| Summary: | dev-lang/ruby:2.4 fails to build against openssl-1.1 when OpenSSL built with "disable-deprecated" | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Lars Wendler (Polynomial-C) (RETIRED) <polynomial-c> |
| Component: | Current packages | Assignee: | Gentoo Ruby Team <ruby> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | candrews, dschridde+gentoobugs, mike, pbrilius, quentin, thomas.bettler |
| Priority: | Normal | Keywords: | PullRequest |
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| See Also: | https://github.com/gentoo/gentoo/pull/10607 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | |||
| Bug Blocks: | 669514 | ||
| Attachments: |
build.log
ruby-2.4.2-openssl-1.1.patch ruby-2.4.2-openssl-1.1.patch |
||
(In reply to Lars Wendler (Polynomial-C) from comment #0) > Please note that installed openssl-1.1 has been compiled with all deprecated > features being removed (--api=1.1.0)! Is this going to be the default for openssl 1.1? As far as I can tell from upstream information ruby:2.3 and ruby:2.4 should be compatible with openssl 1.1.x, but I assume that this means "including deprecated features". Will there be a USE flag to enable deprecated features? (In reply to Hans de Graaff from comment #1) > (In reply to Lars Wendler (Polynomial-C) from comment #0) > > > Please note that installed openssl-1.1 has been compiled with all deprecated > > features being removed (--api=1.1.0)! > > Is this going to be the default for openssl 1.1? > > As far as I can tell from upstream information ruby:2.3 and ruby:2.4 should > be compatible with openssl 1.1.x, but I assume that this means "including > deprecated features". Will there be a USE flag to enable deprecated features? We haven't decided yet if we include deprecated features or not. Looking at the state of most openssl consumers, I suppose it makes more sense to still include those features. But at some point new openssl versions will no longer ship deprecated features so I am trying to reach as many projects that use openssl as possible. Unfortunately adding a USE flag for these features cannot be done as that would change the API, which then would require changing the sub slot per USE flag setting. AFAIK that is not allowed because it would break metadata cache creation. Created attachment 498616 [details, diff]
ruby-2.4.2-openssl-1.1.patch
Patch by me, I will try to upstream it.
(In reply to Mark Wright from comment #3) > Created attachment 498616 [details, diff] [details, diff] > ruby-2.4.2-openssl-1.1.patch > > Patch by me, I will try to upstream it. https://github.com/ruby/openssl is the upstream for this (and from there it gets merged into dev-lang/ruby releases). (In reply to Hans de Graaff from comment #4) > https://github.com/ruby/openssl is the upstream for this (and from there it > gets merged into dev-lang/ruby releases). Thanks: https://github.com/ruby/openssl/pull/160 Created attachment 498654 [details, diff]
ruby-2.4.2-openssl-1.1.patch
Add conditional logic like the following for every change:
#if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L)
...
#else
...
#endif
*** Bug 646950 has been marked as a duplicate of this bug. *** *** Bug 656496 has been marked as a duplicate of this bug. *** Thanks everybody for working on this. Upstream has merged the patch from Mark so I gonna close this bug as fixed. Re-opening this because upstream in this case is the ruby-openssl repository and it is not clear if this will be backported to ruby 2.4 by upstream, so we may need to apply this patch ourselves instead. Today's ruby 2.4.5 release ships with ruby-openssl 2.0.9 which does not include this fix :-( (In reply to Hans de Graaff from comment #11) > Today's ruby 2.4.5 release ships with ruby-openssl 2.0.9 which does not > include this fix :-( According to the Git log, the fix is included in ruby-openssl 2.1.0 and newer, which was merged into Ruby Trunk and 2.5. I opened a request to also backport it to Ruby 2.4: https://bugs.ruby-lang.org/issues/15361 Keyword+=PATCH? Ruby 2.4.5 builds fine and all tests pass with dev-libs/openssl-1.1.1a: FEATURES="test" USE="rubytests" emerge =dev-lang/ruby-2.4.5 Therefore, this bug should not block bug 592438 - it should block bug 669514 instead (In reply to Repository mirror & CI services 2018-12-10 