Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JRuby's OpenSSL::SSL::SSLContext#ssl_version= does not handle unsupported SSL protocol versions the same way as MRI #1736

Closed
aetherknight opened this issue Jun 11, 2014 · 1 comment
Closed

JRuby's OpenSSL::SSL::SSLContext#ssl_version= does not handle unsupported SSL protocol versions the same way as MRI #1736

aetherknight opened this issue Jun 11, 2014 · 1 comment
Assignees
@kares
Labels
openssl
Milestone
Non-Release

Comments

@aetherknight
Copy link

When given an an unsupported/unknown SSL version, MRI 1.9.3 and 2.0 raise an ArgumentError, while JRuby 1.7.12 raises an OpenSSL::SSL::SSLError:

$ ruby --version
ruby 1.9.3p545 (2014-02-24 revision 45159) [x86_64-darwin13.2.0]

$ ruby -ropenssl -e 'p OpenSSL::SSL::SSLContext.new.ssl_version = "TLSv1_1"'
-e:1:in `ssl_version=': unknown SSL method `TLSv1.1'. (ArgumentError)
    from -e:1:in `<main>'

$ ruby --version
ruby 2.0.0p451 (2014-02-24 revision 45167) [x86_64-darwin12.5.0]

$ ruby -ropenssl -e 'p OpenSSL::SSL::SSLContext.new.ssl_version = "TLSv1.1"'
-e:1:in `ssl_version=': unknown SSL method `TLSv1.1'. (ArgumentError)
    from -e:1:in `<main>'

$ jruby --version
jruby 1.7.12 (1.9.3p392) 2014-04-15 643e292 on Java HotSpot(TM) 64-Bit Server VM 1.7.0_55-b13 [darwin-x86_64]

$ jruby -ropenssl -e 'p OpenSSL::SSL::SSLContext.new.ssl_version=:"TLSv1.2"'
OpenSSL::SSL::SSLError: unknown SSL method `TLSv1.2'.
  ssl_version= at org/jruby/ext/openssl/SSLContext.java:355
        (root) at -e:1

JRuby's current tip of master also appears to still have this issue in ext/openssl/src/main/java/org/jruby/ext/openssl/SSLContext.java. It calls newSSLError() to create the error object.

    @JRubyMethod(name = "ssl_version=")
    public IRubyObject set_ssl_version(IRubyObject version) {
        final String versionStr;
        if ( version instanceof RubyString ) {
            versionStr = version.convertToString().toString();
        } else {
            versionStr = version.toString();
        }
        final String mapped = SSL_VERSION_OSSL2JSSE.get(versionStr);
        if ( mapped == null ) {
            throw newSSLError(getRuntime(), String.format("unknown SSL method `%s'.", versionStr));
        }
        protocol = mapped;
        protocolForServer = ! versionStr.endsWith("_client");
        protocolForClient = ! versionStr.endsWith("_server");
        return version;
    }

Split out of #1733
@kares kares self-assigned this Apr 9, 2015
kares added a commit to jruby/jruby-openssl that referenced this issue Apr 9, 2015
@kares
more ssl_version= compatibility fixes that match MRI (closing jruby/j…
5b38625 
…ruby#1736)
@kares
Copy link
Member

kares commented Apr 15, 2015

this should now behave the same as MRI (in jruby-openssl >= 0.9.7), thanks for the report!

@kares kares closed this as completed Apr 15, 2015
@enebo enebo added this to the Non-Release milestone Apr 28, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kares kares

Labels
openssl
Projects
None yet
Milestone
Non-Release
Development

No branches or pull requests
4 participants
@enebo @mkristian @kares @aetherknight