ruby - 为什么我们需要单独的openssl.rb文件？(Why do we need separate openssl.rb file?)

Question

I want to understand why we need openssl.rb in bitcoin-ruby project.

(我想了解为什么我们在比特币-红宝石项目中需要openssl.rb 。)

Is Ruby SSL implementation not enough?

(Ruby SSL实施还不够吗？)

  ask by HardFork translate from so

Answer 1

You're right the core ruby has openssl as std-lib.

(您说得对，核心ruby具有openssl作为std-lib。)

However, if you want to insure that a gem works as expected, you want to have it's dependencies tested against current versions of the gem so that when you do gem install bitcoin-ruby it will install a tested dependency chain.

(但是，如果要确保gem能够按预期工作，则需要针对其当前版本对它的依赖项进行测试，以便在执行gem install bitcoin-ruby ，它将安装经过测试的依赖项链。)

Otherwise, how can you be sure the version of core ruby SSL has not changed something which might break the installed version of bitcoin-ruby ?

(否则，如何确定核心ruby SSL的版本未更改某些可能破坏已安装的bitcoin-ruby版本的内容？)

Here first part of std-lib core version of ruby 2.3

(这里是ruby 2.3的std-lib核心版本的第一部分)

module OpenSSL
  class Digest

    alg = %w(DSS DSS1 MD2 MD4 MD5 MDC2 RIPEMD160 SHA SHA1)
    if OPENSSL_VERSION_NUMBER > 0x00908000
      alg += %w(SHA224 SHA256 SHA384 SHA512)
    end

Here is gem version for ruby 2.4.1

(这是Ruby 2.4.1的宝石版本)

module OpenSSL
  class Digest

    alg = %w(MD2 MD4 MD5 MDC2 RIPEMD160 SHA1 SHA224 SHA256 SHA384 SHA512)
    if OPENSSL_VERSION_NUMBER < 0x10100000
      alg += %w(DSS DSS1 SHA)
    end

So right away we can see some different algorithm definitions.

(因此，马上我们可以看到一些不同的算法定义。)

Not locking a bundle gem version would be a bad idea, especially for something as important as cryptography in bitcoin.

(不锁定捆绑的gem版本将不是一个好主意，特别是对于像比特币加密这样重要的事情而言。)