath = DLLpath, ...) :
unable to load shared object '/usr/lib64/R/library/openssl/libs/openssl.so':
/usr/lib64/R/library/openssl/libs/openssl.so: undefined symbol: EC_KEY_set_public_key_affine_coordinates
Error: loading failed
Any hint? Is it related to EC or ellipse stuff?
I guess it is still picking up on the system version of libssl
openssl when it loads the package. Can you try to statically link it? You can do this removing/renaming the dynamic or import libraries libssl.so.a
and libcrypto.so.a
or libssl.soand
libcrypto.sofrom
/usr/local/openssl/lib` and then running the same command:
wget https://cran.r-project.org/src/contrib/openssl_0.9.1.tar.gz
R CMD INSTALL openssl_0.9.1.tar.gz \
--configure-vars='INCLUDE_DIR=/usr/local/openssl/include LIB_DIR=/usr/local/openssl/lib'
It should then statically link against libcurl.a
.
I have tried but with no luck. Still stuck in the loading of the package.
I have given up and recompiled the main openssl and openssh libraries in the system by previously deleting the package that was causing the trouble. Then installed the package and recompile the libraries again.
Thank you anyway for trying to help. I think this was a quite specific / personal issue, so for me, we can close it.
I have made some changes in https://github.com/jeroenooms/openssl/commit/d4c9a8ad3b7e94bab389122a8e99e32008cead1c to support OPENSSL_NO_EC
. Could you try to install the dev version and let me know if it works now?
library(devtools)
install_github("jeroenooms/openssl")
@xfim ping? Can you test if it builds now?
Jeroen Ooms vas escriure el dia dt, 23 feb 2016:
@xfim ping? Can you test if it builds now?
Difficult this week, sorry Jeroen.
I struggled with the same problem.
It's kind of hard to test in a fresh installation since devtools depends on openssl via httr in the latest version. So to try it this is what I had to do
#install old version of httr to enable devtools installation
packageurl <- "http://cran.r-project.org/src/contrib/Archive/httr/httr_1.0.0.tar.gz"
install.packages(packageurl, repos=NULL, type="source")
install.packages("httr")
install.packages("devtools")
## replace with latest version to test patch
devtools::install_github("jeroenooms/openssl")
The good news is that the patch worked for me. :-)
@holgerbrandl which platform are you on? You should be able to do:
git clone https://github.com/jeroenooms/openssl
R CMD INSTALL openssl
Linux, so indeed it would have been a bit simpler to do it that way. Thanks for letting me know.
Which linux? :D I would like to know which distributions do not have EC.
ec.h was introduced in RedHat 6.5 ie CentOS 6.5, but my system still runs with CentOS 6.3.
OK thanks. @holgerbrandl could you do me a favor and see if checks pass on your platform? Thanks!
git clone https://github.com/jeroenooms/openssl
R CMD build openssl
R CMD check openssl_0.9.2.tar.gz
These fixes are on CRAN now so you should now just be able to use install.packages("openssl")
. I am going to close this topic assuming the problem has been resolved. @xfim if you find there is still an issue on Gentoo, feel free to open a new issue.
The installation of 0.9.2 works for me via install.packages("openssl")
. Thanks for the quick fix.
Again, sorry for the delay. I can happily confirm that in gentoo it works perfectly also. Thank you very much @jeroenooms .
Hello,
I am trying to update "openssl", but I have found that in my Gentoo Linux the elliptic ec modules are not activated due to some licensing issues and therefore "openssl" complains:
Would it be possible to make elliptic module optional?
Thank you,