Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ubuntu 22.04 x64: could not load ssl libraries #151

Open
yaakov-h opened this issue Oct 30, 2023 · 5 comments
Open

Ubuntu 22.04 x64: could not load ssl libraries #151

yaakov-h opened this issue Oct 30, 2023 · 5 comments

Comments

@yaakov-h
Copy link 

LibGit2Sharp.LibGit2SharpException: could not load ssl libraries
   at LibGit2Sharp.Core.Ensure.HandleError(Int32 result) in /_/LibGit2Sharp/Core/Ensure.cs:line 154
   at LibGit2Sharp.Core.Proxy.git_remote_connect(RemoteHandle remote, GitDirection direction, GitRemoteCallbacks& remoteCallbacks, GitProxyOptions& proxyOptions) in /_/LibGit2Sharp/Core/Proxy.cs:line 2172
   at LibGit2Sharp.Repository.ListRemoteReferences(String url, CredentialsHandler credentialsProvider) in /_/LibGit2Sharp/Repository.cs:line 689

Using a project with LibGit2Sharp built with dotnet publish --configuration Release --runtime linux-x64 --no-self-contained, resulting in libgit2-e632535.so, and running on .NET 6.0.415.

By using strace with some trial-and-error, it seems that LibGit2Sharp requires OpenSSL 1.1, but Ubuntu 22.04 (and higher, I assume) only ship with OpenSSL 3.

As a workaround, installing http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.20_amd64.deb fixes the issue and lets LibGit2Sharp run.

What needs to be done to make this work with OpenSSL 3?
@bording
Copy link
Member

bording commented Nov 3, 2023

libgit2 already supports OpenSSL 3, and we test against Ubuntu 22.04 in the LibGit2Sharp repo, and everything works fine. I've also done some extra manual testing recently, and haven't been able to reproduce the problem you're describing.

@johnbailey-transactcampus
Copy link

Ran into the same issue with .NET8 Web App hosted on Containers using 0.27.0-preview-0175. could not load ssl libraries

This is built against mcr.microsoft.com/dotnet/aspnet:8.0 and mcr.microsoft.com/dotnet/sdk:8.0

The stack trace was the same.

LibGit2Sharp.LibGit2SharpException:
   at LibGit2Sharp.Core.Ensure.HandleError (LibGit2Sharp, Version=0.27.0.0, Culture=neutral, PublicKeyToken=7cbde695407f0333: /_/LibGit2Sharp/Core/Ensure.cs:154)
   at LibGit2Sharp.Core.Ensure.ZeroResult (LibGit2Sharp, Version=0.27.0.0, Culture=neutral, PublicKeyToken=7cbde695407f0333: /_/LibGit2Sharp/Core/Ensure.cs:172)
   at LibGit2Sharp.Core.Proxy.git_clone (LibGit2Sharp, Version=0.27.0.0, Culture=neutral, PublicKeyToken=7cbde695407f0333: /_/LibGit2Sharp/Core/Proxy.cs:275)
   at LibGit2Sharp.Repository.Clone (LibGit2Sharp, Version=0.27.0.0, Culture=neutral, PublicKeyToken=7cbde695407f0333: /_/LibGit2Sharp/Repository.cs:793)

The resolution was also the same - we just had to install the OpenSSL 1.1 libraries into the final .NET container:

RUN apt-get update \
	&& apt-get install -y wget \
	&& wget http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.20_amd64.deb \
	&& dpkg -i libssl1.1_1.1.1f-1ubuntu2.20_amd64.deb \
	&& rm -f libssl1.1_1.1.1f-1ubuntu2.20_amd64.deb

@bording
Copy link
Member

bording commented Nov 22, 2023

@johnbailey-transactcampus You really shouldn't need to do that. It works just fine with OpenSSL 3. I have tests that run against OpenSSL 3 that prove that.

If you can provide me with a sample project that I use to reproduce it, I'll take another look, but all of my testing indicates this shouldn't be required.

@johnbailey-transactcampus
Copy link

Just from perusing the code, it looks like we might be hitting this old path - where openssl3.0 is not in libgit2? This is just an uneducated guess, though.

Sadly, the project where this repro'ed is proprietary and closed-source, so I can't give you an example to work with; however, it should be easy enough (in theory) to reproduce by creating a web app hosted on the default .NET containers and adding the LibGit2Sharp NuGet package (0.20.0-preview-0175) and calling clone - or, in the case of op, remote connect.

I can confirm openssl 3.0 comes standard on the .NET8 containers, so this would - generally - result in pointing back to that handle load block I referenced earlier in this comment as being the culprit.

docker run -it --rm --entrypoint=/bin/bash mcr.microsoft.com/dotnet/aspnet:8.0
root@a2579d7876bd:/# openssl version
OpenSSL 3.0.11 19 Sep 2023 (Library: OpenSSL 3.0.11 19 Sep 2023)

@bording
Copy link
Member

bording commented Nov 23, 2023

LibGit2Sharp NuGet package (0.20.0-preview-0175)

That version is old and out of date. You should definitely update to the latest version and then see if you still have the problem. It's quite likely that the libgit2 version contained in that preview version doesn't work with OpenSSL 3.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@yaakov-h @bording @johnbailey-transactcampus