Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TruffleRuby - determine openssl config flags #3303

Closed
MSP-Greg opened this issue Oct 27, 2023 · 8 comments
Closed

TruffleRuby - determine openssl config flags #3303

MSP-Greg opened this issue Oct 27, 2023 · 8 comments
Assignees

Comments

@MSP-Greg
Copy link

Good day.

With MRI Ruby, if the build used a config flag for openssl, it appears in RbConfig::CONFIG['configure_args'].

Related to the common situation where people have more than one OpenSSL install on macOS, we will be changing Puma's extconf.rb file to ignore openssl.pc if openssl is contained in RbConfig::CONFIG['configure_args']. Not a perfect check, but it works with standard installations.

Can a similar check be done with TruffleRuby? We had an issue where Puma was linking to the wrong OpenSSL to link to in GitHub Actions CI...

@MSP-Greg
Copy link
Author

Looking over a few pre-built files, it seems that many vendor the openssl files, so in extconf.rb we added

Dir.exist?("#{RbConfig::TOPDIR}/src/main/c/openssl") # TruffleRuby

One can still use --with-openssl-dir, we're trying to avoid forcing users to do so.

Closing.

@eregon
Copy link
Member

eregon commented Oct 30, 2023

There is #3170 to track this.
Doing it breaks installing grpc, so we'd need to find a workaround so it still works for grpc.

@eregon
Copy link
Member

eregon commented Oct 30, 2023

@MSP-Greg https://github.com/ruby/openssl/pull/653/files is the better workaround until this is added in configure_args

@eregon
Copy link
Member

eregon commented Nov 30, 2023

This will be fixed by #3343.

@eregon eregon self-assigned this Nov 30, 2023
@eregon
Copy link
Member

eregon commented Dec 1, 2023

#3343 merged.
@MSP-Greg If you used any workaround for this issue, could you revert them if the CI uses truffleruby-head? They won't be needed anymore in that case.

@eregon
Copy link
Member

eregon commented Dec 1, 2023

I found https://github.com/puma/puma/blob/master/ext/puma_http11/extconf.rb#L16.
However I think we need to wait for the 24.0 release to remove that because the Puma CI tests against the latest truffleruby release, not just head (which is useful), and notably on ubuntu 20.04 where there are multiple libssl installed (IIRC).
I added a reminder for myself to do it then.

@MSP-Greg
Copy link
Author

MSP-Greg commented Dec 1, 2023

@eregon

Sorry for not including more info here. Everything works fine on Ubuntu. The problem is macOS, where TruffleRuby (not head) is tested. Without the above fix in extconf.rb, below is what happens:

truffleruby 23.1.1, like ruby 3.2.2, Oracle GraalVM Native [x86_64-darwin]
RUBYOPT: -r/Users/runner/.rubies/truffleruby-23.1.1/lib/mri/bundler/setup
                         Puma::MiniSSL                   Ruby OpenSSL
OPENSSL_LIBRARY_VERSION: OpenSSL 1.1.1w  11 Sep 2023     OpenSSL 1.1.1w  11 Sep 2023
        OPENSSL_VERSION: OpenSSL 3.1.3 19 Sep 2023       OpenSSL 1.1.1w  11 Sep 2023

Puma compiles with OpenSSL 3.1.3, but at runtime uses 1.1.1w. The log is here.

JFYI, years ago I started watching extension gems re Windows. Now, it's a bit more general, but users have all sorts of problems compiling EventMachine and Puma on macOS where they've got both OpenSSL 1.1.1 and OpenSSL 3.x installed.

Hence, using config info embedded in the Ruby build seems like a good solution, as opposed to forcing users to config OpenSSL with gem build options...

@MSP-Greg
Copy link
Author

MSP-Greg commented Dec 1, 2023

@eregon

Just checked the 'head' build, thanks for the fix.

RbConfig::CONFIG['configure_args']:
  '--with-openssl-dir=/usr/local/opt/openssl@1.1'
  '--with-libyaml-dir=/usr/local/opt/libyaml'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants