From: v.ondruch@...
Date: 2014-09-11T14:11:23+00:00
Subject: [ruby-core:64964] [ruby-trunk - Bug #10229] [Open] RFC 5649 implementation in OpenSSL breaks Ruby.

Issue #10229 has been reported by Vit Ondruch.

----------------------------------------
Bug #10229: RFC 5649 implementation in OpenSSL breaks Ruby.
https://bugs.ruby-lang.org/issues/10229

* Author: Vit Ondruch
* Status: Open
* Priority: Normal
* Assignee: Martin Bosslet
* Category: ext/openssl
* Target version: 
* ruby -v: ruby 2.2.0dev (2014-09-11 trunk 47525) [x86_64-linux]
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
Recently updated OpenSSL in Fedora 21+ [1] introduces support for RFC 5649 [2, 3]. However, this breaks Ruby's test suite:

~~~
  4) Error:
OpenSSL::TestCipher#test_ciphers:
OpenSSL::Cipher::CipherError: wrap mode not allowed
    /builddir/build/BUILD/ruby-2.2.0-r47525/test/openssl/test_cipher.rb:107:in `initialize'
    /builddir/build/BUILD/ruby-2.2.0-r47525/test/openssl/test_cipher.rb:107:in `new'
    /builddir/build/BUILD/ruby-2.2.0-r47525/test/openssl/test_cipher.rb:107:in `block in test_ciphers'
    /builddir/build/BUILD/ruby-2.2.0-r47525/test/openssl/test_cipher.rb:105:in `each'
    /builddir/build/BUILD/ruby-2.2.0-r47525/test/openssl/test_cipher.rb:105:in `test_ciphers'
~~~

I've been suggested by OpenSSL maintainer, that I should ignore the wrap ciphers, so I am going to use this patch for the moment:

~~~
diff --git a/test/openssl/test_cipher.rb b/test/openssl/test_cipher.rb
index 156fa2a..3eaf642 100644
--- a/test/openssl/test_cipher.rb
+++ b/test/openssl/test_cipher.rb
@@ -104,6 +104,7 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
     def test_ciphers
       OpenSSL::Cipher.ciphers.each{|name|
         next if /netbsd/ =~ RUBY_PLATFORM && /idea|rc5/i =~ name
+        next if /wrap/ =~ name
         assert(OpenSSL::Cipher::Cipher.new(name).is_a?(OpenSSL::Cipher::Cipher))
       }
     end
~~~

but I'd like see this resolved correctly.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1121658
[2] http://tools.ietf.org/html/rfc5649
[3] https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c6f338657758d5f83c25912bed94ab4fd5058168




-- 
https://bugs.ruby-lang.org/