Ok, I figured it out. Here’s a dump of my brew formula for xmlsec1:
> require 'formula' > > class Libxmlsec1 < Formula > homepage 'http://www.aleksey.com/xmlsec/' > url 'http://www.aleksey.com/xmlsec/download/xmlsec1-1.2.19.tar.gz' > sha1 '9f24f84bf6f4a61fc55637f016b56c0f44c048ba' > > depends_on 'pkg-config' => :build > > # Add HOMEBREW_PREFIX/lib to dl load path > def patches; DATA; end > > def install > system "./configure", "--disable-dependency-tracking", > "--prefix=#{prefix}", > > "--with-libxml=#{Formula.factory("libxml2").opt_prefix}", > "--disable-crypto-dl", > "--disable-apps-crypto-dl", > "--with-openssl=/usr/local/Cellar/openssl/1.0.1e/" > system "make install" > end > end Notice the omission of dependent packages (and libxml2, since Mac OSX 10.9 (Maverick) ships with a compatible version) depends_on 'libxml2' # Version on 10.6/10.7 is too old depends_on 'gnutls' => :recommended depends_on 'libgcrypt' unless build.without? ‘gnutls' And then the addition of "--with-openssl=/usr/local/Cellar/openssl/1.0.1e/“ pointing directly to the lib path for OpenSSL. YMMV depending on the release of openssl you got from brew. That’s it, now my execution of xmlsec1 works correctly. Thanks Aleksey for all your help! -Ryan On Jan 22, 2014, at 2:14 PM, Aleksey Sanin <[email protected]> wrote: > LD_LIBRARY_PATH (or whatever the equivalent on MacOSX) > > Aleksey > > On 1/22/14, 12:07 PM, Ryan Floyd wrote: >> Yea, so why did it find OpenSSL 0.9.8 (which shipped with my MBP) if I’m >> statically linking libcrypto.a to 1.0.1.e? >> >> And we can’t use dynamic linking, per an earlier discussion, in the brew >> formula, it specifies: >> "--disable-crypto-dl”, >> "--disable-apps-crypto-dl", >> >> Uncommenting these will result in different errors. >> >> Or, did I not properly install openssl 1.0.1.e to be the default runtime? >> >> Thanks for your help, >> Ryan >> >> On Jan 22, 2014, at 1:57 PM, Aleksey Sanin <[email protected]> wrote: >> >>> Different version of OpenSSL during build and run times? >>> >>> Aleksey >>> >>> On 1/22/14, 11:51 AM, Ryan Floyd wrote: >>>> Hi all, >>>> >>>> I’ve been wrestling getting xmlsec1 to work properly on my MacBook Pro >>>> 13.3” Retina with 10.9 (Maverick). I installed Openssl 1.0.1e through >>>> Brew, and then changed the /usr/lib/libscrypto.dylib and >>>> /usr/lib/libssl.dylib and /usr/bin/openssl to point to the Brew openssl >>>> version: >>>>> openssl version >>>> OpenSSL 1.0.1e 11 Feb 2013 >>>> >>>> Then I changed the Brew formula for xmlsec1, adding the configure >>>> parameter to use openssl: "--with-openssl=/usr” >>>> >>>> At the point the installation failed, looking for the static >>>> libcrypto.a. I manually linked the libscrypto.a library: >>>> sudo ln -s /usr/local/Cellar/openssl/1.0.1e/lib/libcrypto.a >>>> /usr/lib/libcrypto.a >>>> >>>> At this point, all seems fine, I can execute xmlsec1 —help, and the >>>> program executes. However, when I try to actually do anything useful >>>> with xmlsec1, it throws an Segmentation Fault (Error -11). From the >>>> debugger, this is the actual error: >>>> >>>>> r --verify --pubkey-cert-pem ~/tmp/pubkey.pem --id-attr:ID >>>>> 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' ~/tmp/verify.xml >>>>> There is a running process, kill it and restart?: [Y/n] y >>>>> Process 54301 launched: '/usr/bin/xmlsec1' (x86_64) >>>>> Process 54301 stopped >>>>> * thread #1: tid = 0x9df18c, 0x00000001000ae1f1 >>>>> libxmlsec1-openssl.1.dylib`EVP_PKEY_CTX_free + 14, queue = >>>>> 'com.apple.main-thread, stop reason = EXC_BAD_ACCESS (code=EXC_I386_GPFLT) >>>>> frame #0: 0x00000001000ae1f1 >>>>> libxmlsec1-openssl.1.dylib`EVP_PKEY_CTX_free + 14 >>>>> libxmlsec1-openssl.1.dylib`EVP_PKEY_CTX_free + 14: >>>>> -> 0x1000ae1f1: movq (%rbx), %rax >>>>> 0x1000ae1f4: testq %rax, %rax >>>>> 0x1000ae1f7: je 0x1000ae207 ; EVP_PKEY_CTX_free + 36 >>>>> 0x1000ae1f9: movq 24(%rax), %rax >>>> >>>> >>>> (BTW, if I don’t specify with-openssl, it will use libgcrypt, and I >>>> still get the same error, here’s that stack) >>>> >>>>> r --verify --pubkey-cert-pem ~/tmp/pubkey.pem --id-attr:ID >>>>> 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' ~/tmp/verify.xml >>>>> There is a running process, kill it and restart?: [Y/n] y >>>>> Process 2982 launched: '/usr/bin/xmlsec1' (x86_64) >>>>> Process 2982 stopped >>>>> * thread #1: tid = 0x9c72b2, 0x000000010012777d >>>>> libcrypto.1.0.0.dylib`EVP_PKEY_CTX_free + 14, queue = >>>>> 'com.apple.main-thread, stop reason = EXC_BAD_ACCESS (code=EXC_I386_GPFLT) >>>>> frame #0: 0x000000010012777d >>>>> libcrypto.1.0.0.dylib`EVP_PKEY_CTX_free + 14 >>>>> libcrypto.1.0.0.dylib`EVP_PKEY_CTX_free + 14: >>>>> -> 0x10012777d: movq (%rbx), %rax >>>>> 0x100127780: testq %rax, %rax >>>>> 0x100127783: je 0x100127793 ; EVP_PKEY_CTX_free + 36 >>>>> 0x100127785: movq 24(%rax), %rax >>>> >>>> On my production system, Ubuntu 12.04.3, I installed via apt, and >>>> everything works fine: >>>>> sudo apt-get install xmlsec1 >>>> >>>> >>>> Any help is appreciated. >>>> >>>> I’ve attached the verbose brew log. >>>> >>>> >>>> Thanks, >>>> Ryan >>>> >>>> >>>> >>>> _______________________________________________ >>>> xmlsec mailing list >>>> [email protected] >>>> http://www.aleksey.com/mailman/listinfo/xmlsec >>>> >> _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
