Local openssl for old rubies #1476
Conversation
So the certs will stay up-to-date in case they are changed in the system.
makandra-stefan-langenmaier
changed the title
|
I would love this. Would make compiling older rubies on Ubuntu a lot easier. |
|
Tested this and it works great. 👍 I did notice that Ruby 2.0.0-p648 is missing the openssl line for Linux and should probably be included. Ideally, all the older ones too, but I'm okay if it's just the latest versions of the old Rubies. |
|
Nice work! |
|
We absolutely need this! Thanks a lot! |
|
FWIW, I have a similar branch at master...eregon:ruby23-openssl-linux. Note that a previous PR doing a similar approach ended up being rejected: #1397 (review) I think the main thing that changed since then is all recent Linux distributions don't have a way to install OpenSSL 1.0.0 anymore, so it's very inconvenient to manually download and compile OpenSSL 1.0.0. So I think what we should do is just extend the logic to deal with the slightly different certificate paths on Linux, as done in master...eregon:ruby23-openssl-linux, and then rename |
|
I'm closing that pull request as the solution caused more problems for us in the long-term and I wanted to reduce possible confusion for others. The issues were not only with Ruby but also other gems that use openssl. |
Is it the issue that some gems like database gems (mysql2, pg) link to a system library (e.g., installed by a package manager) and those libraries link against the system libssl, and then the Ruby process ends up loading 2 versions of libssl, which usually segfaults? |
Hi!
We have problems with missing openssl-1.0 for older Ruby versions in newer distribution and I saw multiple other issues here with a similar topic.
As I saw, there are alreay local openssl installs used for Macs, I thought this could also be used for older Ruby versions.
Let me know if this could be an approach for Linux without the correct openssl installed. Feedback is welcome.
Best regards,
Stefan