Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
default variable ignored for `openssl_fips`
See original GitHub issueI can’t build element-desktop with node18 due to the error message:
gyp: name 'openssl_fips' is not defined while evaluating condition 'openssl_fips != ""' in binding.gyp while trying to load binding.gyp
openssl_fips used in /tmp/portage/net-im/element-desktop-1.11.10/homedir/.electron-gyp/20.1.4/include/node/common.gypi,
which is fetched from https://electronjs.org/headers/v20.1.4/node-v20.1.4-headers.tar.gz and put in npm_config_devdir, i.e. ~/.electron-gyp.
include/node/common.gypi looks like this:
{
'variables': {
...,
'openssl_fips%': '',
'openssl_no_asm%': 0,
'conditions': [
...,
['openssl_fips != ""', {
'openssl_product': '<(STATIC_LIB_PREFIX)openssl<(STATIC_LIB_SUFFIX)',
}, {
'openssl_product': '<(STATIC_LIB_PREFIX)openssl<(STATIC_LIB_SUFFIX)',
}],
...
]
}
The definition of openssl_fips% = '' is also in the file, so according to https://gyp.gsrc.io/docs/InputFormatReference.md variables ending with % should be used as default value if not set previously.
But that mechanism doesn’t seem to kick in:
- first, to be able to debug and see a backtrace, edit
node-gyp/gyp/pylib/gyp/__init__.pysodef main(args):only doesreturn gyp_main(args)without swallowing the very useful backtrace. - when inspecting the variables dictionary in
node_modules/node-gyp/gyp/pylib/gyp/input.py’sEvalSingleConditionjust before the crash'openssl_fips%': '', butopenssl_fipsis unset. The condition expression from the node-headers then can’t be evaluated since the variable is not available whenEvalSingleConditionrunseval(ast_code, ..., variables).
-> either, the condition has to lookup the variable with a % appended, or it needs to be in the variables dict without a %. I guess the latter should be the case.
I haven’t found yet where exactly the bug is, or if it even is a bug in node-gyp. But maybe you already have some idea 😃
- Node Version: node v18.10.0 and npm 8.19.2
- Platform: Linux 5.19.8-JJ
- Compiler: gcc version 12.2.0
- Module: keytar, for element-desktop
Verbose output (from npm or node-gyp):
yarn run hak
neon info generating native/index.node
hak build: keytar
Running yarn with env {
[... many env variables],
npm_config_init_version: '1.0.0',
npm_config_arch: 'x64',
npm_config_target_arch: 'x64',
npm_config_disturl: 'https://electronjs.org/headers',
npm_config_runtime: 'electron',
npm_config_target: '20.1.4',
npm_config_build_from_source: true,
npm_config_devdir: '/tmp/portage/net-im/element-desktop-1.11.10/homedir/.electron-gyp'
}
gyp info it worked if it ends with ok
gyp info using node-gyp@8.4.1
gyp info using node@18.10.0 | linux | x64
gyp info find Python using Python version 3.10.7 found at "/usr/lib/python-exec/python3.10/python3"
gyp http GET https://electronjs.org/headers/v20.1.4/node-v20.1.4-headers.tar.gz
gyp http 200 https://artifacts.electronjs.org/headers/dist/v20.1.4/node-v20.1.4-headers.tar.gz
gyp http GET https://electronjs.org/headers/v20.1.4/SHASUMS256.txt
gyp http 200 https://artifacts.electronjs.org/headers/dist/v20.1.4/SHASUMS256.txt
gyp info spawn /usr/lib/python-exec/python3.10/python3
gyp info spawn args [
gyp info spawn args '/tmp/portage/net-im/element-desktop-1.11.10/work/element-desktop-1.11.10/.hak/keytar/x86_64-unknown-linux-gnu/build/node_modules/node-gyp/gyp/gyp_main.py',
gyp info spawn args 'binding.gyp',
gyp info spawn args '-f',
gyp info spawn args 'make',
gyp info spawn args '-I',
gyp info spawn args '/tmp/portage/net-im/element-desktop-1.11.10/work/element-desktop-1.11.10/.hak/keytar/x86_64-unknown-linux-gnu/build/build/config.gypi',
gyp info spawn args '-I',
