Bug #10046: OpenSSL::TestSSLSession#test_ctx_server_session_cb and OpenSSL::TestSSLSession#test_ctx_client_session_cb test failures - Ruby master - Ruby Issue Tracking System

Actions

Copy link

Bug #10046

closed

OpenSSL::TestSSLSession#test_ctx_server_session_cb and OpenSSL::TestSSLSession#test_ctx_client_session_cb test failures

Added by vo.x (Vit Ondruch) over 10 years ago. Updated about 9 years ago.

Status:

Closed

Assignee:

Target version:

ruby -v:

ruby 2.1.2p95 (2014-05-08 revision 45877) [x86_64-linux]

Backport:

2.0.0: UNKNOWN, 2.1: DONE, 2.2: DONE

[ruby-core:63772]

Description

I observe following test failures in Fedora 21 and Rawhide:

  4) Error:
OpenSSL::TestSSLSession#test_ctx_server_session_cb:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server hello A: sslv3 alert handshake failure
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:351:in `connect'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:351:in `block (2 levels) in test_ctx_server_session_cb'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:346:in `times'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:346:in `block in test_ctx_server_session_cb'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/utils.rb:298:in `call'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/utils.rb:298:in `start_server'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:344:in `test_ctx_server_session_cb'
  5) Error:
OpenSSL::TestSSLSession#test_ctx_client_session_cb:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server hello A: sslv3 alert handshake failure
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:294:in `connect'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:294:in `block in test_ctx_client_session_cb'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/utils.rb:298:in `call'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/utils.rb:298:in `start_server'
    /builddir/build/BUILD/ruby-2.1.2/test/openssl/test_ssl_session.rb:290:in `test_ctx_client_session_cb'

I believe, that I observer these failures since openssl-1.0.1h-5.fc21 was build. From the changelog of OpenSSL, it seems that there was disabled SSLv2 and SSLv3:

* Mon Jun 30 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1h-5
- disable SSLv2 and SSLv3 protocols by default (can be enabled
  via appropriate SSL_CTX_clear_options() call)

According to the OpenSSL maintainer, they are going to be disabled in upstream release of OpenSSL 1.0.3 as well, since they are not secure enough. So I am wondering, what can do Ruby about this?

Files

0001-Don-t-use-obsolete-SSLv3-for-tests.patch (1.33 KB) 0001-Don-t-use-obsolete-SSLv3-for-tests.patch

vo.x (Vit Ondruch), 11/21/2014 03:15 PM

Related issues 1 (0 open — 1 closed)

Actions

Copy link

Also available in: Atom PDF

Like0

Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0

Project

General

Profile

Ruby » Ruby master

Custom queries

Bug #10046

OpenSSL::TestSSLSession#test_ctx_server_session_cb and OpenSSL::TestSSLSession#test_ctx_client_session_cb test failures

Updated by zzak (zzak _) over 10 years ago

Updated by vo.x (Vit Ondruch) over 10 years ago

Updated by normalperson (Eric Wong) over 10 years ago

Updated by vo.x (Vit Ondruch) about 10 years ago

Updated by vo.x (Vit Ondruch) about 10 years ago

Updated by zzak (zzak _) about 10 years ago

Updated by vo.x (Vit Ondruch) about 10 years ago

Updated by hsbt (Hiroshi SHIBATA) almost 10 years ago

Updated by hsbt (Hiroshi SHIBATA) almost 10 years ago

Updated by vo.x (Vit Ondruch) over 9 years ago

Updated by vo.x (Vit Ondruch) over 9 years ago

Updated by vo.x (Vit Ondruch) over 9 years ago

Updated by nagachika (Tomoyuki Chikanaga) about 9 years ago

Updated by usa (Usaku NAKAMURA) about 9 years ago