From: "schneems (Richard Schneeman)" Date: 2022-04-13T16:07:06+00:00 Subject: [ruby-core:108220] [Ruby master Bug#18658] Need openssl 3 support for Ubuntu 22.04 (Ruby 2.7.x and 3.0.x) Issue #18658 has been updated by schneems (Richard Schneeman). > After that, I can use gem install rails or anything as usual. Thank you for the idea Mame. I think that would maybe not work with people using `bundle exec` to load their program as that gem is not on the load path, but I could consider compiling without openssl and then detecting and requiring customers to add that gem to their Gemfile via logic in the buildpack. I'm assuming that if someone adds that gem to their buildpack all other gems depending on openssl would "just work" even if Ruby is not compiled with openssl support? It sounds like that is the case. I am curious about the difference between https://github.com/ruby/ruby/tree/master/ext/openssl and https://github.com/ruby/openssl. I do not fully understand the cost or difficulty of maintaining openssl support in Ruby. On the surface it seems that they are the same. I am curious if there is a deeper issue preventing using the newer version in Ruby 2.7 and 3.0? > Ubuntu backported openssl-3.0.0 for their ruby3.0 package. We've compiled with patches before, but generally want to run "stock" ruby as much as possible to minimize surprises for developers as well as to decrease support surface area. Right now if there's a bug in compilation it's my problem, or with the setup via the build pack it is my problem if there's a bug in Ruby it's reported upstream. When I start to diverge from upstream Ruby it introduces possibility of a case where my patch introduced the bug. Its not off the table for me, but I want to make sure that I can provide a sustainable and stable experience for customers. It's good to know that I could use Ubuntu's patch and mirror their support. That would be less burdeon and confusion. One of my other options is to just not support anything before Ruby 3.1 on Ubuntu 22.04 on Heroku as I want to encourage people to upgrade to more recent Rubies as well. ---------------------------------------- Bug #18658: Need openssl 3 support for Ubuntu 22.04 (Ruby 2.7.x and 3.0.x) https://bugs.ruby-lang.org/issues/18658#change-97206 * Author: schneems (Richard Schneeman) * Status: Open * Priority: Normal * Assignee: rhenium (Kazuki Yamaguchi) * ruby -v: 3.0 * Backport: 2.6: UNKNOWN, 2.7: UNKNOWN, 3.0: UNKNOWN, 3.1: UNKNOWN ---------------------------------------- Ubuntu 22.04 is being released soon and ships with openssl 3. As of now Ruby 2.7.x and 3.0.x are under core support and will not build on Ubuntu 22.04 with openssl (Ruby 3.1.x can compile). When attempting to compile 3.0.3 on Ubuntu 22 it issues this warning: ``` *** Following extensions are not compiled: openssl: Could not be configured. It will not be installed. /ruby-3.0.3/ext/openssl/extconf.rb:113: OpenSSL >= 1.0.1, < 3.0.0 or LibreSSL >= 2.5.0 is required Check ext/openssl/mkmf.log for more details. ``` Here are some existing issues/PRs that I could find: - https://github.com/ruby/openssl/issues/369 - https://github.com/ruby/openssl/pull/399 Ideally I would like to compile and support all non-EOL Ruby versions for Ubuntu 22 on release day. Are there any plans to backport support for OpenSSL 3 to Ruby 3.0 and 2.7? -- https://bugs.ruby-lang.org/ Unsubscribe: