Project

General

Profile

Actions

Bug #4919

closed

OpenSSL::SSL::Sesssion#time= に Bignum を渡すと ArgumentError が発生する

Added by nagachika (Tomoyuki Chikanaga) about 11 years ago. Updated about 11 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
ruby -v:
-
Backport:
[ruby-dev:43869]

Description

掲題のような理由で make test-all TESTS="-v openssl/test_ssl_session.rb" を実行すると 1E になります。

  1. Error:
    test_session(OpenSSL::TestSSLSession):
    ArgumentError: unknown type
    /opt/ruby-trunk/src/ruby/test/openssl/test_ssl_session.rb:21:in time=' /opt/ruby-trunk/src/ruby/test/openssl/test_ssl_session.rb:21:in block in test_session'
    /opt/ruby-trunk/src/ruby/test/openssl/utils.rb:280:in call' /opt/ruby-trunk/src/ruby/test/openssl/utils.rb:280:in start_server'
    /opt/ruby-trunk/src/ruby/test/openssl/test_ssl_session.rb:7:in `test_session'

32bit 版のため Time.now.to_i が Bignum になり、OpenSSL::SSL::Sesssion#time= がこれをエラーとして弾くようです。

とりあえず以下のように Bignum 受け付けるようにしてみたところテストのErrorは回避されました。

--- a/ext/openssl/ossl_ssl_session.c
+++ b/ext/openssl/ossl_ssl_session.c
@@ -149,7 +149,7 @@ static VALUE ossl_ssl_session_get_timeout(VALUE self)

if (rb_obj_is_instance_of(time_v, rb_cTime)) {
time_v = rb_funcall(time_v, rb_intern("to_i"), 0); \

  •           } else if (FIXNUM_P(time_v)) {                                \
    
  •           } else if (FIXNUM_P(time_v) || TYPE(time_v) == T_BIGNUM) {     \
                      ;                                                     \
              } else {                                                      \
                      rb_raise(rb_eArgError, "unknown type");               \
    

Related issues 1 (0 open1 closed)

Related to Ruby master - Bug #4923: [ext/openssl] test_ssl.rb: test_client_auth failsClosedMartinBosslet (Martin Bosslet)06/23/2011Actions

Updated by MartinBosslet (Martin Bosslet) about 11 years ago

I get the same result for OpenSSL 0.9.8k plus an additional error when running

make test-all -TESTS="openssl"

on revision 32199.

  1. Error:
    test_connect_and_close(OpenSSL::TestSSL):
    OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert illegal parameter
    /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl.rb:46:in connect' /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl.rb:46:in block in test_connect_and_close'
    /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/utils.rb:280:in call' /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/utils.rb:280:in start_server'
    /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl.rb:35:in `test_connect_and_close'

  2. Error:
    test_session(OpenSSL::TestSSLSession):
    ArgumentError: unknown type
    /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:21:in time=' /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:21:in block in test_session'
    /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/utils.rb:280:in call' /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/utils.rb:280:in start_server'
    /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:7:in `test_session'

The latter can be solved by Tomoyuki's suggested fix.

Two questions:

  1. Is it OK if I apply the fix?
  2. Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...

Regards,
Martin

Updated by nagachika (Tomoyuki Chikanaga) about 11 years ago

Hi, Martin

  1. Is it OK if I apply the fix?
    Yes, please apply it. :)
  1. Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
    I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Regards,

Actions #3

Updated by Anonymous about 11 years ago

  • Status changed from Open to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r32203.
Tomoyuki, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


  • ext/openssl/ossl_ssl_session.c: Respect T_BIGNUM time values. Patch by
    Tomoyuki Chikanaga.
    [ Ruby 1.9 - Bug #4919 ] [ruby-dev:43869]

Updated by nahi (Hiroshi Nakamura) about 11 years ago

  • ruby -v changed from ruby 1.9.3dev (2011-06-22 trunk 32198) [i686-linux] to -

報告ありがとうございます。32bit環境で落ちるとか考えてませんでした。。。
Thanks for the report. I was not aware that the code has 64bit dependency...

On Wed, Jun 22, 2011 at 18:45, Tomoyuki Chikanaga wrote:

  1. Is it OK if I apply the fix?
    Yes, please apply it. :)

I modified it a little at r32211.

Martin, please add a test when you commit a gift patch. Thanks!

  1. Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
    I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Please file it.

Regards,
// NaHi

Updated by nahi (Hiroshi Nakamura) about 11 years ago

報告ありがとうございます。32bit環境で落ちるとか考えてませんでした。。。
Thanks for the report. I was not aware that the code has 64bit dependency...

On Wed, Jun 22, 2011 at 18:45, Tomoyuki Chikanaga wrote:

  1. Is it OK if I apply the fix?
    Yes, please apply it. :)

I modified it a little at r32211.

Martin, please add a test when you commit a gift patch. Thanks!

  1. Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
    I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Please file it.

Regards,
// NaHi

Updated by MartinBosslet (Martin Bosslet) about 11 years ago

2011/6/23 Hiroshi Nakamura :

報告ありがとうございます。32bit環境で落ちるとか考えてませんでした。。。
Thanks for the report. I was not aware that the code has 64bit dependency...

