Am 1. April 2012 02:57 schrieb randompasswords arenotgoodidea
<lists / ruby-forum.com>:
> thanks for the help. I am having a hellish time getting ruby to
> recognize the updated openSSL. First I compile new one from source,
> since it is not in the repository of my OS. After I compile the new
> version OpenSSL still thinks it is (and therefor is...) the old version
> that came with my OS. So I need to completely remove OpenSSL and then
> install from source. Great now OpenSSL is the newest version! But
> crap.....
>
> OpenSSL::Cipher::Cipher.new("AES-128-CTR")
>
> it says not a supported cipher (and I tried 256 and lower case also just
> in case I made simple mistake here, but OFB and such still work so it is
> actually not recognizing the mode)
>
> when I do
>
> puts OpenSSL::VERSION
>
> it says I run 1.0.1 which is good, seems things should work ?!
>
> but when I run
>
> OpenSSL::OPENSSL_VERSION
>
> it says OpenSSL 1.0.0e
>
> so I think the problem may be this since it says 1.0.0e instead of 1.0.1
> (of course I have no idea the difference between running VERSION and
> OPENSSL_VERSION , the documentation does not answer this well enough for
> me to exactly understand the distinction)
>
> I have reinstalled ruby from source a dozen times now trying different
> things. I try to point it at the directory I install 1.0.1 to with
> --with-openssl-dir=/path/to/openssl as I see many suggest and it has no
> idea what I am talking about (invalid option in new version of Ruby it
> seems).
>
> I try for hours now to get ruby to work with the new version of openssl
> so I can use CTR mode but nothing I do works and I really can't think of
> what else I could possibly try at this point, and no amount of google is
> helping I have exhausted the pages.
>
> Again thanks for your help sorry if I sound a bit irritated in this post
> but omfg why so hard to do such a simple thing 0_0
>

The problem is that when you recompile Ruby with --with-openssl-dir,
this won't get passed through to the step when the actual OpenSSL
extension will be built. You could upgrade your OpenSSL on the OS
level, but you probably don't want to if it's not in the package system
yet. Then things would work automagically, but you can still get
1.0.1 support with a custom OpenSSL installation:

Ruby OpenSSL is a C extension that has its own build process
using an extconf.rb file. So what you can do is go to your Ruby
source directory, and there to ext/openssl.
Run
  ruby extconf.rb --with-openssl-dir=/path/to/openssl1.0.1
then
  make
This will produce openssl.so. Take that file and go to the directory
where your Ruby installation lives, there you go to
   lib/ruby/1.9.<x>/i686 (32bit)
or
  lib/ruby/1.9.x/x86_64... (64 bit, depends on your OS, you'll only find
native libraries in it)

and replace the file openssl.so (or .dynlib or .dll) with the one you just
compiled.

Now `ruby -ropenssl -e 'puts OpenSSL::OPENSSL_VERSION` should
print the desired 1.0.1.

-Martin