Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JRuby does not refer to TLS 1.1 the same way as MRI #1735

Closed
aetherknight opened this issue Jun 11, 2014 · 1 comment
Closed

JRuby does not refer to TLS 1.1 the same way as MRI #1735

aetherknight opened this issue Jun 11, 2014 · 1 comment
Assignees
@kares
Labels
openssl
Milestone
Non-Release

Comments

@aetherknight
Copy link

JRuby 1.7.12, as well as the current tip of JRuby's master branch, supports setting the ssl protocol version to TLS 1.1. However, it does not refer to the protocol in the same way that MRI's OpenSSL library does.

MRI 2.0 and later refer to TLS 1.1 and TLS 1.2 as :TLSv1_1 and :TLSv1_2, respectively. MRI 1.9.3 does not support either of these, but JRuby supports TLS 1.1 as :"TLSv1.1", requiring different symbols/strings to refer to TLS 1.1 depending on the chosen Ruby implementation.

An easy fix would be for JRuby support both :TLSv1_1 and :"TLSv1.1".

Split off of #1733

Expected behavior

$ ruby --version
ruby 2.0.0p451 (2014-02-24 revision 45167) [x86_64-darwin12.5.0]

$ ruby -ropenssl -e 'p OpenSSL::SSL::SSLContext.new.ssl_version=:"TLSv1_1"'
:TLSv1_1

Observed behavior

$ jruby -ropenssl -e 'p OpenSSL::SSL::SSLContext.new.ssl_version=:"TLSv1_1"'
OpenSSL::SSL::SSLError: unknown SSL method `TLSv1_1'.
  ssl_version= at org/jruby/ext/openssl/SSLContext.java:355
        (root) at -e:1

$ jruby -ropenssl -e 'p OpenSSL::SSL::SSLContext.new.ssl_version=:"TLSv1.1"'
:"TLSv1.1"
@aetherknight aetherknight mentioned this issue Jun 11, 2014
Closed
@jordansissel jordansissel mentioned this issue Jul 30, 2014
Closed
@kares kares self-assigned this Apr 9, 2015
kares added a commit to jruby/jruby-openssl that referenced this issue Apr 9, 2015
@kares
support setting ssl_version = "TLSv1_1" (or "TLSv1_2") just like MRI …
24d4b5b 
…2.x does

closing jruby/jruby#1735
@kares
Copy link
Member

kares commented Apr 15, 2015

fixed on jruby-openssl 0.9.7 ... TLSv1_1 can be set (there's likely still an issue with the resolved cipher list being a bit small, please refer to #2194)

@kares kares closed this as completed Apr 15, 2015
@enebo enebo added this to the Non-Release milestone Apr 28, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kares kares

Labels
openssl
Projects
None yet
Milestone
Non-Release
Development

No branches or pull requests
4 participants
@enebo @mkristian @kares @aetherknight