search

mcpa-stlouis / hack-the-arch

Welcome to HackTheArch! A free open source scoring server for cyber Capture the Flag competitions!
https://hackthearch.herokuapp.com
MIT License
67 stars 28 forks source link

[v2.0.1] puma 3.4.0 fails to build on ruby 2.3.1 #34

Closed noraj closed 4 years ago

noraj commented 6 years ago

On last release (v2.0.1) using ruby 2.3.1 puma 3.4.0 fails to build:

gem install puma -v '3.4.0'
Building native extensions.  This could take a while...
ERROR:  Error installing puma:
    ERROR: Failed to build gem native extension.

    current directory: /home/shark/.rvm/gems/ruby-2.3.1/gems/puma-3.4.0/ext/puma_http11
/home/shark/.rvm/rubies/ruby-2.3.1/bin/ruby -r ./siteconf20170923-23774-1dauaqn.rb extconf.rb
checking for BIO_read() in -lcrypto... yes
checking for SSL_CTX_new() in -lssl... yes
checking for openssl/bio.h... yes
creating Makefile

current directory: /home/shark/.rvm/gems/ruby-2.3.1/gems/puma-3.4.0/ext/puma_http11
make "DESTDIR=" clean

current directory: /home/shark/.rvm/gems/ruby-2.3.1/gems/puma-3.4.0/ext/puma_http11
make "DESTDIR="
compiling puma_http11.c
compiling mini_ssl.c
mini_ssl.c: In function ‘get_dh1024’:
mini_ssl.c:90:5: error: dereferencing pointer to incomplete type ‘DH {aka struct dh_st}’
   dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
     ^~
mini_ssl.c: In function ‘engine_init_server’:
mini_ssl.c:161:3: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement]
   DH *dh = get_dh1024();
   ^~
mini_ssl.c:165:3: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement]
   EC_KEY *ecdh = EC_KEY_new_by_curve_name(NID_secp521r1);
   ^~~~~~
mini_ssl.c: In function ‘engine_init_client’:
mini_ssl.c:192:3: warning: ‘DTLSv1_method’ is deprecated [-Wdeprecated-declarations]
   conn->ctx = SSL_CTX_new(DTLSv1_method());
   ^~~~
In file included from /usr/include/openssl/ct.h:13:0,
                 from /usr/include/openssl/ssl.h:61,
                 from mini_ssl.c:15:
/usr/include/openssl/ssl.h:1630:1: note: declared here
 DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_method(void)) /* DTLSv1.0 */
 ^
make: *** [Makefile:239: mini_ssl.o] Error 1

make failed, exit code 2

Gem files will remain installed in /home/shark/.rvm/gems/ruby-2.3.1/gems/puma-3.4.0 for inspection.
Results logged to /home/shark/.rvm/gems/ruby-2.3.1/extensions/x86_64-linux/2.3.0/puma-3.4.0/gem_make.out
noraj commented 6 years ago

Same probleme with install from the master branch of the git repo using ruby 2.3.3:

gem install puma -v '3.4.0'
Building native extensions.  This could take a while...
ERROR:  Error installing puma:
    ERROR: Failed to build gem native extension.

    current directory: /home/shark/.rvm/gems/ruby-2.3.3/gems/puma-3.4.0/ext/puma_http11
/home/shark/.rvm/rubies/ruby-2.3.3/bin/ruby -r ./siteconf20170923-14232-1k17juj.rb extconf.rb
checking for BIO_read() in -lcrypto... yes
checking for SSL_CTX_new() in -lssl... yes
checking for openssl/bio.h... yes
creating Makefile

current directory: /home/shark/.rvm/gems/ruby-2.3.3/gems/puma-3.4.0/ext/puma_http11
make "DESTDIR=" clean

current directory: /home/shark/.rvm/gems/ruby-2.3.3/gems/puma-3.4.0/ext/puma_http11
make "DESTDIR="
compiling puma_http11.c
compiling mini_ssl.c
mini_ssl.c: In function ‘get_dh1024’:
mini_ssl.c:90:5: error: dereferencing pointer to incomplete type ‘DH {aka struct dh_st}’
   dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
     ^~
mini_ssl.c: In function ‘engine_init_server’:
mini_ssl.c:161:3: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement]
   DH *dh = get_dh1024();
   ^~
mini_ssl.c:165:3: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement]
   EC_KEY *ecdh = EC_KEY_new_by_curve_name(NID_secp521r1);
   ^~~~~~
mini_ssl.c: In function ‘engine_init_client’:
mini_ssl.c:192:3: warning: ‘DTLSv1_method’ is deprecated [-Wdeprecated-declarations]
   conn->ctx = SSL_CTX_new(DTLSv1_method());
   ^~~~
In file included from /usr/include/openssl/ct.h:13:0,
                 from /usr/include/openssl/ssl.h:61,
                 from mini_ssl.c:15:
/usr/include/openssl/ssl.h:1630:1: note: declared here
 DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_method(void)) /* DTLSv1.0 */
 ^
make: *** [Makefile:239: mini_ssl.o] Error 1

