Feature #4556

Please add option which enable SSLv2 support

Added by Nobuhiro Iwamatsu 11 months ago. Updated 10 months ago.

[ruby-dev:<unknown>]
Status:Closed Start date:04/06/2011
Priority:Normal Due date:
Assignee:- % Done:

100%
Category:-
Target version:-

Description

SSLv2 becomes disabled in much environment, because this has several vulnerabilities. This patch disable SSLv2 in Ruby. If user want to use SSLv2 in ruby, you need config with --enable-opensslv2. The SSLv2 support is disable by default.

0001-Add-option-which-enable-SSLv2-support.patch (1.7 kB) Nobuhiro Iwamatsu, 04/06/2011 12:58 pm

0001-Add-option-which-enable-SSLv2-support.patch (1.7 kB) Nobuhiro Iwamatsu, 04/06/2011 01:12 pm

Related issues

related to Backport92 - Backport #4861: Backport r31528 to 1.9.2 Closed 06/10/2011
duplicated by ruby-trunk - Bug #4562: [pull requested] ./config no-ssl2で作ったopensslとext/opensslが... Closed 04/08/2011

Associated revisions

Revision 31346
Added by Nobuhiro Iwamatsu 10 months ago

* ext/openssl/extconf.rb: Should check SSLv2_*method. openssl compiled with "no-ssl2" the extconf don't fail when running `make' having this compilation errors. Patched by Laurent Arnoud. fixes #4562, #4556

Revision 31346
Added by Nobuhiro Iwamatsu 10 months ago

* ext/openssl/extconf.rb: Should check SSLv2_*method. openssl compiled with "no-ssl2" the extconf don't fail when running `make' having this compilation errors. Patched by Laurent Arnoud. fixes #4562, #4556

History

#1
Updated by Nobuhiro Iwamatsu 11 months ago

Sorry, The first patch is broken. I attched new patch.

[ruby-dev:43386]#2
Updated by Nobuhiro Iwamatsu 11 months ago

Other patches exist.

https://github.com/spk/ruby/commit/dbe76bb2c83ed393c2aee09d6419b3d3062bbda3

#3
Updated by Nobuhiro Iwamatsu 10 months ago

  • Status changed from Open to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r31346. Nobuhiro, thank you for reporting this issue. Your contribution to Ruby is greatly appreciated. May Ruby be with you.

----------

  • ext/openssl/extconf.rb: Should check SSLv2_*method. openssl compiled with "no-ssl2" the extconf don't fail when running `make' having this compilation errors. Patched by Laurent Arnoud. fixes #4562, #4556

Also available in: Atom PDF