Project

General

Profile

Bug #4919

OpenSSL::SSL::Sesssion#time= に Bignum を渡すと ArgumentError が発生する

Added by nagachika (Tomoyuki Chikanaga) over 8 years ago. Updated over 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
ruby -v:
-
Backport:
[ruby-dev:43869]

Description

掲題のような理由で make test-all TESTS="-v openssl/test_ssl_session.rb" を実行すると 1E になります。

1) Error:
test_session(OpenSSL::TestSSLSession):
ArgumentError: unknown type
/opt/ruby-trunk/src/ruby/test/openssl/test_ssl_session.rb:21:in time='
/opt/ruby-trunk/src/ruby/test/openssl/test_ssl_session.rb:21:in
block in test_session'
/opt/ruby-trunk/src/ruby/test/openssl/utils.rb:280:in call'
/opt/ruby-trunk/src/ruby/test/openssl/utils.rb:280:in
start_server'
/opt/ruby-trunk/src/ruby/test/openssl/test_ssl_session.rb:7:in `test_session'

32bit 版のため Time.now.to_i が Bignum になり、OpenSSL::SSL::Sesssion#time= がこれをエラーとして弾くようです。

とりあえず以下のように Bignum 受け付けるようにしてみたところテストのErrorは回避されました。

--- a/ext/openssl/ossl_ssl_session.c
+++ b/ext/openssl/ossl_ssl_session.c
@@ -149,7 +149,7 @@ static VALUE ossl_ssl_session_get_timeout(VALUE self)
\
if (rb_obj_is_instance_of(time_v, rb_cTime)) { \
time_v = rb_funcall(time_v, rb_intern("to_i"), 0); \

  • } else if (FIXNUM_P(time_v)) { \
  • } else if (FIXNUM_P(time_v) || TYPE(time_v) == T_BIGNUM) { \ ; \ } else { \ rb_raise(rb_eArgError, "unknown type"); \

Related issues

Related to Ruby master - Bug #4923: [ext/openssl] test_ssl.rb: test_client_auth failsClosed06/23/2011Actions

Associated revisions

Revision 8d836a15
Added by emboss over 8 years ago

  • ext/openssl/ossl_ssl_session.c: Respect T_BIGNUM time values. Patch by Tomoyuki Chikanaga. [ Ruby 1.9 - Bug #4919 ] [ruby-dev:43869]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32203 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 32203
Added by emboss over 8 years ago

  • ext/openssl/ossl_ssl_session.c: Respect T_BIGNUM time values. Patch by Tomoyuki Chikanaga. [ Ruby 1.9 - Bug #4919 ] [ruby-dev:43869]

Revision 32203
Added by emboss over 8 years ago

  • ext/openssl/ossl_ssl_session.c: Respect T_BIGNUM time values. Patch by Tomoyuki Chikanaga. [ Ruby 1.9 - Bug #4919 ] [ruby-dev:43869]

Revision 32203
Added by emboss over 8 years ago

  • ext/openssl/ossl_ssl_session.c: Respect T_BIGNUM time values. Patch by Tomoyuki Chikanaga. [ Ruby 1.9 - Bug #4919 ] [ruby-dev:43869]

Revision 32203
Added by emboss over 8 years ago

  • ext/openssl/ossl_ssl_session.c: Respect T_BIGNUM time values. Patch by Tomoyuki Chikanaga. [ Ruby 1.9 - Bug #4919 ] [ruby-dev:43869]

Revision 32203
Added by emboss over 8 years ago

  • ext/openssl/ossl_ssl_session.c: Respect T_BIGNUM time values. Patch by Tomoyuki Chikanaga. [ Ruby 1.9 - Bug #4919 ] [ruby-dev:43869]

Revision 32203
Added by emboss over 8 years ago

  • ext/openssl/ossl_ssl_session.c: Respect T_BIGNUM time values. Patch by Tomoyuki Chikanaga. [ Ruby 1.9 - Bug #4919 ] [ruby-dev:43869]

Revision 544daf1f
Added by nahi (Hiroshi Nakamura) over 8 years ago

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_time): Check
    argument type with NUM2LONG if the arg is not a Time object.
    See #4919.