gyp info spawn args '/tmp/portage/net-im/element-desktop-1.11.10/work/element-desktop-1.11.10/.hak/keytar/x86_64-unknown-linux-gnu/build/node_modules/node-gyp/addon.gypi',
gyp info spawn args '-I',
gyp info spawn args '/tmp/portage/net-im/element-desktop-1.11.10/homedir/.electron-gyp/20.1.4/include/node/common.gypi',
gyp info spawn args '-Dlibrary=shared_library',
gyp info spawn args '-Dvisibility=default',
gyp info spawn args '-Dnode_root_dir=/tmp/portage/net-im/element-desktop-1.11.10/homedir/.electron-gyp/20.1.4',
gyp info spawn args '-Dnode_gyp_dir=/tmp/portage/net-im/element-desktop-1.11.10/work/element-desktop-1.11.10/.hak/keytar/x86_64-unknown-linux-gnu/build/node_modules/node-gyp',
gyp info spawn args '-Dnode_lib_file=/tmp/portage/net-im/element-desktop-1.11.10/homedir/.electron-gyp/20.1.4/<(target_arch)/node.lib',
gyp info spawn args '-Dmodule_root_dir=/tmp/portage/net-im/element-desktop-1.11.10/work/element-desktop-1.11.10/.hak/keytar/x86_64-unknown-linux-gnu/build',
gyp info spawn args '-Dnode_engine=v8',
gyp info spawn args '--depth=.',
gyp info spawn args '--no-parallel',
gyp info spawn args '--generator-output',
gyp info spawn args 'build',
gyp info spawn args '-Goutput_dir=.'
gyp info spawn args ]
gyp: name 'openssl_fips' is not defined while evaluating condition 'openssl_fips != ""' in binding.gyp while trying to load binding.gyp
gyp ERR! configure error
gyp ERR! stack Error: `gyp` failed with exit code: 1
gyp ERR! stack at ChildProcess.onCpExit (/tmp/portage/net-im/element-desktop-1.11.10/work/element-desktop-1.11.10/.hak/keytar/x86_64-unknown-linux-gnu/build/node_modules/node-gyp/lib/configure.js:259:16)
gyp ERR! stack at ChildProcess.emit (node:events:513:28)
gyp ERR! stack at ChildProcess._handle.onexit (node:internal/child_process:291:12)
gyp ERR! System Linux 5.19.8-JJ
gyp ERR! command "/usr/bin/node" "/tmp/portage/net-im/element-desktop-1.11.10/work/element-desktop-1.11.10/.hak/keytar/x86_64-unknown-linux-gnu/build/node_modules/.bin/node-gyp" "rebuild"
gyp ERR! cwd /tmp/portage/net-im/element-desktop-1.11.10/work/element-desktop-1.11.10/.hak/keytar/x86_64-unknown-linux-gnu/build
gyp ERR! node -v v18.10.0
gyp ERR! node-gyp -v v8.4.1
gyp ERR! not ok
Issue Analytics
- State:
- Created a year ago
- Comments:18 (9 by maintainers)
Top Results From Across the Web
Allow enabling FIPS mode from an environment variable
Allow OPENSSL_FIPS=enable to enable FIPS mode, but don't provide an equivalent to disable it, I don't think this causes any security issues.
Read more >openssl-fipsinstall
The default value of '1' will cause the fips module error state to be entered. If the value is '0' then the module...
Read more >Ubuntu FIPS 140-2 Modules FAQ
How do I enable FIPS 140 on an Ubuntu LTS release? By default Ubuntu does not contain FIPS validated packages. To enable FIPS...
Read more >How to enable FIPS mode for libcrypto and libssl packaged ...
Since OPENSSL_FIPS env var is handled at openssl executable level, which will be bypassed (as libcrypto will be used directly), it's no use...
Read more >FIPS mode verification - Red Hat Customer Portal
I'm reading about installed RHEL in FIPS mode and I see this: ~~~ To fulfil the strict FIPS 140-2 compliance, add the fips=1...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Any idea how we can properly resolve this issue? Thanks! Wait until electron depends on
>=node-gyp-9.0or no longer includes theopenssl_fips-using config file?I’ve now “fixed” this “problem” for my concrete gentoo ebuild with a lot of duct-tape: https://github.com/SFTtech/gentoo-overlay/commit/3eb701ffab15e451493485a8d0953860524b50b3
I couldn’t just depend on node-16 because some dependency
png-to-icorequires"@types/node": "^17.0.36",. I’m impressed how these projects do ever even build once.