-
Notifications
You must be signed in to change notification settings - Fork 283
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Define SKIP_GNU token when building extension (Fixes FreeBSD >= 12) #189
Define SKIP_GNU token when building extension (Fixes FreeBSD >= 12) #189
Conversation
Openwall's crypt_blowfish library supports patching libc implementations. Part of this includes function definitions for `crypt` and `crypt_r`. Unfortunately, the function definition for `crypt_r` differs on FreeBSD >= 12 (and possibly others), which causes the extension to fail in building. This is due to the nature of how the extension works, where a C->Ruby extension is used, instead of just using a FFI such as Fiddle directly against `crypt_blowfish` and `crypt_gensalt`. The C->Ruby extension includes `ruby.h`, which in turn has a requirement on `unistd.h`, where the `crypt_r` function has already been defined, albeit with the different function signature. Defining the __SKIP_GNU token causes the `ow-crypt.h` header not to attempt defining(redefining) these two function definitions that may conflict with libc. We're not using either of them (only the re-entrant versions) so no harm done by skipping their definitions.
3b42d13
to
613daca
Compare
From what I gather, the core (bcrypt) functionality is in |
I wonder if it's the inclusion of In any case, both |
I couldn't get it to compile with that (maybe I did something wrong). I think it's just system libc (included by I made two files (or whatever the correct term is) which proxy the required functions to |
I tested your patch on FreeBSD 12 and it indeed works.
With my patch on FreeBSD 12?
That makes a bit more sense, tho I could of swore that |
The patch + removing
yeah I was confused as well but it kind of makes sense after a while. |
The patch on it's own should be sufficient. I just tested it again thinking I had maybe a false positive. I'd be curious to know if it is indeed busted and why. Doubt it matters, but here's what I'm running:
|
I just tried your patch works for me.
Is there anything that needs to be done that this can be merged and released? (it breaks some projects for me) |
Can someone kick off Travis again? I think the 1 failure was a network timeout and not related to this patch. |
@adam12 apparently you can close an reopen the pull request (travis-ci/travis-ci#576 (comment)) which should retrigger the pull request |
@fliiiix right you were! |
@tjschuck what needs to be done to get this merged? |
Same issue here, FreeBSD-12.
|
For us bcrypt gets fetched & installed as part of |
I just point bcrypt to my own patched fork wherever I use it until this gets merged (or fixed in some other way). |
|
Sorry, but how do you do that? I'm assuming you're using a rails project. |
Something like this in Gemfile (or make your own fork if you want use specific version and adjust accordingly)
|
Sorry, but aren't you referring to adam's patch which you (and myself) had problems building with? |
That was referring to
The original patch (this PR) works fine (also it's the first thing I tried before even looking at this). |
Wow! I removed mentions of wrapper.c & wrapper.o from Makefile & ext/mri/Makefile (without deleting wrapper.c itself) and now the build succeeded! Thanks a lot!
|
Building it one thing, installing it is another ) I tried copying the resultant bcrypt_ext.so to |
What are you trying to do? If it's just installing bcrypt for rails or other ruby app using bundler/Gemfile, have you tried switching (by updating Gemfile) to the patched version I mentioned above? |
Replacing that line locally is harder than I thought :)
Most of our other servers still use FreeBSD 10.x where there's no problem building bcrypt. |
As written there, you need to either update the lockfile somewhere else or (temporarily) disable deployment mode. |
Merge? |
@tjschuck @tenderlove were there any concerns with this PR? or anything need clarifying? Thanks! |
🎉 nice |
Is there an ETA when this will be in a release? I would love to upgrade the FreeBSD package. |
@tenderlove I hope there'll be a new release soon! |
@tenderlove ping, why not make a release? |
@metalefty tbh I didn't want to step on @tjschuck's toes. @tjschuck do you have time for a release? If not, I will do it 😊 |
@tenderlove We FreeBSD users really appreciate if you guys make a new release 💯 |
@metalefty seems like @tjschuck is busy, so I'll just ship it today. Sorry this is taking so long |
I shipped 3.1.13. Please let me know if there's anything else we need! |
Thanks! bcrypt 3.1.13 got successfully installed without an error on my FreeBSD 12 host. |
@knu thanks for the feedback! |
Thanks you all! |
Thank you for the release 👍 |
Defining the
SKIP_GNU
token as a compile flag forces the build ofcrypt_blowfish
not to attempt redefinition ofcrypt
andcrypt_r
which possibly conflict with the system libc depending on their function definition. This allowsbcrypt-ruby
to build again on FreeBSD >= 12.0.I spent a bunch of time debugging the real reason for why this occurred:
The fine FreeBSD folk just patched out the conflicting function definitions from the vendored C source.
Solardiz suggested that bcrypt-ruby was interacting with
crypt_blowfish
incorrectly, which is entirely possible (I'll humbly defer to Solar Designer here) but I didn't see how/why during my investigation.Compiling
bcrypt_blowfish
independently works fine on FreeBSD 12. It only fails when linked against anything that's includedunistd.h
.bcrypt-ruby
doesn't usecrypt
orcrypt_r
so I think we're safe defining this token and building without those function definitions. The only downside I see is we're now dependent on this token which might be internal only. I don't see it disappearing so I suspect the risk is minimal.