|
| 1 | + |
| 2 | +In order to get DTLS to work, you need a patched copy of Openssl. |
| 3 | +Get it here: |
| 4 | + https://github.com/mcr/openssl/tree/dtls-listen-refactor |
| 5 | + |
| 6 | +build and install it. You might want to compile without DSO support, as that will |
| 7 | +make it easier for the ruby-openssl module to link in the right code. To do |
| 8 | +that you can do: |
| 9 | + ./Configure no-shared --prefix=/sandel/3rd/openssl --debug linux-x86_64 |
| 10 | + |
| 11 | +(--debug being optional) |
| 12 | + |
| 13 | +The resulting openssl.so will be significantly bigger, btw: |
| 14 | + %size tmp/x86_64-linux/openssl/2.4.1/openssl.so |
| 15 | + text data bss dec hex filename |
| 16 | + 3889567 261788 16856 4168211 3f9a13 tmp/x86_64-linux/openssl/2.4.1/openssl.so |
| 17 | + |
| 18 | + |
| 19 | +Pick a --prefix which is not on your regular paths. Probably gem can be |
| 20 | +persuaded to do all of this, but hopefully the code will upstreamed sooner |
| 21 | +and the problem will go away. |
| 22 | + |
| 23 | +If DTLSv1_accept() is not available, then the DTLS support will not include |
| 24 | +server side code, only client side code. No patches are necessary to make |
| 25 | +client-side DTLS work. To be sure that the patch has been found is enabled |
| 26 | +check for: |
| 27 | + |
| 28 | + checking for DTLSv1_accept()... yes |
| 29 | + |
| 30 | + |
| 31 | +Then build with: |
| 32 | + |
| 33 | + rake compile -- --with-openssl-dir=/sandel/3rd/openssl |
| 34 | + |
| 35 | +I don't know how to add the extra arguments required to your Gemfile so that |
| 36 | +it will be built properly during bundle processing. I'm sure that there is a way, |
| 37 | +patches welcome. I do: |
| 38 | + gem build openssl |
| 39 | + gem install ./openssl-2.2.0.pre.mcr1.gem |
| 40 | + |
| 41 | +BTW: the pull request is at: |
| 42 | + https://github.com/openssl/openssl/pull/5024 |
| 43 | +and comments would be welcome. |
0 commit comments