search

oneclick / rubyinstaller

RubyInstaller for Windows - Build recipes
http://rubyinstaller.org
BSD 3-Clause "New" or "Revised" License
1.19k stars 303 forks source link

Request for newer OpenSSL libraries in 1.8.7 installer #394

Open pjcampo opened 5 years ago

pjcampo commented 5 years ago

NOTE: This project is for Ruby version 2.3 and older. For Ruby versions >= 2.4 please file an issue here.

What problems are you experiencing?

TLS1.2 not supported in the Ruby 1.8.7 installer which is compiled with OpenSSL 1.0.0k. I was wondering if it would be possible to release a 1.8.7 installer which is compiled with a newer version of OpenSSL libraries. (I have been trying to compile myself with no success as of yet).

Steps to reproduce

Try to open a URL which requires TLS1.2

What's the output from ruby -v?

ruby 1.8.7 (2013-06-27 patchlevel 374) [i386-mingw32]

larskanis commented 5 years ago

Ruby-1.8 is out of maintenance since 5 years! Please update to ruby-2.4 or newer.

RubyInstaller-2.4 ships with OpenSSL-1.0.2 which supports TLS-1.2 and RubyInstaller-2.5+ ships with OpenSSL-1.1.1 and support for TLS-1.3.

MSP-Greg commented 5 years ago

As Lars mentioned, but also check the code at:

https://github.com/ruby/ruby/blob/v1_9_3_551/ext/openssl/ossl_ssl.c#L102-L123

The last release of Ruby 1.9.3 didn't support TLSv1.1 or TLSv1.2. Hence, along with the OpenSSL library issue, you would also have to change the std-lib OpenSSL code.