ruby-core

Issue #13771 has been updated by MSP-Greg (Greg L).


nobu (Nobuyoshi Nakada) wrote:
> I think that it can happen even if both are installed as gems.

True.  But if digest is a gem, one can uninstall then (re)install to change to the newer OpenSSL version.  As 'base' code, that can't easily be changed.

How to convey the issues to people unfamiliar with OpenSSL is also a concern.

I haven't looked to see how similar OpenSSL::Digest is to Digest, nor do I know if one could be aliased to the other...

Again, thanks for your work.

----------------------------------------
Misc #13771: Digest, Ruby OpenSSL, OpenSSL v1.1.0
https://bugs.ruby-lang.org/issues/13771#change-65954

* Author: MSP-Greg (Greg L)
* Status: Assigned
* Priority: Normal
* Assignee: hsbt (Hiroshi SHIBATA)
----------------------------------------
A thanks to everyone involved in 'gemifying' ruby.

As I've mentioned before, I'm a windows user, and not a c type.

Where I noticed potential issues is that std-lib openssl is a gem, but std-lib digest is not.  Hence, thru system updates, the two std-libs could be using different versions of OpenSSL...

Would 'gemifying' digest help with this?

Note - in 2.4 stable, both libraries can be built with 1.1.0.  2.3 stable cannot, but will install a current openssl gem, and the system package library (MSYS2/MinGW) could have been updated to 1.1.0.  I ask this mostly because 2.3 might have an extended life...





-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>