Bug #10046: OpenSSL::TestSSLSession#test_ctx_server_session_cb and OpenSSL::TestSSLSession#test_ctx_client_session_cb test failures - Ruby master - Ruby Issue Tracking System

Actions

Copy link

Bug #10046

closed

OpenSSL::TestSSLSession#test_ctx_server_session_cb and OpenSSL::TestSSLSession#test_ctx_client_session_cb test failures

Added by vo.x (Vit Ondruch) almost 10 years ago. Updated over 8 years ago.

Status:

Closed

Assignee:

Target version:

ruby -v:

ruby 2.1.2p95 (2014-05-08 revision 45877) [x86_64-linux]

Backport:

2.0.0: UNKNOWN, 2.1: DONE, 2.2: DONE

[ruby-core:63772]

Description

I observe following test failures in Fedora 21 and Rawhide:

  4) Error:
OpenSSL::TestSSLSession#test_ctx_server_session_cb:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server hello A: sslv3 alert handshake failure
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:351:in `connect'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:351:in `block (2 levels) in test_ctx_server_session_cb'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:346:in `times'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:346:in `block in test_ctx_server_session_cb'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/utils.rb:298:in `call'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/utils.rb:298:in `start_server'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:344:in `test_ctx_server_session_cb'
  5) Error:
OpenSSL::TestSSLSession#test_ctx_client_session_cb:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server hello A: sslv3 alert handshake failure
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:294:in `connect'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:294:in `block in test_ctx_client_session_cb'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/utils.rb:298:in `call'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/utils.rb:298:in `start_server'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:290:in `test_ctx_client_session_cb'

I believe, that I observer these failures since openssl-1.0.1h-5.fc21 was build. From the changelog of OpenSSL, it seems that there was disabled SSLv2 and SSLv3:

* Mon Jun 30 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1h-5
- disable SSLv2 and SSLv3 protocols by default (can be enabled
  via appropriate SSL_CTX_clear_options() call)

According to the OpenSSL maintainer, they are going to be disabled in upstream release of OpenSSL 1.0.3 as well, since they are not secure enough. So I am wondering, what can do Ruby about this?

Files

0001-Don-t-use-obsolete-SSLv3-for-tests.patch (1.33 KB) 0001-Don-t-use-obsolete-SSLv3-for-tests.patch

vo.x (Vit Ondruch), 11/21/2014 03:15 PM

Related issues 1 (0 open — 1 closed)

Actions

Copy link

Also available in: Atom PDF

Like0

Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0

Project

General

Profile

Ruby » Ruby master

Custom queries

Bug #10046

OpenSSL::TestSSLSession#test_ctx_server_session_cb and OpenSSL::TestSSLSession#test_ctx_client_session_cb test failures

Updated by zzak (zzak _) over 9 years ago

Updated by vo.x (Vit Ondruch) over 9 years ago

Updated by normalperson (Eric Wong) over 9 years ago

Updated by vo.x (Vit Ondruch) over 9 years ago

Updated by vo.x (Vit Ondruch) over 9 years ago

Updated by zzak (zzak _) over 9 years ago

Updated by vo.x (Vit Ondruch) over 9 years ago

Updated by hsbt (Hiroshi SHIBATA) over 9 years ago

Updated by hsbt (Hiroshi SHIBATA) over 9 years ago

Updated by vo.x (Vit Ondruch) almost 9 years ago

Updated by vo.x (Vit Ondruch) over 8 years ago

Updated by vo.x (Vit Ondruch) over 8 years ago

Updated by nagachika (Tomoyuki Chikanaga) over 8 years ago

Updated by usa (Usaku NAKAMURA) over 8 years ago