Project

General

Profile

Actions

Bug #9053

closed

SSL Issue with Ruby 2.0.0

Added by tisba (Sebastian Cohnen) over 10 years ago. Updated over 7 years ago.

Status:
Third Party's Issue
Assignee:
-
Target version:
-
ruby -v:
ruby 2.0.0p247 (2013-06-27 revision 41674) [x86_64-darwin13.0.0]
Backport:
[ruby-core:58033]

Description

=begin
Steps to reproduce:

ruby -rnet/http -e 'Net::HTTP.get(URI("https://stormforger.com"));'

results in:

/Users/basti/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:918:in connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError) from /Users/basti/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:918:in block in connect'
from /Users/basti/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/timeout.rb:52:in timeout' from /Users/basti/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:918:in connect'
from /Users/basti/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:862:in do_start' from /Users/basti/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:851:in start'
from /Users/basti/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:582:in start' from /Users/basti/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:477:in get_response'
from /Users/basti/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:454:in get' from -e:1:in '

But I expected no output from the program.

Running the same code with Ruby 1.8.7 or 1.9.3 causes no problems. I was able to reproduce this issue with OS X 10.8.5 as well as with 10.9. Interestingly OS X 10.9's system ruby ((({ruby 2.0.0p247 (2013-06-27 revision 41674) [universal.x86_64-darwin13]}))) does not have the issue. I appended the output of (({otool -L})) to look for the used OpenSSL lib. Apple's ruby obviously uses Apples own OpenSSL lib. 1.9.3 and 2.0.0 use the same OpenSSL lib, but only 2.0.0 fails on my test.

ruby-head ((({ruby 2.1.0dev (2013-10-24 trunk 43413) [x86_64-darwin13.0.0]}))) is also affected.

Just FYI: I initially reported the issue to RVM[0], but it appears to be not really RVM related.

[0] https://github.com/wayneeseguin/rvm/issues/2315

[1] Output of otool for various tested Rubies:

((1.9.3-p448))

$ find ~/.rvm/rubies/ruby-1.9.3-p448 -name openssl.bundle | xargs otool -L
/Users/basti/.rvm/rubies/ruby-1.9.3-p448/lib/ruby/1.9.1/x86_64-darwin13.0.0/openssl.bundle:
/Users/basti/.rvm/rubies/ruby-1.9.3-p448/lib/libruby.1.9.1.dylib (compatibility version 1.9.1, current version 1.9.1)
/usr/local/opt/openssl/lib/libssl.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
/usr/local/opt/openssl/lib/libcrypto.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
/usr/lib/libz.1.dylib (compatibility version 1.0.0, current version 1.2.5)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1197.1.1)
/usr/lib/libobjc.A.dylib (compatibility version 1.0.0, current version 228.0.0)

((2.0.0-p247))

$ find ~/.rvm/rubies/ruby-2.0.0-p247 -name openssl.bundle | xargs otool -L
/Users/basti/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/x86_64-darwin13.0.0/openssl.bundle:
/usr/local/opt/openssl/lib/libssl.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
/usr/local/opt/openssl/lib/libcrypto.1.0.0.dylib (compatibility version 1.0.0, current version 1.0.0)
/usr/lib/libz.1.dylib (compatibility version 1.0.0, current version 1.2.5)
/Users/basti/.rvm/rubies/ruby-2.0.0-p247/lib/libruby.2.0.0.dylib (compatibility version 2.0.0, current version 2.0.0)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1197.1.1)
/usr/lib/libobjc.A.dylib (compatibility version 1.0.0, current version 228.0.0)

((2.0.0-p247 System Ruby))

$ find /usr/lib/ruby/2.0.0/ -name openssl.bundle | xargs otool -L
/usr/lib/ruby/2.0.0//universal-darwin13/openssl.bundle:
/System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/libruby.2.0.0.dylib (compatibility version 2.0.0, current version 2.0.0)
/usr/lib/libssl.0.9.8.dylib (compatibility version 0.9.8, current version 50.0.0)
/usr/lib/libcrypto.0.9.8.dylib (compatibility version 0.9.8, current version 50.0.0)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1197.1.1)
/usr/lib/libobjc.A.dylib (compatibility version 1.0.0, current version 228.0.0)

=end

Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0