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_timeout): Check
    type with NUM2LONG. Time as an arg is not allowed. See #4919.

  • test/openssl/test_ssl_session.rb (test_session_time,
    test_session_timeout): Test it.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32211 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 32211
Added by nahi (Hiroshi Nakamura) over 8 years ago

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_time): Check
    argument type with NUM2LONG if the arg is not a Time object.
    See #4919.

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_timeout): Check
    type with NUM2LONG. Time as an arg is not allowed. See #4919.

  • test/openssl/test_ssl_session.rb (test_session_time,
    test_session_timeout): Test it.

Revision 32211
Added by nahi (Hiroshi Nakamura) over 8 years ago

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_time): Check
    argument type with NUM2LONG if the arg is not a Time object.
    See #4919.

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_timeout): Check
    type with NUM2LONG. Time as an arg is not allowed. See #4919.

  • test/openssl/test_ssl_session.rb (test_session_time,
    test_session_timeout): Test it.

Revision 32211
Added by nahi (Hiroshi Nakamura) over 8 years ago

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_time): Check
    argument type with NUM2LONG if the arg is not a Time object.
    See #4919.

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_timeout): Check
    type with NUM2LONG. Time as an arg is not allowed. See #4919.

  • test/openssl/test_ssl_session.rb (test_session_time,
    test_session_timeout): Test it.

Revision 32211
Added by nahi (Hiroshi Nakamura) over 8 years ago

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_time): Check
    argument type with NUM2LONG if the arg is not a Time object.
    See #4919.

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_timeout): Check
    type with NUM2LONG. Time as an arg is not allowed. See #4919.

  • test/openssl/test_ssl_session.rb (test_session_time,
    test_session_timeout): Test it.

Revision 32211
Added by nahi (Hiroshi Nakamura) over 8 years ago

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_time): Check
    argument type with NUM2LONG if the arg is not a Time object.
    See #4919.

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_timeout): Check
    type with NUM2LONG. Time as an arg is not allowed. See #4919.

  • test/openssl/test_ssl_session.rb (test_session_time,
    test_session_timeout): Test it.

Revision 32211
Added by nahi (Hiroshi Nakamura) over 8 years ago

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_time): Check
    argument type with NUM2LONG if the arg is not a Time object.
    See #4919.

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_timeout): Check
    type with NUM2LONG. Time as an arg is not allowed. See #4919.

  • test/openssl/test_ssl_session.rb (test_session_time,
    test_session_timeout): Test it.

Revision df273d60
Added by yugui (Yuki Sonoda) over 8 years ago

merges 32211 from trunk into ruby_1_9_2.

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_time): Check
    argument type with NUM2LONG if the arg is not a Time object.
    See #4919.

  • ext/openssl/ossl_ssl_session.c (ossl_ssl_session_set_timeout): Check
    type with NUM2LONG. Time as an arg is not allowed. See #4919.

  • test/openssl/test_ssl.rb (test_session_time,
    test_session_timeout): Test it.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@32880 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

History

Updated by MartinBosslet (Martin Bosslet) over 8 years ago

I get the same result for OpenSSL 0.9.8k plus an additional error when running

make test-all -TESTS="openssl"

on revision 32199.

1) Error:
test_connect_and_close(OpenSSL::TestSSL):
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert illegal parameter
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl.rb:46:in connect'
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl.rb:46:in
block in test_connect_and_close'
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/utils.rb:280:in call'
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/utils.rb:280:in
start_server'
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl.rb:35:in `test_connect_and_close'

2) Error:
test_session(OpenSSL::TestSSLSession):
ArgumentError: unknown type
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:21:in time='
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:21:in
block in test_session'
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/utils.rb:280:in call'
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/utils.rb:280:in
start_server'
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:7:in `test_session'

The latter can be solved by Tomoyuki's suggested fix.

Two questions:
1) Is it OK if I apply the fix?
2) Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...

Regards,
Martin

Updated by nagachika (Tomoyuki Chikanaga) over 8 years ago

Hi, Martin

1) Is it OK if I apply the fix?
Yes, please apply it. :)

2) Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Regards,

#3

Updated by Anonymous over 8 years ago

  • Status changed from Open to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r32203.
Tomoyuki, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


  • ext/openssl/ossl_ssl_session.c: Respect T_BIGNUM time values. Patch by Tomoyuki Chikanaga. [ Ruby 1.9 - Bug #4919 ] [ruby-dev:43869]

Updated by nahi (Hiroshi Nakamura) over 8 years ago

  • ruby -v changed from ruby 1.9.3dev (2011-06-22 trunk 32198) [i686-linux] to -

報告ありがとうございます。32bit環境で落ちるとか考えてませんでした。。。
Thanks for the report. I was not aware that the code has 64bit dependency...

On Wed, Jun 22, 2011 at 18:45, Tomoyuki Chikanaga nagachika00@gmail.com wrote:

1) Is it OK if I apply the fix?
Yes, please apply it. :)

I modified it a little at r32211.

Martin, please add a test when you commit a gift patch. Thanks!

2) Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Please file it.

Regards,
// NaHi

Updated by nahi (Hiroshi Nakamura) over 8 years ago

報告ありがとうございます。32bit環境で落ちるとか考えてませんでした。。。
Thanks for the report. I was not aware that the code has 64bit dependency...

On Wed, Jun 22, 2011 at 18:45, Tomoyuki Chikanaga nagachika00@gmail.com wrote:

1) Is it OK if I apply the fix?
Yes, please apply it. :)

I modified it a little at r32211.

Martin, please add a test when you commit a gift patch. Thanks!

2) Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Please file it.

Regards,
// NaHi

Updated by MartinBosslet (Martin Bosslet) over 8 years ago

2011/6/23 Hiroshi Nakamura nakahiro@gmail.com:

報告ありがとうございます。32bit環境で落ちるとか考えてませんでした。。。
Thanks for the report. I was not aware that the code has 64bit dependency...

On Wed, Jun 22, 2011 at 18:45, Tomoyuki Chikanaga nagachika00@gmail.com wrote:

1) Is it OK if I apply the fix?
Yes, please apply it. :)

I modified it a little at r32211.

This gives me: (Ubuntu 10.04 32bit, OpenSSL 0.9.8k)

1) Error:
test_session_time(OpenSSL::TestSSLSession):
RangeError: bignum too big to convert into long'
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:71:in
time='
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:71:in
`test_session_time'

2) Error:
test_session_timeout(OpenSSL::TestSSLSession):
RangeError: bignum too big to convert into long'
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:84:in
timeout='
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:84:in
`test_session_timeout'

Martin, please add a test when you commit a gift patch. Thanks!

I assumed the broken test would cover the patch code - but you're
right, I should add tests
that specifically test new features/improvements - I'll pay more
attention to that in the future!

2) Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Please file it.

Just wanted to do that, but it seems it's fixed in 32211 - can't
reproduce it anymore :)

Regards,
Martin

Updated by MartinBosslet (Martin Bosslet) over 8 years ago

2011/6/23 Hiroshi Nakamura nakahiro@gmail.com:

報告ありがとうございます。32bit環境で落ちるとか考えてませんでした。。。
Thanks for the report. I was not aware that the code has 64bit dependency...

On Wed, Jun 22, 2011 at 18:45, Tomoyuki Chikanaga nagachika00@gmail.com wrote:

1) Is it OK if I apply the fix?
Yes, please apply it. :)

I modified it a little at r32211.

