[#69892] [Ruby trunk - Feature #11339] [Open] [PATCH] io.c: avoid kwarg parsing in C API — normalperson@...
Issue #11339 has been reported by Eric Wong.
8 messages
2015/07/07
[#69983] Re: [Ruby trunk - Feature #11339] [Open] [PATCH] io.c: avoid kwarg parsing in C API
— Eric Wong <normalperson@...>
2015/07/15
normalperson@yhbt.net wrote:
[#69990] Re: [Ruby trunk - Feature #11339] [Open] [PATCH] io.c: avoid kwarg parsing in C API
— SASADA Koichi <ko1@...>
2015/07/16
On 2015/07/16 4:41, Eric Wong wrote:
[#69995] Re: [Ruby trunk - Feature #11339] [Open] [PATCH] io.c: avoid kwarg parsing in C API
— Eric Wong <normalperson@...>
2015/07/16
SASADA Koichi <ko1@atdot.net> wrote:
[#69984] $SAFE inside an Array — Bertram Scharpf <lists@...>
Hi,
4 messages
2015/07/15
[#70001] [Ruby trunk - Bug #11336] [Open] TestProcess#test_exec_fd_3_redirect failed on Solaris 10 — ngotogenome@...
Issue #11336 has been updated by Naohisa Goto.
4 messages
2015/07/16
[#70005] Re: [Ruby trunk - Bug #11336] [Open] TestProcess#test_exec_fd_3_redirect failed on Solaris 10
— Eric Wong <normalperson@...>
2015/07/16
Sorry, but I think rb_divert_reserved_fd seems a racy fix. I think the
[#70011] [Ruby trunk - Bug #11362] [Open] [PATCH] ensure Process.kill(:STOP, $$) is resumable — normalperson@...
Issue #11362 has been reported by Eric Wong.
3 messages
2015/07/17
[#70016] [Ruby trunk - Bug #11364] [Open] Use smaller buffer for sendmsg — merch-redmine@...
Issue #11364 has been reported by Jeremy Evans.
8 messages
2015/07/17
[#70052] Re: [Ruby trunk - Bug #11364] [Open] Use smaller buffer for sendmsg
— Eric Wong <normalperson@...>
2015/07/20
merch-redmine@jeremyevans.net wrote:
[#70055] Re: [Ruby trunk - Bug #11364] [Open] Use smaller buffer for sendmsg
— Jeremy Evans <code@...>
2015/07/20
On 07/20 10:46, Eric Wong wrote:
[#70056] Re: [Ruby trunk - Bug #11364] [Open] Use smaller buffer for sendmsg
— Eric Wong <normalperson@...>
2015/07/21
Jeremy Evans <code@jeremyevans.net> wrote:
[#70103] [Ruby trunk - Feature #11375] Decreased Object Allocation in Pathname.rb — richard.schneeman@...
Issue #11375 has been updated by Richard Schneeman.
3 messages
2015/07/23
[#70156] [Ruby trunk - Bug #11396] Bad performance in ruby >= 2.2 for Hash with many symbol keys — dunric29a@...
Issue #11396 has been updated by David Unric.
3 messages
2015/07/28
[ruby-core:70186] [Ruby trunk - Bug #10910] [Open] NoMethodError when opening SSL connection with OpenSSL::SSL::VERIFY_PEER set and anonymous ciphers allowed
From:
nobu@...
Date:
2015-07-30 09:17:38 UTC
List:
ruby-core #70186
Issue #10910 has been updated by Nobuyoshi Nakada.
Status changed from Closed to Open
This has failed on travis.
https://travis-ci.org/ruby/ruby/builds/72882783
----------------------------------------
Bug #10910: NoMethodError when opening SSL connection with OpenSSL::SSL::VERIFY_PEER set and anonymous ciphers allowed
https://bugs.ruby-lang.org/issues/10910#change-53613
* Author: Chris Sinjakli
* Status: Open
* Priority: Normal
* Assignee: openssl
* ruby -v: ruby 2.3.0dev
* Backport: 2.0.0: REQUIRED, 2.1: REQUIRED, 2.2: REQUIRED
----------------------------------------
When establishing an SSL connection with peer verification enabled, if the list of allowed ciphers includes an anonymous cipher, and negotiation with the server results in that cipher being used, a NoMethodError is raised with a stack trace like:
~~~
/Users/sinjo/rubies/2.1.3/lib/ruby/2.1.0/openssl/ssl.rb:99:in `verify_certificate_identity': undefined method `extensions' for nil:NilClass (NoMethodError)
from /Users/sinjo/rubies/2.1.3/lib/ruby/2.1.0/openssl/ssl.rb:156:in `post_connection_check'
from /Users/sinjo/rubies/2.1.3/lib/ruby/2.1.0/net/http.rb:922:in `connect'
from /Users/sinjo/rubies/2.1.3/lib/ruby/2.1.0/net/http.rb:863:in `do_start'
from /Users/sinjo/rubies/2.1.3/lib/ruby/2.1.0/net/http.rb:852:in `start'
from ../test_ssl.rb:4:in `<main>'
~~~
This is because no certificate is returned when using an anonymous cipher, while the verification code which runs when OpenSSL::SSL::VERIFY_PEER is set expects one to be present.
I've attached a patch which fixes this. Let me know if there's anything you'd like me to change (happy to refactor, or alter the approach).
This behaviour is present in 2.0, 2.1, and 2.2.
---Files--------------------------------
ssl_verify.patch (2.71 KB)
--
https://bugs.ruby-lang.org/