Ruby not finding new version of OpenSSL
TL;DRWhen OpenSSL changes, always recompile Ruby or the openssl native extension.
Why
Ruby compiles the OpenSSL version into the openssl native extension, even when it links to a shared OpenSSL library. Either reinstall Ruby or recompile the openssl extension to fix it.
$ ruby -ropenssl -e'puts OpenSSL::OPENSSL_VERSION'
OpenSSL 1.0.2e 3 Dec 2015
$ /usr/local/opt/openssl/bin/openssl version
OpenSSL 1.0.2g 1 Mar 2016
$ strings {{redacted}/ruby-2.3.0/lib/ruby/2.3.0/x86_64-darwin15/openssl.bundle | grep '1.0.2'
OpenSSL 1.0.2e 3 Dec 2015
$ otool -L {{redacted}}/ruby-2.3.0/lib/ruby/2.3.0/x86_64-darwin15/openssl.bundle
{{redacted}}/ruby-2.3.0/lib/ruby/2.3.0/x86_64-darwin15/openssl.bundle:
{{redacted}}/ruby-2.3.0/lib/libruby.2.3.0.dylib (compatibility version 2.3.0, current version 2.3.0)
/usr/local/opt/openssl/lib/libssl.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
/usr/local/opt/openssl/lib/libcrypto.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
/usr/lib/libz.1.dylib (compatibility version 1.0.0, current version 1.2.5)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1226.10.1)
/usr/local/opt/gmp/lib/libgmp.10.dylib (compatibility version 14.0.0, current version 14.0.0)
/usr/lib/libobjc.A.dylib (compatibility version 1.0.0, current version 228.0.0)
We use ruby-install and chruby. Instead of /opt/rubies
, we use /usr/local/rubies
to avoid sudo
. You can also sudo ln -s /usr/local/rubies /opt/rubies
if you don't want to bother setting RUBIES
for chruby.
brew install openssl && \
ruby-install ruby-2.3.0 \
--no-install-deps \
-- \
--without-X11 \
--without-tk \
--enable-shared \
--disable-install-doc \
--with-openssl-dir="$(brew --prefix openssl)"
Update
There's yet another constant which is derived from the actual, loaded OpenSSL library.
OpenSSL::OPENSSL_LIBRARY_VERSION
Ruby using wrong version of openssl
Installing OpenSSL with HomeBrew will not immediately link it as the default OpenSSL.
First, let's check which version are you using (on Jul 10, '15 the latest version is 1.0.2d):
openssl version -a
which openssl
ruby -r openssl -e 'puts OpenSSL::OPENSSL_VERSION'
Now, let's be sure to upgrade OpenSSL to the latest version:
brew update
brew install openssl
brew unlink openssl
brew link --force openssl
If you run the initial checks again, you should see the first 2 pointing to the newly installed OpenSSL. Ruby will most likely still point to the old one since it was compiled with it.
If it is pointing to the old version, let's recompile Ruby and point it to the new one. And just to be sure that it will use the correct version, let's pass the OpenSSL prefix -- although this shouldn't be needed since we linked homebrew's OpenSSL.
rvm get stable
rvm install ruby-2.1.6 --with-openssl-dir=`brew --prefix openssl`
(or rvm reinstall
if you're already using 2.1.6)
This should do it.
rvm can't compile ruby: fails openssl check
Upon closer review, I realized I had an openssl
directory (containing version 3) in /usr/local/include
and that was on the include path ahead of the directory I specfied with the --with-openssl-dir
option.
I fixed it by renaming /usr/local/include/openssl
to /usr/local/include/openssl_hideme
; after that, the extension compiler found the version I wanted.
I would have guessed that includes on the command line would be put in front of the path, but lesson learned.
Related Topics
Is Subclassing a User Model Really Bad to Do in Rails
Determine the Class to Which a Method Belongs in Rails
How to Increment/Decrement a Character in Ruby for All Possible Values
Call Before Methods in Model on Ruby
What's the Best Way to Implement Acls to a Rails Application
Getting the Siblings of a Node with Nokogiri
Running Heroku Console Does Not Start
Multiple Servers in a Single Eventmachine Reactor
Graphql::Client::Dynamicqueryerror Expected Definition to Be Assigned to a Static Constant
Limit Number of Pages in Will_Paginate
Rails 4 Activerecord Typeerror Nil Is Not a Symbol
Rails Script Segmentation Fault with Rvm
Rails 4.0.3 Generating Incorrect Asset Paths with Asset_Sync
Rails/Activerecord: Save Changes to a Model's Associated Collections