Bug #4961

[ext/openssl] SSLSession#initialize fails with OpenSSL 0.9.7

Added by Martin Bosslet almost 3 years ago. Updated over 2 years ago.

[ruby-core:37726]
Status:Closed
Priority:Normal
Assignee:Martin Bosslet
Category:ext
Target version:1.9.3
ruby -v:trunk r32366 Backport:

Description

With Ruby at r32366 and OpenSSL 0.97m on Fedora 15, running

make test-all TESTS="openssl/testsslsession.rb"

yields this:

1) Error:
testsessiontime(OpenSSL::TestSSLSession):
ArgumentError: unknown type: expecting an asn1 sequence
/home/martin/Projekte/Ruby/ruby/test/openssl/testsslsession.rb:63:in initialize'
/home/martin/Projekte/Ruby/ruby/test/openssl/test_ssl_session.rb:63:in
new'
/home/martin/Projekte/Ruby/ruby/test/openssl/testsslsession.rb:63:in `testsessiontime'

2) Error:
testsessiontimeout(OpenSSL::TestSSLSession):
ArgumentError: unknown type: expecting an asn1 sequence
/home/martin/Projekte/Ruby/ruby/test/openssl/testsslsession.rb:76:in initialize'
/home/martin/Projekte/Ruby/ruby/test/openssl/test_ssl_session.rb:76:in
new'
/home/martin/Projekte/Ruby/ruby/test/openssl/testsslsession.rb:76:in `testsessiontimeout'

The error occurs in osslsslsession_initialize:

ctx = PEMreadbioSSLSESSION(in, NULL, NULL, NULL);
if (!ctx) {
OSSLBIOreset(in);
ctx = d2iSSLSESSION_bio(in, NULL);
}

BIO_free(in);

if (!ctx)
osslraise(rbeArgError, "unknown type");

Since the test tries to create a session from a valid PEM encoding,
the first call should already have succeeded but does not. It does
succeed with all 0.9.8 versions I tried with and also with 1.0.0d.

The error has first been reported by Koichi Sasada in ,
running on MacOS X and OpenSSL 0.9.7m.

Associated revisions

Revision 32563
Added by emboss almost 3 years ago

  • test/openssl/testsslsession.rb: add PEM SSL session without TLS extensions. Use this as the default for the tests to ensure compatibility with OpenSSL 0.9.7. [ Ruby 1.9 - Bug #4961 ]

Revision 33298
Added by Yui NARUSE over 2 years ago

OepnSSL supports TLS extension from 0.9.8f.

http://www.openssl.org/news/changelog.html
Reported by Eric Wong. [Bug #4961]

Revision 33315
Added by emboss over 2 years ago

  • test/openssl/testsslsession.rb: execute testsessionexts_read only for OpenSSL versions >= 0.9.8k. Thanks, Eric Wong, for reporting this. [Bug #4961]

History

#1 Updated by Martin Bosslet almost 3 years ago

OK, I found it. The Base64-encoded session in testsslsession.rb contains the field

tlsext_tick [10] OCTET STRING OPTIONAL

This was added with TLS and is not recognized by OpenSSL 0.9.7 yet. So this issue can be fixed
by updating testsslsession.rb. I'll change the current Base64 session. Then I'll add another
one that is used only when OpenSSL >= 0.9.8, including the tslext_tick field.

#2 Updated by Anonymous almost 3 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r32563.
Martin, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


  • test/openssl/testsslsession.rb: add PEM SSL session without TLS extensions. Use this as the default for the tests to ensure compatibility with OpenSSL 0.9.7. [ Ruby 1.9 - Bug #4961 ]

#3 Updated by Hiroshi Nakamura almost 3 years ago

Martin Bosslet wrote:

OK, I found it. The Base64-encoded session in testsslsession.rb contains the field

tlsext_tick [10] OCTET STRING OPTIONAL

This was added with TLS and is not recognized by OpenSSL 0.9.7 yet. So this issue can be fixed
by updating testsslsession.rb. I'll change the current Base64 session. Then I'll add another
one that is used only when OpenSSL >= 0.9.8, including the tslext_tick field.

My bad. It's me who added the test data... Thank you.

#4 Updated by Eric Wong over 2 years ago

I'm getting the following error on CentOS 5.6, perhaps the version check needs
to be bumped? I am using: OpenSSL 0.9.8e-rhel5 01 Jul 2008

1) Error:
testsessionextsread(OpenSSL::TestSSLSession):
ArgumentError: unknown type: expecting an asn1 sequence
test/openssl/test
sslsession.rb:113:in initialize'
test/openssl/test_ssl_session.rb:113:in
new'
test/openssl/test
sslsession.rb:113:in `testsessionextsread'

ruby 1.9.3dev (2011-09-17 revision 33290) [x8664-linux]
OPENSSL
VERSION_NUMBER = 0x90802f

On Debian Squeeze with OpenSSL 0.9.8o, I do not see this.

#5 Updated by Martin Bosslet over 2 years ago

  • Status changed from Closed to Assigned

Thanks Eric, I'll try to sort out the correct version of 0.9.8!

#6 Updated by Anonymous over 2 years ago

  • Status changed from Assigned to Closed

This issue was solved with changeset r33315.
Martin, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


  • test/openssl/testsslsession.rb: execute testsessionexts_read only for OpenSSL versions >= 0.9.8k. Thanks, Eric Wong, for reporting this. [Bug #4961]

Also available in: Atom PDF