Ruby 1.8.7 and REE builds broken by SSL certificate failure

ms-ati · December 18, 2020, 3:59pm

Travis CI builds of Ruby 1.8.7 and REE appear to be fully broken by an SSL certificate issue.

This is not surprising, given their age. I would hazard a guess that fixing may require configuration of the most recent OpenSSL version they can be built with, potentially including patches, followed by installation of newer platform certificates.

Example failure message:

ruby-1.8.7-p371 - #generating default wrappers…
Using /home/travis/.rvm/gems/ruby-1.8.7-p371

** Updating RubyGems to the latest compatible version for security reasons. **
** If you need an older version, you can downgrade with ‘gem update --system OLD_VERSION’. **

$ gem install bundler -v ‘< 2’
ERROR: Could not find a valid gem ‘bundler’ (< 2), here is why:
Unable to download data from https://rubygems.org/ - hostname was not match with the server certificate (https://rubygems.org/specs.4.8.gz)
ERROR: While executing gem … (TypeError)
can’t modify frozen object
The command “gem install bundler -v ‘< 2’” failed and exited with 1 during .

Example build failure:

floehopper · December 23, 2020, 10:51am

I’m having the same problem.

BanzaiMan · December 23, 2020, 2:09pm

I am highly doubtful that these can be compiled with recent versions of OpenSSL that can use the certificates.

ms-ati · December 23, 2020, 3:37pm

Note: I would be equally satisfied if Travis CI were to clarify that Ruby 1.8.7 and ree are no longer supported?

khiav223577 · January 7, 2021, 6:30am

I’m having the same problem.

It seems travis_fold:start:install_bundler is broken.
raw log:

e[0Ktravis_fold:end:rvm
e[0Ktravis_fold:start:install_bundler
e[0Ktravis_time:start:072c452a
e[0K$ gem install bundler -v '< 2'
ERROR:  Could not find a valid gem 'bundler' (< 2), here is why:
          Unable to download data from https://rubygems.org/ - hostname was not match with the server certificate (https://rubygems.org/specs.4.8.gz)
ERROR:  While executing gem ... (TypeError)
    can't modify frozen object
travis_time:end:072c452a:start=1609997846431058838,finish=1609997846557437923,duration=126379085,event=
e[0Ke[31;1mThe command "gem install bundler -v '< 2'" failed and exited with 1 during .e[0m

Your build has been stopped.

And it is run before before_install. I have no chance to run my patch:

before_install:
  - if `ruby -e 'exit(RUBY_VERSION.to_f < 2.7)'`; then
      gem i rubygems-update -v '< 3' && update_rubygems;
      gem install bundler -v '< 2';
    fi

BanzaiMan · January 7, 2021, 8:06pm

I am sorry, but I don’t think 1.8.7 or REE can reasonably interact with rubygems.org at this point.

Using a C job and a Precise image, you can use Ruby 1.8.7 (and probably REE), but you can’t coerce it to communicate with it.

https://travis-ci.com/github/BanzaiMan/com_testing/builds/212391477#L158

ms-ati · January 7, 2021, 8:56pm

Can we ask Travis CI simply to remove 1.8.7 and REE at this point, since their inability to communicate with Rubygems renders them unusable?

native-api · January 9, 2021, 3:36pm

It can, if you insert a proxy that forges TLS certificates and supports the older TLS version…

But since this version is effectively unusable in today’s Internet, why do you even support it in your project?