On Wed, Jun 22, 2011 at 18:45, Tomoyuki Chikanaga wrote:

  1. Is it OK if I apply the fix?
    Yes, please apply it. :)

I modified it a little at r32211.

This gives me: (Ubuntu 10.04 32bit, OpenSSL 0.9.8k)

  1. Error:
    test_session_time(OpenSSL::TestSSLSession):
    RangeError: bignum too big to convert into long' /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:71:in time='
    /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:71:in
    `test_session_time'

  2. Error:
    test_session_timeout(OpenSSL::TestSSLSession):
    RangeError: bignum too big to convert into long' /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:84:in timeout='
    /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:84:in
    `test_session_timeout'

Martin, please add a test when you commit a gift patch. Thanks!

I assumed the broken test would cover the patch code - but you're
right, I should add tests
that specifically test new features/improvements - I'll pay more
attention to that in the future!

  1. Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
    I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Please file it.

Just wanted to do that, but it seems it's fixed in 32211 - can't
reproduce it anymore :)

Regards,
Martin

Updated by MartinBosslet (Martin Bosslet) about 11 years ago

2011/6/23 Hiroshi Nakamura :

報告ありがとうございます。32bit環境で落ちるとか考えてませんでした。。。
Thanks for the report. I was not aware that the code has 64bit dependency...

On Wed, Jun 22, 2011 at 18:45, Tomoyuki Chikanaga wrote:

  1. Is it OK if I apply the fix?
    Yes, please apply it. :)

I modified it a little at r32211.

This gives me: (Ubuntu 10.04 32bit, OpenSSL 0.9.8k)

  1. Error:
    test_session_time(OpenSSL::TestSSLSession):
    RangeError: bignum too big to convert into long' /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:71:in time='
    /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:71:in
    `test_session_time'

  2. Error:
    test_session_timeout(OpenSSL::TestSSLSession):
    RangeError: bignum too big to convert into long' /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:84:in timeout='
    /home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:84:in
    `test_session_timeout'

Martin, please add a test when you commit a gift patch. Thanks!

I assumed the broken test would cover the patch code - but you're
right, I should add tests
that specifically test new features/improvements - I'll pay more
attention to that in the future!

  1. Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
    I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Please file it.

Just wanted to do that, but it seems it's fixed in 32211 - can't
reproduce it anymore :)

Regards,
Martin

Updated by nahi (Hiroshi Nakamura) about 11 years ago

2011/6/23 Martin Boßlet :

I modified it a little at r32211.

This gives me: (Ubuntu 10.04 32bit, OpenSSL 0.9.8k)

Aaaaarhg! Sorry, 2**31 is not in a signed long value. Miserable me...
Fixed at r32212.

Martin, please add a test when you commit a gift patch. Thanks!

I assumed the broken test would cover the patch code - but you're
right, I should add tests
that specifically test new features/improvements - I'll pay more
attention to that in the future!

Ah, sure, I should have written more tests when I wrote a testcase.

  1. Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
    I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Please file it.

Just wanted to do that, but it seems it's fixed in 32211 - can't
reproduce it anymore :)

Indeed? I don't think fixes of today affect SSL negotiation... Please
file a new ticket when you get kind of SSL error next time. Log dump
(w/o reproducible script) is far better than nothing.

Regards,
// NaHi

Updated by nahi (Hiroshi Nakamura) about 11 years ago

2011/6/23 Martin Boßlet :

I modified it a little at r32211.

This gives me: (Ubuntu 10.04 32bit, OpenSSL 0.9.8k)

Aaaaarhg! Sorry, 2**31 is not in a signed long value. Miserable me...
Fixed at r32212.

Martin, please add a test when you commit a gift patch. Thanks!

I assumed the broken test would cover the patch code - but you're
right, I should add tests
that specifically test new features/improvements - I'll pay more
attention to that in the future!

Ah, sure, I should have written more tests when I wrote a testcase.

  1. Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
    I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Please file it.

Just wanted to do that, but it seems it's fixed in 32211 - can't
reproduce it anymore :)

Indeed? I don't think fixes of today affect SSL negotiation... Please
file a new ticket when you get kind of SSL error next time. Log dump
(w/o reproducible script) is far better than nothing.

Regards,
// NaHi

Updated by MartinBosslet (Martin Bosslet) about 11 years ago

Hiroshi NAKAMURA wrote:

Aaaaarhg! Sorry, 2**31 is not in a signed long value. Miserable me...
Fixed at r32212.

No problem, works fine now. Happens to the best of us ;)

  1. Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
    I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Please file it.

Just wanted to do that, but it seems it's fixed in 32211 - can't
reproduce it anymore :)

Indeed? I don't think fixes of today affect SSL negotiation... Please
file a new ticket when you get kind of SSL error next time. Log dump
(w/o reproducible script) is far better than nothing.

I was finally able to reproduce it, although with a different error message this time. Cf. http://redmine.ruby-lang.org/issues/4923. I suspect it could be related to OpenSSL 1.0.0, since I could not reproduce it with 0.9.8k.

Regards,
Martin

Actions

Also available in: Atom PDF