"uninitialized constant OpenSSL :: PKey :: EC" from Ruby on CentOS 6.6

Question

"uninitialized constant OpenSSL :: PKey :: EC" from Ruby on CentOS 6.6

I have a Rails server application that uses stone openid_connect. When I try to run it on CentOS 6.6, I get:

uninitialized constant OpenSSL::PKey::EC

Here is the full stack:

$ rails server
/home/foo/.rvm/gems/ruby-2.1.3/gems/json-jwt-1.5.1/lib/json/jwk/jwkizable.rb:69:in `<top (required)>': uninitialized constant OpenSSL::PKey::EC (NameError)
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/json-jwt-1.5.1/lib/json/jwt.rb:102:in `<top (required)>'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/openid_connect-0.9.2/lib/openid_connect/response_object/id_token.rb:1:in `<top (required)>'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/openid_connect-0.9.2/lib/openid_connect/response_object.rb:7:in `block in <top (required)>'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/openid_connect-0.9.2/lib/openid_connect/response_object.rb:6:in `each'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/openid_connect-0.9.2/lib/openid_connect/response_object.rb:6:in `<top (required)>'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/openid_connect-0.9.2/lib/openid_connect/connect_object.rb:52:in `<top (required)>'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/openid_connect-0.9.2/lib/openid_connect.rb:85:in `<top (required)>'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/bundler-1.10.6/lib/bundler/runtime.rb:76:in `require'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/bundler-1.10.6/lib/bundler/runtime.rb:76:in `block (2 levels) in require'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/bundler-1.10.6/lib/bundler/runtime.rb:72:in `each'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/bundler-1.10.6/lib/bundler/runtime.rb:72:in `block in require'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/bundler-1.10.6/lib/bundler/runtime.rb:61:in `each'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/bundler-1.10.6/lib/bundler/runtime.rb:61:in `require'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/bundler-1.10.6/lib/bundler.rb:134:in `require'
    from /home/foo/tmp/openid_connect_sample/config/application.rb:7:in `<top (required)>'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/railties-3.2.22/lib/rails/commands.rb:53:in `require'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/railties-3.2.22/lib/rails/commands.rb:53:in `block in <top (required)>'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/railties-3.2.22/lib/rails/commands.rb:50:in `tap'
    from /home/foo/.rvm/gems/ruby-2.1.3/gems/railties-3.2.22/lib/rails/commands.rb:50:in `<top (required)>'
    from script/rails:6:in `require'
    from script/rails:6:in `<main>'

What does this mean and how can I pass by?

+4

ruby openssl centos jwt openid-connect

Grant birchmeier 25 sept. '15 at 20:37

source share

2 answers

CentOS 6.6. openssl ruby, . , , , CentOS 6.7 .

, :

openssl098e-0.9.8e-18.el6_5.2.x86_64                                                            
openssl-1.0.1e-42.el6.x86_64                                                                
openssl-1.0.1e-42.el6.i686
openssl-devel-1.0.1e-42.el6.x86_64
glibc-2.12-1.166.el6_7.3.x86_64
kernel-2.6.32-573.7.1.el6.x86_64

, json-jwt gem .

, , , RPM.

RVM, . RVM centos, .

Found remote file https://rvm.io/binaries/centos/6/x86_64/ruby-1.9.3-p484.tar.bz2

:

rvm reinstall --disable-binary ruby-1.9.3-p484

:

 #applying patch .rvm/patches/ruby/ssl_no_ec2m.patch.

, , , .

! , ruby openssl.so , . centos ruby :

$ cd ~/.rvm/rubies/ruby-1.9.3-p484/lib/ruby/1.9.1/x86_64-linux
$ strings openssl.so |grep _EC
PEM_write_bio_ECPKParameters
i2d_ECPKParameters
PEM_read_bio_ECPKParameters
d2i_ECPKParameters
PEM_write_bio_ECPrivateKey
i2d_ECPrivateKey_bio
i2d_EC_PUBKEY_bio
PEM_write_bio_EC_PUBKEY
PEM_read_bio_ECPrivateKey
PEM_read_bio_EC_PUBKEY
d2i_ECPrivateKey_bio
d2i_EC_PUBKEY_bio
OPENSSL_1.0.1_EC
EVP_PKEY_assign_EC_KEY
OP_SINGLE_ECDH_USE

, openssl 1.0.1 C, - , .

openssl.so , , , , .

+1

Cal 15 . '15 14:09

Grant Birchmeier · Accepted Answer · 2015-09-25T20:37:34+0000

This problem is related to Red Hat's refusal to include (for fear of patent) certain Elliptic Curve (EC) algorithms in the default assembly in OpenOSL on CentOS.

Note. According to @Cal's answer , CentOS 6.7 does not have this problem.

openid_connect json-jwt, .

, OpenSSL, .

, ( ), OpenSSL :

cd /usr/src
wget https://www.openssl.org/source/openssl-1.0.1l.tar.gz
yum install autoconf automake (, , )
tar zxvf openssl-1.0.1l.tar.gz
cd openssl-1.0.1l
export CFLAGS="-fPIC"
./config --prefix=/opt/openssl shared enable-ec enable-ecdh enable-ecdsa
make all
make install

Ruby, , OpenSSL, , .

rvm? ! Rubies, , OpenSSL. rvm remove Ruby ( ruby).

rvm? , Ruby . , , , , ? , , .

bunder bundle install, rails server .

( - , , , .)

"uninitialized constant OpenSSL :: PKey :: EC" from Ruby on CentOS 6.6

More articles: