You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have a server using openssl 3.0.3 (i.e. written i C).
This has worked with all kinds of different clients (ruby, C, java...) without any problem... except now, with the latest ruby gem, openssl 3.0.0.
The behavior is odd: It successfully connects, and exchanges a request and response, and then it seems the client just disconnects (from the server's perspective; there's no difference in the server openssl debug output from a normal disconnect, it just happens prematurely).
We have pin-pointed the problem to the transition from ruby 3.0.4 to 3.1.0:
This works:
ruby 3.0.4p208 (2022-04-12 revision 3fa771dded) [x86_64-linux]
openssl-2.2.1 OR 3.0.0
This does not work:
ruby 3.1.0p0 (2021-12-25 revision fb4df44d16) [x86_64-linux]
openssl-2.2.1 OR 3.0.0
As seen, it apparently depends on the ruby version. Both gems have
OpenSSL::OPENSSL_VERSION => "OpenSSL 1.1.1k FIPS 25 Mar 2021"
The same problem remains in ruby 3.1.2 (which has the same gem as 3.1.0). This was tested on AlmaLinux 8.4 (i.e. Redhat 8.4).
The client doesn't do anything special, it's using a CA certificate and a p12, and sets ssl_version = :TLSv1_2, connecting with Net::HTTP.new. (And as mention, the connection works, it just drops it, I think when it attempts to read the first response.)
The text was updated successfully, but these errors were encountered:
We have a server using openssl 3.0.3 (i.e. written i C).
This has worked with all kinds of different clients (ruby, C, java...) without any problem... except now, with the latest ruby gem, openssl 3.0.0.
The behavior is odd: It successfully connects, and exchanges a request and response, and then it seems the client just disconnects (from the server's perspective; there's no difference in the server openssl debug output from a normal disconnect, it just happens prematurely).
We have pin-pointed the problem to the transition from ruby 3.0.4 to 3.1.0:
This works:
ruby 3.0.4p208 (2022-04-12 revision 3fa771dded) [x86_64-linux]
openssl-2.2.1 OR 3.0.0
This does not work:
ruby 3.1.0p0 (2021-12-25 revision fb4df44d16) [x86_64-linux]
openssl-2.2.1 OR 3.0.0
As seen, it apparently depends on the ruby version. Both gems have
OpenSSL::OPENSSL_VERSION => "OpenSSL 1.1.1k FIPS 25 Mar 2021"
The same problem remains in ruby 3.1.2 (which has the same gem as 3.1.0). This was tested on AlmaLinux 8.4 (i.e. Redhat 8.4).
The client doesn't do anything special, it's using a CA certificate and a p12, and sets ssl_version = :TLSv1_2, connecting with Net::HTTP.new. (And as mention, the connection works, it just drops it, I think when it attempts to read the first response.)
The text was updated successfully, but these errors were encountered: