-
-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cannot build rubies 2.6.x, 2.7.x and 3.0.x on Ubuntu 22.04 because they relies on openssl1.1 and Ubuntu now provides openssl3 #5209
Comments
I'd suggest we fix this by bumping the default gem for openssl to version 3 when Ruby 2.6-2.7 are installed on Ubuntu 22.04+. See https://bugs.ruby-lang.org/issues/18658 |
MacPorts and Homebrew also encounter this issue. |
PR is welcome! |
for short term use: rvm pkg install openssl next
|
IDK if it may be useful but, in Ubuntu 22.04, the In order to test, I removed completely rvm and reinstalled (to ensure it were fresh install). ruby version 3.1.2 worked correctly with no special workarounds and segmentation fault has gone. |
I concur - this is an LTS release also, so more people will encounter this as they are prompted to upgrade to it! |
@SCV-MatiasFazzolari Ruby 3.0 is also suffering from the same issue. Ruby 3.1 is properly requiring openssl 3, which is included on Ubuntu 22.04. |
right, rvm however does not have any available rubies for 3.1 branch, in my installation it lists the following:
and version:
|
Run |
So does it mean that there will be no more stable release anymore? right ? |
Wrong. But in this meanwhile, you have the option to get the latest, where newest ruby is present. |
I see. Thanks for the quick reply! |
I can't run the latest Ruby because reasons, and I don't want to faff about with openssl PPAs and manual symlinks. Either it works out of the box or it doesn't. If this is going to be sorted out soon then in the meantime I'll run an older Ubuntu in a virtual box. If it's not going to be sorted out then I think I'll abandon the RVM plus Capistrano ecology altogether and go down the Docker + AWS Containers route. Which I've been putting off as long as possible since 'cap production deploy' is so easy compared to a Docker deployment. Sigh |
As a comment mentions above, you can There's a ticket open to switch Ruby 3.0 to OpenSSL 3, which I think is a good idea, but it's not clear when or if that will happen. Ruby maintainers made a choice to support widely used older systems when there wasn't a clear way to have both versions of OpenSSL work. This is an upstream issue and a community supported project. @JohnSmall, I understand you don't want to be bothered fixing this even for just yourself, but I don't use RVM myself and am happy to pair with anyone who'd like to find Ubuntu's backport or work on crafting them. I get it it's frustrating for things to not work, but please be considerate of open source contributors and maintainers who are just volunteering time and owe you nothing. You're welcome to use RVM or not use RVM! |
A side note, but I think updating our statically compiled binaries for 22.04 would really help mitigate this for Ubuntu. Folk are saying the precompiled binary seems to work on 22.04, so it would be great to add aliases and definitions so that gets installed. |
Ok, finally I've backported You want, after
|
resolved my issue on Fedora 36 |
Me too on 3.0, except that openssl still has the LetsEncrypt ISRG cert in its bundle: require 'faraday'
Faraday.get('https://letsencrypt.org')
# /home/leason/.rvm/gems/ruby-3.0.4@atlas/gems/net-protocol-0.1.3/lib/net/protocol.rb:46:in `connect_nonblock': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (certificate has expired) (Faraday::SSLError) Any clues or workarounds? |
rvm install 2.6.2 There has been an error while running make. Halting the installation. Same issue, and this is using rvm master. |
my suggestion - use asdf instead. |
Thanks. ASDF is a much better install experience, but it has worse error messages that are somehow even more ambiguous; it also seems slower on my system. But I'm able to get things working locally, if I disable rdoc install, as that seems to be killing it after the ssl stuff is patched. On Ubuntu 20.04 this worked for me after I imploded rvm to get SOME of the versions of ruby I need installed to allow the code to be updated; But its insane IMHO that if you have too new a ruby version, that gemswill not work.
Thing is, rdoc install is a CRITICAL requirement for some gems and apps because back then that is used for inspection to look at and detect things; so simply doing the above or setting I'm still trying to get the ruby 1.8.7 version I need installed so I can start to upgrade code away from it, as I'm being told by rails compatibility guides that specific versions of ruby are explicitly required with many versions of rails. I remember being told that Ruby was about giving developers joy... and this has not been a joyful experience. |
Ruby does bring joy, but this isn't about the language. You are asking tools that did not exist few years ago to install unsupported version of a language that was released back when Windows 98 was still popular. Like hooking up an Oculus Quest on 20 years old PC. My best suggestion is you stick with Ubuntu 18.04 for anything below 2.4. 2.7 goes EOL soon as well. |
Thank you, I'm fully aware this is old stuff; I remember when Ruby was released in the 90's. I remember because I had multiple CRT's on my home workstation and I remember loading the announcement on one screen while looking at Linux kernel docs on the other. Rails is the big issue here; it wouldn't be so bad if all I had to do was update ruby to a new enough version, but because it's rails and Ruby doesn't like things that are "too new", that complicates things immensely; as a result I've had to plot out an update path based on googling that includes the dozen different versions of the languages, and I know that's not going to be everything.. so I'm understandably frustrated by this developer experience. It should also be noted that I'm also looking at go code that is also very old (2016), and it only needs to be made into a module by the addition of 2 files to be updated. That easy upgrade path is making me have a lot more respect for golang. |
This worked for me as well on Ubuntu 22.04. Thanks a lot. 👍 |
I'm being told that people are going out of their way to refix things that were previously broken on the upgrade path; I'm very thankful for that. I think it's critical from an engineering perspective that no matter the language, we be allowed to upgrade code out of older versions of things and maintain projects; If your working on things to allow this currently broken upgrade path to exist again in the future, I am thankful. |
This is still an issue for me: rvm reinstall all --force |
Worked for me on Ubuntu 22.04. Thanks!