17:48:08 UTC): > See Also: https://github.com/gentoo/gentoo/pull/10607 Upstream has been notified about this patch: https://bugs.ruby-lang.org/issues/15361#note-1 (In reply to Dennis Schridde from comment #12) > Keyword+=PATCH? The patch included with this bug has been re-worked before it could be included upstream, and the reworked patch does not apply to current 2.4.5 so some work is needed to get everything to line up first. The urgency is also lower now because ruby 2.4.5 does compile against openssl 1.1.0 with deprecations enabled, and this is most likely the version we will get in the gentoo tree. The patch I've included in https://github.com/gentoo/gentoo/pull/10607 works and applies cleanly. I took the upstream applied work from https://github.com/ruby/openssl/pull/160 and updated the patch so it applies cleanly. The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5b27f93e5092dfe11d47c4055a0e7bc35c238b4b commit 5b27f93e5092dfe11d47c4055a0e7bc35c238b4b Author: Craig Andrews <candrews@gentoo.org> AuthorDate: 2018-12-10 17:29:31 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2018-12-12 07:54:50 +0000 dev-lang/ruby: 2.4.5-r1 for OpenSSL 1.1 "disable-deprecated" Closes: https://bugs.gentoo.org/614760 Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Craig Andrews <candrews@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> dev-lang/ruby/files/2.4/012-openssl_1.1.patch | 339 ++++++++++++++++++++++++++ dev-lang/ruby/ruby-2.4.5-r1.ebuild | 229 +++++++++++++++++ 2 files changed, 568 insertions(+) |
Created attachment 469240 [details] build.log make[2]: Entering directory '/var/tmp/portage/dev-lang/ruby-2.4.1/work/ruby-2.4.1/ext/openssl' compiling openssl_missing.c compiling ossl.c ossl.c: In function ‘Init_openssl’: ossl.c:1026:5: warning: implicit declaration of function ‘OpenSSL_add_all_algorithms’ [-Wimplicit-function-declaration] OpenSSL_add_all_algorithms(); ^ ossl.c:1027:5: warning: implicit declaration of function ‘ERR_load_crypto_strings’ [-Wimplicit-function-declaration] ERR_load_crypto_strings(); ^ ossl.c:1028:5: warning: implicit declaration of function ‘SSL_load_error_strings’ [-Wimplicit-function-declaration] SSL_load_error_strings(); ^ In file included from ../.././include/ruby/ruby.h:36:0, from ../.././include/ruby.h:33, from ossl.h:17, from ossl.c:10: ossl.c:1063:67: warning: implicit declaration of function ‘SSLeay_version’ [-Wimplicit-function-declaration] rb_define_const(mOSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(SSLeay_versio ^ ../.././include/ruby/defines.h:94:53: note: in definition of macro ‘RB_GNUC_EXTENSION_BLOCK’ #define RB_GNUC_EXTENSION_BLOCK(x) __extension__ ({ x; }) ^ ../.././include/ruby/intern.h:857:21: note: in expansion of macro ‘rb_str_new_cstr’ #define rb_str_new2 rb_str_new_cstr ^ ossl.c:1063:55: note: in expansion of macro ‘rb_str_new2’ rb_define_const(mOSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(SSLeay_versio ^ ossl.c:1063:82: error: ‘SSLEAY_VERSION’ undeclared (first use in this function) _const(mOSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(SSLeay_version(SSLEAY_VERS ^ ../.././include/ruby/defines.h:94:53: note: in definition of macro ‘RB_GNUC_EXTENSION_BLOCK’ #define RB_GNUC_EXTENSION_BLOCK(x) __extension__ ({ x; }) ^ ../.././include/ruby/intern.h:857:21: note: in expansion of macro ‘rb_str_new_cstr’ #define rb_str_new2 rb_str_new_cstr ^ ossl.c:1063:55: note: in expansion of macro ‘rb_str_new2’ rb_define_const(mOSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(SSLeay_versio ^ ossl.c:1063:82: note: each undeclared identifier is reported only once for each function it appears in _const(mOSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(SSLeay_version(SSLEAY_VERS ^ ../.././include/ruby/defines.h:94:53: note: in definition of macro ‘RB_GNUC_EXTENSION_BLOCK’ #define RB_GNUC_EXTENSION_BLOCK(x) __extension__ ({ x; }) ^ ../.././include/ruby/intern.h:857:21: note: in expansion of macro ‘rb_str_new_cstr’ #define rb_str_new2 rb_str_new_cstr ^ ossl.c:1063:55: note: in expansion of macro ‘rb_str_new2’ rb_define_const(mOSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(SSLeay_versio ^ make[2]: *** [Makefile:305: ossl.o] Error 1 Please note that installed openssl-1.1 has been compiled with all deprecated features being removed (--api=1.1.0)!