Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bundle install stops with handshake_failure trying to fetch specs from rails-assets.org #3764

Closed
ghost opened this issue Mar 29, 2016 · 5 comments
Closed

Bundle install stops with handshake_failure trying to fetch specs from rails-assets.org #3764

ghost opened this issue Mar 29, 2016 · 5 comments
Labels
openssl
Milestone
Invalid or Duplicate

Comments

@ghost
Copy link

ghost commented Mar 29, 2016

Environment

Jruby-9.0.5.0
Windows 10 x86_64, MacOS (not windows-specific)
jruby-openssl-0.9.16
Oracle JDK 1.8.0_77

Expected Behavior

Expect this script

require 'net/http'
require 'openssl'

uri = URI.parse('https://rails-assets.org/specs-4.8.gz')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Get.new(uri.request_uri)
response = http.request(request)

to run successfully.

Actual Behavior

I'm getting OpenSSL::SSL::SSLError: Received fatal alert: handshake_failure
Trace:

    from org/jruby/ext/openssl/SSLSocket.java:215:in `connect'
    from C:/jruby-9.0.5.0/lib/ruby/stdlib/net/http.rb:927:in `block in connect'
    from org/jruby/ext/timeout/Timeout.java:127:in `timeout'
    from C:/jruby-9.0.5.0/lib/ruby/stdlib/net/http.rb:927:in `connect'
    from C:/jruby-9.0.5.0/lib/ruby/stdlib/net/http.rb:867:in `do_start'
    from C:/jruby-9.0.5.0/lib/ruby/stdlib/net/http.rb:856:in `start'
    from C:/jruby-9.0.5.0/lib/ruby/stdlib/net/http.rb:1388:in `request'

I have seen this issue and tried setting ssl_version, which didn't help at all.
@enebo enebo added the openssl label Mar 29, 2016
@enebo
Copy link
Member

enebo commented Mar 29, 2016

I added a line I think you accidentally deleted when you entered this issue (request= line...). I can reproduce this on MacOS so I think this is a generic openssl thing. I tried some of the TLS config flags to JVM mentioned in #2220 and I can confirm those do not change this behavior. I did confirm this does work on MRI 2.3 too.

@kares @mkristian you guys have any thoughts on this.

@mkristian
Copy link
Member

I could reproduce the error with jdk8 but jdk7 did work for me on my macos

got the idea from https://www.ssllabs.com/ssltest/analyze.html?d=rails-assets.org which does actually indicate the opposite outcome.

@lumrandir did you try different JDKs ?

@ghost
Copy link
Author

ghost commented Mar 30, 2016

@mkristian Oh, sorry, I forgot to mention JDK version being used. Added the line in the issue description. Tried this on JDK 7u79, and It works just fine. Guess I'll stick with it for a while.

@hut8
Copy link

hut8 commented Apr 3, 2016

Hey @mkristian and @lumrandir . I was able to reproduce this issue on jruby 9.0.5.0 with JDK 8. I did quite a bit of research and I think I found a solution.

I just changed the configuration for the cipher suites on that site (tenex/rails-assets@3120e5b). Can you try again with the same URL and confirm it doesn't break your JDK 7?

@ghost
Copy link
Author

ghost commented Apr 5, 2016

@hut8 it works OK on JDK 7/8, thank you. Guess I can close the issue now.

@ghost ghost closed this as completed Apr 5, 2016
@kares kares added this to the Invalid or Duplicate milestone Apr 5, 2016
@mkristian mkristian mentioned this issue May 4, 2016
Closed
@deivid-rodriguez deivid-rodriguez mentioned this issue Dec 15, 2020
Closed
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
openssl
Projects
None yet
Milestone
Invalid or Duplicate
Development

No branches or pull requests
4 participants
@enebo @mkristian @kares @hut8