Search code examples
phpopensslcomposer-phpphp-5.6amazon-linux

Problem with Amazon Linux 1 + PHP FPM 5.6 + Composer 2 + OpenSSL 1.0.2k-fips

I am having problems running the Composer 2 in an Amazon Linux 1 EC2 with OpenSSL 1.0.2k-fips.

When I try to run php composer.phar update I get:

Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Root composer.json requires linked library lib-openssl * but it has the wrong version installed or is missing from your system, make sure to load the extension providing it.
  Problem 2
    - Root composer.json requires minishlink/web-push 1.4.3 -> satisfiable by minishlink/web-push[v1.4.3].
    - minishlink/web-push v1.4.3 requires lib-openssl * -> it has the wrong version installed or is missing from your system, make sure to load the extension providing it.

Asking to PHP about the OpenSSL extension with php -i | grep -i openssl I can see it is installed

SSL Version => OpenSSL/1.0.2k
openssl
OpenSSL support => enabled
OpenSSL Library Version => OpenSSL 1.0.2k-fips  26 Jan 2017
OpenSSL Header Version => OpenSSL 1.0.2k-fips  26 Jan 2017
Openssl default config => /etc/pki/tls/openssl.cnf
openssl.cafile => no value => no value
openssl.capath => no value => no value
Native OpenSSL support => enabled

While running php composer.phar show -p | grep -i openssl

ext-openssl                0          The openssl PHP extension (actual version: )
lib-curl-openssl           1.0.2.11   curl OpenSSL version (1.0.2.11)
lib-openssl-fips           1.0.2.11   OpenSSL 1.0.2k-fips  26 Jan 2017

It seems that Composer 2 is not getting lib-openssl, but instead it gets lib-openssl-fips causing a dependency problem.

I would appreciate any help.

Solution

  • If you run composer update on the target platform and you know that lib-openssl-fips satisfies the lib-openssl requirement of minishlink/web-push but Composer is unaware, you can help Composer by telling it that the library (a platform package) exists.

    This works by using the --ignore-platform-req option with the argument of the undetected library:

    php composer.phar update --ignore-platform-req lib-openssl

    Composer then ignores this specific platform requirement so that it won't hinder to detect the installable set of packages.