TruffleRuby - determine openssl config flags

[MSP-Greg]

Good day.

With MRI Ruby, if the build used a config flag for openssl, it appears in RbConfig::CONFIG['configure_args'].

Related to the common situation where people have more than one OpenSSL install on macOS, we will be changing Puma's extconf.rb file to ignore openssl.pc if openssl is contained in RbConfig::CONFIG['configure_args']. Not a perfect check, but it works with standard installations.

Can a similar check be done with TruffleRuby? We had an issue where Puma was linking to the wrong OpenSSL to link to in GitHub Actions CI...

[MSP-Greg]

Looking over a few pre-built files, it seems that many vendor the openssl files, so in extconf.rb we added

Dir.exist?("#{RbConfig::TOPDIR}/src/main/c/openssl") # TruffleRuby

One can still use --with-openssl-dir, we're trying to avoid forcing users to do so.

Closing.

[eregon]

There is #3170 to track this.
Doing it breaks installing grpc, so we'd need to find a workaround so it still works for grpc.

[eregon]

@MSP-Greg https://github.com/ruby/openssl/pull/653/files is the better workaround until this is added in configure_args

[eregon]

This will be fixed by #3343.

[eregon]

#3343 merged.
@MSP-Greg If you used any workaround for this issue, could you revert them if the CI uses truffleruby-head? They won't be needed anymore in that case.

[eregon]

I found https://github.com/puma/puma/blob/master/ext/puma_http11/extconf.rb#L16.
However I think we need to wait for the 24.0 release to remove that because the Puma CI tests against the latest truffleruby release, not just head (which is useful), and notably on ubuntu 20.04 where there are multiple libssl installed (IIRC).
I added a reminder for myself to do it then.

[MSP-Greg]

@eregon

Sorry for not including more info here. Everything works fine on Ubuntu. The problem is macOS, where TruffleRuby (not head) is tested. Without the above fix in extconf.rb, below is what happens:

truffleruby 23.1.1, like ruby 3.2.2, Oracle GraalVM Native [x86_64-darwin]
RUBYOPT: -r/Users/runner/.rubies/truffleruby-23.1.1/lib/mri/bundler/setup
                         Puma::MiniSSL                   Ruby OpenSSL
OPENSSL_LIBRARY_VERSION: OpenSSL 1.1.1w  11 Sep 2023     OpenSSL 1.1.1w  11 Sep 2023
        OPENSSL_VERSION: OpenSSL 3.1.3 19 Sep 2023       OpenSSL 1.1.1w  11 Sep 2023

Puma compiles with OpenSSL 3.1.3, but at runtime uses 1.1.1w. The log is here.

JFYI, years ago I started watching extension gems re Windows. Now, it's a bit more general, but users have all sorts of problems compiling EventMachine and Puma on macOS where they've got both OpenSSL 1.1.1 and OpenSSL 3.x installed.

Hence, using config info embedded in the Ruby build seems like a good solution, as opposed to forcing users to config OpenSSL with gem build options...

[MSP-Greg]

@eregon

Just checked the 'head' build, thanks for the fix.

RbConfig::CONFIG['configure_args']:
  '--with-openssl-dir=/usr/local/opt/openssl@1.1'
  '--with-libyaml-dir=/usr/local/opt/libyaml'