[#68137] improve semantics of manpages — "Anthony J. Bentley" <anthony@...>
Hi,
1 message
2015/02/17
[#68144] Re: Future of test suites for Ruby — Anthony Crumley <anthony.crumley@...>
FYI...
4 messages
2015/02/17
[#68343] [Ruby trunk - Bug #10916] [Open] What the Ruby? SegFault? — ruby@...
Issue #10916 has been reported by why do i need this acct just to create a bug report.
5 messages
2015/02/27
[#68373] Re: [Ruby trunk - Bug #10916] [Open] What the Ruby? SegFault?
— "Martin J. Dürst" <duerst@...>
2015/03/02
> * Author: why do i need this acct just to create a bug report
[#68358] [Ruby trunk - Bug #10902] require("enumerator") scans LOAD_PATH 2x on every invocation — ruby@...1.net
Issue #10902 has been updated by Aman Gupta.
3 messages
2015/02/28
[ruby-core:68039] [ruby-trunk - Bug #10522] [Feedback] SSL_VERSION not handled properly in Net::Http, OpenSSL libraries
From:
shugo@...
Date:
2015-02-06 04:11:39 UTC
List:
ruby-core #68039
Issue #10522 has been updated by Shugo Maeda.
Status changed from Open to Feedback
Matt Dressel wrote:
> https://github.com/ruby/ruby/pull/762/files
What exception is raised?
The following code works fine on my box (x86_64-linux):
```ruby
def test_allow_tls_v1_for_client
# server does not support SSLv2 / SSLv3
ctx_proc = Proc.new { |ctx| ctx.options = OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_SSLv3 | OpenSSL::SSL::OP_NO_SSLv2 }
start_server_version(:TLSv1_1, ctx_proc) { |server, port|
ctx = OpenSSL::SSL::SSLContext.new
# It appears that explicitly calling 'ssl_version=' directly
# is required rather than allowing `set_params` to call it via `__send__`
ctx.set_params(ssl_version: :TLSv1_1, # soils the ssl_version
verify_mode: OpenSSL::SSL::VERIFY_NONE)
assert_nothing_raised(*HANDSHAKE_ERRORS) { server_connect(port, ctx) { |ssl| } }
}
end
```
I had to add verify_mode: to bypass certificate verification.
----------------------------------------
Bug #10522: SSL_VERSION not handled properly in Net::Http, OpenSSL libraries
https://bugs.ruby-lang.org/issues/10522#change-51428
* Author: Matt Dressel
* Status: Feedback
* Priority: High
* Assignee:
* ruby -v: ruby 2.1.3p242
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
https://github.com/ruby/ruby/pull/762/files
While using the Faraday gem with the default net/http adapter, we are passing an explicit ssl_version to net/http, however we still received handshake warnings from the server suggesting that the ssl_version was not getting down to the OpenSSL layer. After realizing that the Typhoeus adapter works just fine, I decided to dig deeper into Net::Http.
The Net::Http#connect method passes the ssl_version to OpenSSL::SSL::SSLContext via the set_params method. This appears to be problematic. The only case I can get to work as expected calls ssl_version= without calling set_params at all. I believe the error revolves around the set_params calling setters for all params (always includes an ssl_version).
--
https://bugs.ruby-lang.org/