|
The problem with the recommendations to use the rvm-local openssl install is that any gems (like the pg gem for postgresql) that compile native code and use openssl will wind up being incompatible with the ruby that is built with a different version of openssl and the ruby process will dump core when trying to fire up that gem. And I agree with others that point out that simply going to a newer version of ruby, especially if dependent on rails, is often not a practical solution - it requires immense time to test, adjust, etc, etc. This solution worked for me - applying a patch that simply makes the deprecation errors into warnings and allowing rvm to build a ruby that works with the system openssl install (and thus any native built gems work too). Its not a true fix. It will obviously break in some future release of openssl as these are deprecation warnings being ignored, but for the moment (ubuntu 22, openssl 3.0), this works. Note: someone already included the necessary patch as part of the rvm/ruby 2.5.9 install, but the patch should work with any version of ruby from 2.5.9 on (I use it with 2.6.5 and it's perfect). To build with the patch (which is included in the rvm downloads - reinstall/update rvm if it's missing), use the command:
Note: this assumes you are building ruby/rvm in your home directory - the patch file will exist whenever rvm is installed, so if using a different location for rvm, adjust above accordingly |
Still works <3 |
Using the --with-openssl-dir will only work if none of your gems depend on it. Per my earlier example, the pg gem for PostgreSQL will not build correctly or work at all if you do this as it has to be built with the same OpenSSL version that ruby was built with. If none of your gems use/link/build against openssl, then just building with the --with-openssl-dir option will work. But it will fail and you'll need to drop back to the patch I mentioned in the previous article if any gems use/build with openssl too |
@gduprey unfortunately this patch does not work for ruby |
Here is patch for 2.4 if somebody needs it https://gist.github.com/pavels/f6a8cd7e33d3d5a3125308fa6a429367 |
For people using Linux Mint 21, |
I'm currently using Linux Mint 21.3, and the |
…ibility error: > LoadError: cannot load such file -- openssl rvm/rvm#5209 Also updated Chrome drive to `119.0.6045.105`
…0, and Ruby 3.0 Droped Ruby 3.0 to fix rvm / Ubuntu 22 / openssl 1 incompatibility error: > LoadError: cannot load such file -- openssl See rvm/rvm#5209 for more Updated gems: - Updated `selenium-webdriver` to latest to resolve a test error - Updated puma gem to fix rack 3 incompatibility - Updated mocha gem to fix Minitest incompatibility: > NameError: uninitialized constant MiniTest Updated travis configuration: - Update travis to Ubuntu jammy to fix node error: > node: /lib/x86_64-linux-gnu/libm.so.6: version `GLIBC_2.27' not found (required by node) - Updated Node (in travis) to 18 - Updated Chrome installation on travis to use addon to fix version mismatch Other fixes: - Fixed/removed some outdated config settings - Fixed Rubocop warning by using `delete_prefix!` - Ignored rubocop warning for Ruby 3.1 hash syntax - Fixed error trying to deserialize certain unsafe classes via YAML: > Psych::DisallowedClass: Tried to load unspecified class: ActiveSupport::TimeWithZone - Removed `coveralls` (code coverage reporter), which is unmaintained and throwing an error: > OpenSSL::SSL::SSLError > SSL_connect returned=1 errno=0 peeraddr=104.26.4.137:443 state=error: no protocols available Note that a few tests deserialize blank strings as an empty string in dev and as a one character whitespace string (`"\s"`) on travis. I tried stripping the end-of-line spaces to make the tests behave the same in both environments, but that didn't work for some reason. So expect tests to pass on travis, but possibly not in a dev env.
Hey guys, sudo dnf install openssl1.1-devel --allowerasing
rvm autolibs disable
rvm requirements
rvm install 2.7.2 --with-openssl-dir=$HOME/.rvm/usr In summary, I forced installing openssl1.1-devel and made rvm skip checking requirements on fedora. Otherwise, rvm kept asking to install openssl-devel, which will refer to openssl3 that will break the compilation of older versions of ruby. Cheers, |
Just to be clear to anyone else who comes across this issue, the fixes above will make your project work under Ruby 2.7 but you should really be updating to at least Ruby 3.1 because 2.7 has been EOL for a year now and 3.0 is EOL as of 1st April 2024 (see https://www.ruby-lang.org/en/downloads/branches/). By using these old ruby versions you may be putting your users at risk. |
This is what worked for me. (it was a ubuntu 22.04 wsl2 in windows)
|
If installed from ubuntu_rvm this is the receipt: rvm pkg install openssl
rvm install 3.0.0 -C --with-openssl-dir=/usr/share/rvm/usr/ |
Description
Cannot build rubies 2.6.x and 2.7.x on Ubuntu 22.04 because they relies on
openssl1.1
and Ubuntu 22.04 now providesopenssl3
.Steps to reproduce
rvm
on Ubuntu 22.04.rvm install 2.7.6
.Expected behavior
It compiles and install.
Actual behavior
It fails during install with
cannot load such file -- openssl (LoadError)
:Environment info
The text was updated successfully, but these errors were encountered: