Bug #13170

OpenSSL::X509::Name#eql? broken in Ruby 2.4.0

Added by Iristyle (Ethan Brown) over 3 years ago. Updated over 3 years ago.

Target version:
ruby -v:
ruby 2.4.0p0 (2016-12-24 revision 57164) [x86_64-darwin15]


Previously the behavior in Ruby 2.3.1 and earlier was:

[1] pry(main)>[['CN', 'foo']]).eql?([['CN', 'bar']]))
=> false
[2] pry(main)>[['CN', 'foo']]).eql?([['CN', 'foo']]))
=> true
[3] pry(main)> RUBY_VERSION
=> "2.3.1"

In Ruby 2.4.0, the evaluation is backwards:

[1] pry(main)>[['CN', 'foo']]).eql?([['CN', 'bar']]))
=> true
[2] pry(main)>[['CN', 'foo']]).eql?([['CN', 'foo']]))
=> false
[3] pry(main)> RUBY_VERSION
=> "2.4.0"

This is due to the implementation of the function at

static VALUE ossl_x509name_eql(VALUE self, VALUE other)

Previously in 2.3.1 code returned (based on result = ossl_x509name_cmp0(self, other);):

return (result == 0) ? Qtrue : Qfalse;

Now the code has introduced a logic bug in 2.4.0 as of commit

return ossl_x509name_cmp0(self, other) ? Qtrue : Qfalse;

The code should be:

return (ossl_x509name_cmp0(self, other) == 0) ? Qtrue : Qfalse;

Updated by Iristyle (Ethan Brown) over 3 years ago

  • Description updated (diff)

Updated by Iristyle (Ethan Brown) over 3 years ago

A colleague has posted a pull request at fixing this issue.


Updated by Anonymous over 3 years ago

  • Status changed from Open to Closed

Applied in changeset r57482.

openssl: import v2.0.3

Import Ruby/OpenSSL 2.0.3. Only bugfixes. The full commit log since
2.0.2 (imported at r57146) can be found at:

Corey Bonnell (1):
Fix for ASN1::Constructive 'each' implementation

Kazuki Yamaguchi (10):
Fix build with static OpenSSL libraries on Windows
([ruby-core:78878] [Bug #13080])
Merge pull request #96 from CBonnell/master
Merge branch 'topic/windows-static-linking-without-pkg-config' into maint
appveyor.yml: update OpenSSL version to 1.0.2j
buffering: fix typo in doc
test/envutil: fix assert_raise_with_message
x509: fix OpenSSL::X509::Name#eql?
([ruby-core:79310] [Bug #13170])
ruby-openssl-docker: update versions of Ruby and OpenSSL
.travis.yml: test with Ruby 2.4
Ruby/OpenSSL 2.0.3

Updated by naruse (Yui NARUSE) over 3 years ago

  • Backport changed from 2.2: UNKNOWN, 2.3: UNKNOWN, 2.4: UNKNOWN to 2.2: UNKNOWN, 2.3: UNKNOWN, 2.4: DONE

ruby_2_4 r57881 merged revision(s) 57482.

Also available in: Atom PDF