This gives me: (Ubuntu 10.04 32bit, OpenSSL 0.9.8k)

1) Error:
test_session_time(OpenSSL::TestSSLSession):
RangeError: bignum too big to convert into long'
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:71:in
time='
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:71:in
`test_session_time'

2) Error:
test_session_timeout(OpenSSL::TestSSLSession):
RangeError: bignum too big to convert into long'
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:84:in
timeout='
/home/martin/Projekte/Ruby/ruby-svn/ruby/test/openssl/test_ssl_session.rb:84:in
`test_session_timeout'

Martin, please add a test when you commit a gift patch. Thanks!

I assumed the broken test would cover the patch code - but you're
right, I should add tests
that specifically test new features/improvements - I'll pay more
attention to that in the future!

2) Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Please file it.

Just wanted to do that, but it seems it's fixed in 32211 - can't
reproduce it anymore :)

Regards,
Martin

Updated by nahi (Hiroshi Nakamura) over 8 years ago

2011/6/23 Martin Boßlet martin.bosslet@googlemail.com:

I modified it a little at r32211.

This gives me: (Ubuntu 10.04 32bit, OpenSSL 0.9.8k)

Aaaaarhg! Sorry, 2**31 is not in a signed long value. Miserable me...
Fixed at r32212.

Martin, please add a test when you commit a gift patch. Thanks!

I assumed the broken test would cover the patch code - but you're
right, I should add tests
that specifically test new features/improvements - I'll pay more
attention to that in the future!

Ah, sure, I should have written more tests when I wrote a testcase.

2) Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Please file it.

Just wanted to do that, but it seems it's fixed in 32211 - can't
reproduce it anymore :)

Indeed? I don't think fixes of today affect SSL negotiation... Please
file a new ticket when you get kind of SSL error next time. Log dump
(w/o reproducible script) is far better than nothing.

Regards,
// NaHi

Updated by nahi (Hiroshi Nakamura) over 8 years ago

2011/6/23 Martin Boßlet martin.bosslet@googlemail.com:

I modified it a little at r32211.

This gives me: (Ubuntu 10.04 32bit, OpenSSL 0.9.8k)

Aaaaarhg! Sorry, 2**31 is not in a signed long value. Miserable me...
Fixed at r32212.

Martin, please add a test when you commit a gift patch. Thanks!

I assumed the broken test would cover the patch code - but you're
right, I should add tests
that specifically test new features/improvements - I'll pay more
attention to that in the future!

Ah, sure, I should have written more tests when I wrote a testcase.

2) Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Please file it.

Just wanted to do that, but it seems it's fixed in 32211 - can't
reproduce it anymore :)

Indeed? I don't think fixes of today affect SSL negotiation... Please
file a new ticket when you get kind of SSL error next time. Log dump
(w/o reproducible script) is far better than nothing.

Regards,
// NaHi

Updated by MartinBosslet (Martin Bosslet) over 8 years ago

Hiroshi NAKAMURA wrote:

Aaaaarhg! Sorry, 2**31 is not in a signed long value. Miserable me...
Fixed at r32212.

No problem, works fine now. Happens to the best of us ;)

2) Anyone else getting the "sslv3 alert illegal parameter"? I get it most of the time but not always...
I can't get this error on Ubuntu 10.4 with openssl(0.9.8k-7ubuntu).

Please file it.

Just wanted to do that, but it seems it's fixed in 32211 - can't
reproduce it anymore :)

Indeed? I don't think fixes of today affect SSL negotiation... Please
file a new ticket when you get kind of SSL error next time. Log dump
(w/o reproducible script) is far better than nothing.

I was finally able to reproduce it, although with a different error message this time. Cf. http://redmine.ruby-lang.org/issues/4923. I suspect it could be related to OpenSSL 1.0.0, since I could not reproduce it with 0.9.8k.

Regards,
Martin

Also available in: Atom PDF