Support OpenSSL 1.0 and 1.1

[gilles-bertrand]

After installation on ubuntu.
I receive this message and notion don't start.

error while loading shared libraries: libssl.so.10: cannot open shared object file: No such file or directory

Any idea why ?

[dherman]

Thanks so much for the report and for the discussions on Discord! We've verified that we can build a working Notion on Ubuntu from source. So the workaround for now is to build from source.

Since then, I've talked with the maintainers of the Rust libraries that use OpenSSL and it appears the issue is that I built the Linux version on RHEL 6, which has OpenSSL 1.0, and OpenSSL 1.1 broke ABI compatibility with 1.0. So more modern distros can't load it.

The two options we have here are to statically link OpenSSL with Notion or to expand our release matrix to support OpenSSL 1.0 for older Linuxes and OpenSSL 1.1 for newer Linuxes.

The benefit of static linking is portability, but that means Notion can't get security fixes to OpenSSL unless Notion itself gets updated. So a truly secure distribution of a statically linked Notion would require some kind of automatic self-updating mechanism. We might want to do that eventually but at least for now I don't think we want to tackle that.

For now, I think the best solution is to support two Linux builds, one with OpenSSL 1.0.x compatibility and one with OpenSSL 1.1.x compatibility. The installer script should be able to detect the version of OpenSSL supported on the current machine (using ldconfig) and use that to decide which binary to download.

[ltomes]

The readme for notion, and the getting started guide referenced don't explain building from source.

How is one supposed to build from source for ubuntu at this time?

[john-landgrave]

Notion came across my news feed this passed weekend and I was really excited because it seems to perfectly solve a problem my team and I have, but this is a deal-breaker. Any thoughts on moving forward with this?

[charlespierce]

@ltomes I just opened notion-cli/docs#1 to add instructions for building from source to the Contributing docs.

@john-landgrave This issue was actually resolved recently in #270, we now have pre-built versions for both OpenSSL 1.0 and OpenSSL 1.1, and the installer will dynamically detect which version you need when it is run. Let us know if this helps your team!

[ltomes]

Thanks for adding that @charlespierce, I will give this another go.

[redders6600]

@charlespierce - my team seems to be having problems installing if they're on 16.04, but those of us on 18.04 are fine.

[charlespierce]

@redders6600 Are the problems with the install process, or with running Notion after it has been installed on 16.04? If you have a chance, could you run openssl version on one of the computers having the problem, and report what the output is? Thanks!

[ltomes]

@redders6600 I ended up building (Notion 0.2.0) from source for Ubuntu 16.04.5 LTS.
That worked fine even though a direct install failed.

@charlespierce

▸ openssl version
OpenSSL 1.0.2g  1 Mar 2016

I will try an install now that 0.2.1 is out

[charlespierce]

@ltomes Thanks! Let us know if the 0.2.1 installer works, and if not, what issues you see.

@dherman Is it possible that OpenSSL 1.0.1 and 1.0.2 are incompatible with one another, so that we would need to compile against those as different versions of OpenSSL as well?

[ltomes]

The 0.2.1 installer does install without listing errors

curl -sSLf https://get.notionjs.com | bash
    Checking for existing Notion installation
    Fetching Linux installer
######################################################################## 100.0%
########################################################################
100.0%
    Creating Notion directory tree (/home/<user>/.notion)
   Unpacking `notion` executable and shims
     Editing user profile
Warning: Your profile (/home/<user>/.bashrc) already mentions Notion and
has not been changed.

    Finished installation. Open a new terminal to start using Notion!

But seems to have issues:

▸ notion --version
/home/<user>/.notion/notion: /lib/x86_64-linux-gnu/libcrypto.so.10: version `libcrypto.so.10' not found (required by /home/<user>/.notion/notion)
/home/<user>/.notion/notion: /lib/x86_64-linux-gnu/libcrypto.so.10: version `OPENSSL_1.0.1_EC' not found (required by /home/<user>/.notion/notion)/home/agosto/.notion/notion: /lib/x86_64-linux-gnu/libssl.so.10: version
`libssl.so.10' not found (required by /home/<user>/.notion/notion)

Let me know if you want me to try anything before I compile from source.

[charlespierce]

@ltomes Thanks for posting that, it looks like there are incompatibilities between OpenSSL 1.0.1 and OpenSSL 1.0.2 . We'll likely have to create a new build and have the installer consider that case as well.

[redders6600]

@fullas was the user having problems - I'll ask him to post here!

[charlespierce]

We actually did a deep dive on the OpenSSL issues and worked them out for the majority of Linux cases: There are 2 primary versions of the shared library file, associated with OpenSSL 1.0.X and OpenSSL 1.1.X. Additionally, RHEL / CentOS seem to use their own naming scheme and only support OpenSSL 1.0.X at the moment. We build Volta against all 3 and the installer is smart enough to detect which version needs to be installed, so these issues should be resolved for the major Linux distros.

[agosto-levitomes]

Woot. I'll try to rebuild sometime this week!

[jeremyckahn]

I am experiencing this issue on Ubuntu 22.04. Here's what I'm seeing:

$ curl https://get.volta.sh | bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 12319  100 12319    0     0  52975      0 --:--:-- --:--:-- --:--:-- 53099
  Installing latest version of Volta (1.0.7)
    Checking for existing Volta installation
    Fetching archive for Linux, version 1.0.7
######################################################################## 100.0%
    Creating directory layout
  Extracting Volta binaries and launchers
    Finished installation. Updating user profile settings.
/home/jeremyckahn/.volta/bin/volta: error while loading shared libraries: libssl.so.1.1: cannot open shared object file: No such file or directory

[jeremyckahn]

I just tested the curl https://get.volta.sh | bash install method on a fresh Ubuntu 20.04 install, and it worked perfectly. It appears that this issue has been reintroduced in Ubuntu 22.04.

[charlespierce]

@jeremyckahn I think that's actually a different issue #1150, which should be resolved by version 1.0.7. Can you share the output of openssl version? That's what the install script uses to determine which pre-built binary to build. It looks like the install script is downloading the version linked against OpenSSL 1.1.x, but then isn't able to find that version when it actually goes to install, which is quite odd.

[jeremyckahn]

@charlespierce Indeed, this seems to be a dupe of #1150. Thanks for pointing me in the right direction!

Can you share the output of openssl version?

$ openssl version
OpenSSL 1.1.1n  15 Mar 2022

I will take this conversation over to #1150.