make failed, exit code 2

Gem files will remain installed in /home/shark/.rvm/gems/ruby-2.3.3/gems/puma-3.4.0 for inspection.
Results logged to /home/shark/.rvm/gems/ruby-2.3.3/extensions/x86_64-linux/2.3.0/puma-3.4.0/gem_make.out
noraj commented 6 years ago

I think I know where does it come from:

Ruby versions older than 2.4 require OpenSSL 1.0 but RVM will try to build them with OpenSSL 1.1.

Install the old Ruby 2.3.1 with openssl support (see stackoverflow and archlinux wiki):

$ rvm pkg install openssl
$ rvm install 2.3.1 --with-openssl-dir=$HOME/.rvm/usr

So either I install ruby normally with rvm install 2.3.1 but can't install any gem because of a too recent version of openssl or il install ruby with the option --with-openssl-dir=$HOME/.rvm/usr and puma fail.

That's one more reason to update to a more recent version of ruby : https://github.com/mcpa-stlouis/hack-the-arch/issues/33

noraj commented 6 years ago

So I tried to git clone the repo, reinstall ruby 2.4.0 without --with-openssl-dir=$HOME/.rvm/usr (working because ruby 2.4+ works with OpenSSL 1.1 so I'm using system's openssl and not the rvm old package), but I'm stuck because json gem fails to build (see https://github.com/mcpa-stlouis/hack-the-arch/issues/22).

noraj commented 6 years ago

So I can't build HTA on ArchLinux with ruby 2.3.1, 2.3.3 or 2.4.0 because HTA use too old stuff. Please consider upgrading to ruby 2.4+, to support a proper openssl 1.1+.

cxspxr commented 5 years ago

@noraj please, explain how did you succeeded with. although this is not for this package, but I need it

$ rvm install 2.3.1 --with-openssl-dir=$HOME/.rvm/usr

for me it ends with

Error running '__rvm_make -j4',

UPDATE So apparently you need gcc-5 for it to be compiled.

noraj commented 5 years ago

This bug doesn't appear anymore with dev branch and the new fix (I tested with ruby 2.5.1).

cxspxr commented 5 years ago

@noraj as I've mentioned this is not for this package , I am sorry for re-opening, but it's related to this problem with ruby 2.3.1 and puma 3.4.0

noraj commented 5 years ago

@cxsper For me it is good, as it was fixed, but yeah you'll need to update your ruby version, this also solve https://github.com/mcpa-stlouis/hack-the-arch/issues/33 and fix some vulnerabilities.

PS : I'm not a member of the project, just an occasional contributor

cxspxr commented 5 years ago

@noraj there is nothing I am or was trying to do with this project, I just faced the same problem with puma 3.4.0 and ruby 2.3.1, and it was looking like youve managed to fix it somehow.

noraj commented 5 years ago

@cxsper I just switched from master branch to dev branch were they are using ruby 2.5 instead of 2.3. But I'm not the dev, I can't tell you what was the fix.

cxspxr commented 5 years ago

@noraj in case you're curious here is the solution (but again, I think we're a bit spammy you know because I barely see what it has to do with this project, and I need to mention again that I even do not really know what this project is about, I just faced the same problem in Rails project where I am one of developers): Install the openssl-1.0, gcc-5 compiler and the latest rvm. Assuming you have your openssl-1.0 installed under /usr/lib & /usr/include, make ruby 2.3.1 installation with gcc-5 compiling using openssl-1.0 as shown below:

$ PKG_CONFIG_PATH=/usr/lib/openssl-1.0/pkgconfig \
CFLAGS+=" -I/usr/include/openssl-1.0" \
LDFLAGS+=" -L/usr/lib/openssl-1.0 -lssl" \
CC=gcc-5 \
rvm install 2.3.1

Also you should not use the openssl shipped from rvm, I managed to get it working only with AUR openssl-1.0 (or it was official repos I don't remember) Somebody please close this one.

paullj1 commented 4 years ago

No issues heard after release. Closing.