[#87467] [Ruby trunk Bug#14841] Very rarely IO#readpartial does not raise EOFError — mofezilla@...
Issue #14841 has been reported by hirura (Hiroyuki URANISHI).
3 messages
2018/06/10
[#87515] [Ruby trunk Bug#14841] Very rarely IO#readpartial does not raise EOFError — hirura@...
Issue #14841 has been updated by hirura (Hiroyuki URANISHI).
7 messages
2018/06/19
[#87516] Re: [Ruby trunk Bug#14841] Very rarely IO#readpartial does not raise EOFError
— Eric Wong <normalperson@...>
2018/06/19
hirura@gmail.com wrote:
[#87517] Re: [Ruby trunk Bug#14841] Very rarely IO#readpartial does not raise EOFError
— Eric Wong <normalperson@...>
2018/06/19
Sorry, I left this out: If you can reproduce it again, can you
[#87519] Re: [Ruby trunk Bug#14841] Very rarely IO#readpartial does not raise EOFError
— hirura <hirura@...>
2018/06/19
Hi Eric,
[#87521] Re: [Ruby trunk Bug#14841] Very rarely IO#readpartial does not raise EOFError
— Eric Wong <normalperson@...>
2018/06/19
hirura <hirura@gmail.com> wrote:
[#87541] [Ruby trunk Feature#14859] [PATCH] implement Timeout in VM — normalperson@...
Issue #14859 has been reported by normalperson (Eric Wong).
4 messages
2018/06/21
[#87605] [Ruby trunk Bug#14867] Process.wait can wait for MJIT compiler process — takashikkbn@...
Issue #14867 has been reported by k0kubun (Takashi Kokubun).
3 messages
2018/06/23
[#87614] [Ruby trunk Bug#14867] Process.wait can wait for MJIT compiler process — normalperson@...
Issue #14867 has been updated by normalperson (Eric Wong).
4 messages
2018/06/23
[#87631] [Ruby trunk Bug#14867] Process.wait can wait for MJIT compiler process — takashikkbn@...
Issue #14867 has been updated by k0kubun (Takashi Kokubun).
5 messages
2018/06/25
[#87635] Re: [Ruby trunk Bug#14867] Process.wait can wait for MJIT compiler process
— Eric Wong <normalperson@...>
2018/06/25
takashikkbn@gmail.com wrote:
[#87665] [Ruby trunk Bug#14867] Process.wait can wait for MJIT compiler process — eregontp@...
Issue #14867 has been updated by Eregon (Benoit Daloze).
4 messages
2018/06/28
[#87710] [Ruby trunk Bug#14867] Process.wait can wait for MJIT compiler process — Greg.mpls@...
Issue #14867 has been updated by MSP-Greg (Greg L).
3 messages
2018/06/30
[ruby-core:87693] [Ruby trunk Bug#14630] DON'T IGNORE ME!!! Uncaught exception: SSL_connect returned=1 errno=0 state=error: certificate verify failed (error number 1)
From:
dsh0416@...
Date:
2018-06-29 14:53:50 UTC
List:
ruby-core #87693
Issue #14630 has been updated by dsh0416 (Delton Ding).
The option hash passing to `Net::HTTP::start` seems to contain misspelling key.
```ruby
@options = {
use_ssl: true,
ssl_version: :TLSv1_2,
verify_mode: OpenSSL::SSL::VERIFY_PEER,
store: store,
keep_alive_timeout: 30,
cert: config[:cert].nil? ? nil : OpenSSL::X509::Certificate.new(File.read(config[:cert])),
key: config[:key].nil? ? nil : OpenSSL::PKey::EC.new(File.read(config[:key]))
}
```
This should be
```ruby
@options = {
use_ssl: true,
ssl_version: :TLSv1_2,
verify_mode: OpenSSL::SSL::VERIFY_PEER,
cert_store: store,
keep_alive_timeout: 30,
cert: config[:cert].nil? ? nil : OpenSSL::X509::Certificate.new(File.read(config[:cert])),
key: config[:key].nil? ? nil : OpenSSL::PKey::EC.new(File.read(config[:key]))
}
```
You'd better double check ruby-doc described [here](https://ruby-doc.org/stdlib-2.5.1/libdoc/net/http/rdoc/Net/HTTP.html#method-c-start):
opt sets following values by its accessor. The keys are #ca_file, #ca_path, cert, **#cert_store**, ciphers, #close_on_empty_response, key, #open_timeout, #read_timeout, #ssl_timeout, #ssl_version, use_ssl, #verify_callback, #verify_depth and verify_mode. If you set :use_ssl as true, you can use https and default value of #verify_mode is set as OpenSSL::SSL::VERIFY_PEER.
