“libcrypto.so.1.0.0: version 'OPENSSL_1.0.1' not found ” during shell_exec

1
votes

I'm running into a bit of a weird issue in PHP using shell_exec to run git commands. This is a brand new image of Ubuntu 16.x LTS with only a copy of Lampp installed and the git packages. Within a php script which I intend to webhook to, running shell_exec('/usr/bin/git pull 2>&1') prints out the following error.

ssh: /opt/lampp/lib/libcrypto.so.1.0.0: version 'OPENSSL_1.0.1' not found (required by ssh)
fatal: Could not read from remote repository.`

I can pull the repository using git pull from the command line and that the user running apache has ownership of all files in the htdocs directory.

openssl version -a results in the following:

OpenSSL 1.0.2g-fips  1 Mar 2016
built on: reproducible build, date unspecified
platform: debian-amd64
options:  bn(64,64) rc4(16x,int) des(idx,cisc,16,int) blowfish(idx)
compiler: cc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN
-DHAVE_DLFCN_H -m64 -DL_ENDIAN -g -O2 -fstack-protector-strong -Wformat -Werror=format-security
-Wdate-time -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack -Wall
-DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5
-DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM
-DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
OPENSSLDIR: "/usr/lib/ssl"

Is this an issue with the Lamp 5.6.21, or is this an issue with my setup?

1
phpgitgithubsshopenssl
Sounds like you don't have openssl installed from command linescrowler
Type openssl version -a on the command line. Is it OpenSSL 1.0.1 or 1.0.2? (It sounds like your remote repo is supplying binaries built against 1.0.1).jww
I've added the output of the command, it looks like it is version 1.0.2, is downgrading necessary?Sidriel
@Sidriel - you can probably suffice with: (1) download/build OpenSSL 1.0.1. (2) install at /opt/openssl-1.0.1. (3) make a script to launch PHP, and use something like LD_LIBRARY_PATH="/opt/openssl-1.0.1/lib:$LD_LIBRARY_PATH" /opt/lampp/bin/php.jww

1 Answers

2
votes

So you have XAMPP installed into /opt/lampp and trying to run native (as in coming from Ubuntu, not XAMPP) git via shell_exec(). What is the environment this shell runs in? It's the environment that XAMPP uses with LD_LIBRARY_PATH set /opt/lampp/lib, which is absolutely needed for all XAMPP components (because they're built to use these libraries from /opt/lampp/lib). Then git inherits this same environment and (although it has perfect openssl library from Ubuntu somewhere in /lib/x86_64-linux-gnu) tries to use libraries from /opt/lampp/lib, bang.

What you need is just to clear LD_LIBRARY_PATH environment variable prior to git invocation, like:

$oldldpath = getenv('LD_LIBRARY_PATH');
putenv("LD_LIBRARY_PATH=");
shell_exec('/usr/bin/git pull 2>&1');
putenv("LD_LIBRARY_PATH=$oldldpath");