clients icon indicating copy to clipboard operation
clients copied to clipboard

Published 20 hours ago verified publisher icon bitwarden

Error: DSO support routines:dlfcn_load:could not load the shared library

Open betuxy opened this issue 2 years ago • 2 comments

Steps To Reproduce

podman run --rm -it ubuntu bash 0. apt update && apt install nodejs npm

  1. npm install -g @bitwarden/cli
  2. bw login
  3. bw get template item | jq ".organizationId="XXXX-XX-XX-XXXX-XXXXXXXX" | .name="user_test1" | .login=$(bw get template item.login | jq '.password="password"')" | bw encode | bw create item

Expected Result

Confirmation of item creation.

Actual Result

(node:7921) UnhandledPromiseRejectionWarning: Error: error:25066067:DSO support routines:dlfcn_load:could not load the shared library at Object.privateDecrypt (internal/crypto/cipher.js:63:12) at NodeCryptoFunctionService.rsaDecrypt (/usr/local/lib/node_modules/@bitwarden/cli/build/bw.js:31817:58) at CryptoService. (/usr/local/lib/node_modules/@bitwarden/cli/build/bw.js:13677:47) at Generator.next () at fulfilled (/usr/local/lib/node_modules/@bitwarden/cli/build/bw.js:13131:58) (node:7921) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag --unhandled-rejections=strict (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1) (node:7921) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

Screenshots or Videos

No response

Additional Context

First I tried it on my Fedora Laptop with the static binary which didn't work, then I switched over to the Container to test another Os.

I found a similar Error in another project where they recommended to comment out: providers = provider_sect in the openssl.cnf which solves this problem IF you work with the npm installed package. The bw-cli standalone did not work either way.

Operating System

Linux

Operating System Version

Ubuntu 22.04.1 LTS

Shell

Bash, Zsh

Build Version

2022.8.0

betuxy avatar Sep 08 '22 12:09 betuxy

Hi, @betuxy. I haven't been able to reproduce this using an Ubuntu container with Podman.

I was, however, getting a different error when attempting to run the command provided in your example, and it seemed to be related to a shell quoting issue. I replaced the bash subshell you were using for the .login=$() bit, and the below worked to create a new vault item:

PASSWORD=$(bw get template item.login | jq '.password="password"') bw get template item | jq '.organizationId="XXXX-XX-XX-XXXX-XXXXXXXX" | .name="user_test1" | .login=env.PASSWORD | .notes="" | .login.uris=[{"uri":"https://www.bitwarden.com"}]' | bw encode | bw create item

I don't think jq supports running a nested bash subshell, as far as I can tell anyway, which is what was causing the error I was getting. Could you try creating the item that way and let us know if you're still getting the error?

tangowithfoxtrot avatar Sep 20 '22 20:09 tangowithfoxtrot

@tangowithfoxtrot - Hey, unfortunately, this didn't resolve the Error:

root@60007119b108:/# PASSWORD=$(bw get template item.login | jq '.password="password"') bw get template item | jq '.organizationId="XXXX-XXXX-XXX" | .name="user_test1" | .login=env.PASSWORD | .notes="" | .login.uris=[{"uri":"https://www.bitwarden.com"}]' | bw encode | bw create item
(node:7873) UnhandledPromiseRejectionWarning: Error: error:25066067:DSO support routines:dlfcn_load:could not load the shared library
    at Object.privateDecrypt (internal/crypto/cipher.js:63:12)
    at NodeCryptoFunctionService.rsaDecrypt (/usr/local/lib/node_modules/@bitwarden/cli/build/bw.js:31875:58)
    at CryptoService.<anonymous> (/usr/local/lib/node_modules/@bitwarden/cli/build/bw.js:13825:47)
    at Generator.next (<anonymous>)
    at fulfilled (/usr/local/lib/node_modules/@bitwarden/cli/build/bw.js:13290:58)
(node:7873) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1)
(node:7873) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

Also the nesting should be fine It did work with the fix.

betuxy avatar Sep 21 '22 05:09 betuxy

@betuxy you write "this didn't resolve the Error", but also "It did work with the fix". I'm confused: did you get it working? Then what was the fix?

@tangowithfoxtrot in your attempt to reproduce it, did you actually test with an item that is part of an organization?

We also face this problem, with a bw-cli image based on Ubuntu, and an item in an organization for which we want to upload a new attachment. The command that we use:

bw create attachment --itemid XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX --file ./my-attachment.txt

Error message:

error:25066067:DSO support routines:dlfcn_load:could not load the shared library

mdraijer avatar Oct 24 '22 09:10 mdraijer

This seems to be a environment issue with some node.js versions not correctly loading the openssl libraries. Some more details can be found in this discussion thread https://github.com/nodejs/node/discussions/43184.

We depend on the native node crypto libraries for doing cryptographic operations, which is needed to perform certain operations.

Hinton avatar Oct 24 '22 17:10 Hinton

Thanks. Indeed I could solve it for our situation by adding this to the Dockerfile in which we create our image with the bw cli:

RUN sed -ibak 's|providers = provider_sect|# comment out based on https://github.com/nodejs/node/discussions/43184: providers = provider_sect|' /etc/ssl/openssl.cnf

mdraijer avatar Oct 25 '22 06:10 mdraijer

@mdraijer - sorry if I wasn't clear enough. Changing the templating suggested here https://github.com/bitwarden/clients/issues/3466#issuecomment-1252842584 didn't work, however the "comment out: providers = provider_sect in the openssl.cnf " part in my Additional Context part of the description worked.

betuxy avatar Oct 25 '22 08:10 betuxy

We need more information before we can help you with your problem. As we haven’t heard from you recently, this issue will be closed.

If this happens again or continues to be an problem, please respond to this issue with the information we’ve requested and anything else relevant.

github-actions[bot] avatar Nov 10 '22 05:11 github-actions[bot]

commenting this line: providers = provider_sect

in /etc/ssl/openssl.cnf "fixies" this bug in Ubuntu 22.04. It's broken in "Native Executable" and "Snap" version for Linux.

onovy avatar Jan 05 '23 20:01 onovy

another workaround is reverting snap version to older one: $ snap revert bw

2022.10.0 version works fine.

onovy avatar Jan 05 '23 20:01 onovy