----------------------------------------
Bug #14630: DON'T IGNORE ME!!! Uncaught exception: SSL_connect returned=1 errno=0 state=error: certificate verify failed (error number 1)
https://bugs.ruby-lang.org/issues/14630#change-72716
* Author: paul_coppinger (Paul Coppinger)
* Status: Open
* Priority: Normal
* Assignee:
* Target version:
* ruby -v: ruby 2.5.0p0 (2017-12-25 revision 61468) [x86_64-darwin17]
* Backport: 2.3: UNKNOWN, 2.4: UNKNOWN, 2.5: UNKNOWN
----------------------------------------
I'm attempting to connect to a server with verify_mode = OpenSSL::SSL::VERIFY_PEER. It fails with the error:
Uncaught exception: SSL_connect returned=1 errno=0 state=error: certificate verify failed (error number 1)
/usr/local/Cellar/ruby/2.5.0_2/lib/ruby/2.5.0/net/protocol.rb:44:in `connect_nonblock'
/usr/local/Cellar/ruby/2.5.0_2/lib/ruby/2.5.0/net/protocol.rb:44:in `ssl_socket_connect'
/usr/local/Cellar/ruby/2.5.0_2/lib/ruby/2.5.0/net/http.rb:981:in `connect'
/usr/local/Cellar/ruby/2.5.0_2/lib/ruby/2.5.0/net/http.rb:920:in `do_start'
/usr/local/Cellar/ruby/2.5.0_2/lib/ruby/2.5.0/net/http.rb:909:in `start'
/usr/local/Cellar/ruby/2.5.0_2/lib/ruby/2.5.0/net/http.rb:609:in `start'
/Users/pc/work/unipagos/node/test/tester.rb:93:in `request'
/Users/pc/work/unipagos/node/test/unipagos_tester.rb:79:in `authenticate_user'
/Users/pc/work/unipagos/node/test/authenticate.rb:111:in `<top (required)>'
Strange thing is, if I attempt to verify the certificates directly there is no problem.
This is two-level PKI with a root CA (root.pem) that has two sub-CAs. One sub-CA (admin.pem) is used to issue server certificates (such as mobile.pem) and the other sub-CA (user.pem) is used to issue user certificates. I have included the PEM files for all four certificates.
Here's the code to setup the options for the connection:
store = OpenSSL::X509::Store.new
store.add_cert(OpenSSL::X509::Certificate.new(File.read('./root.pem')))
store.add_cert(OpenSSL::X509::Certificate.new(File.read('./admin.pem')))
store.add_cert(OpenSSL::X509::Certificate.new(File.read('./user.pem')))
@options = {
use_ssl: true,
ssl_version: :TLSv1_2,
verify_mode: OpenSSL::SSL::VERIFY_PEER,
store: store,
keep_alive_timeout: 30,
cert: config[:cert].nil? ? nil : OpenSSL::X509::Certificate.new(File.read(config[:cert])),
key: config[:key].nil? ? nil : OpenSSL::PKey::EC.new(File.read(config[:key]))
}
result = store.verify(@options[:cert])
puts result
result = store.verify(OpenSSL::X509::Certificate.new(File.read('./mobile.pem')))
puts result
The output of the above is:
true
true
However, I get the above error when I try to connect to the server (identified by mobile.pem) as follows:
req = Net::HTTP::Get.new(uri, headers)
res = Net::HTTP::start(req.uri.hostname, req.uri.port, @options) do |http|
http.request(req)
end
Any ideas?
---Files--------------------------------
admin.pem (835 Bytes)
mobile.pem (955 Bytes)
user.pem (830 Bytes)
root.pem (782 Bytes)
--
https://bugs.ruby-lang.org/
Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>