Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

JRuby's OpenSSL::SSL::SSLContext#ssl_version= does not handle unsupported SSL protocol versions the same way as MRI #1736

aetherknight opened this issue Jun 11, 2014 · 1 comment


Copy link

When given an an unsupported/unknown SSL version, MRI 1.9.3 and 2.0 raise an ArgumentError, while JRuby 1.7.12 raises an OpenSSL::SSL::SSLError:

$ ruby --version
ruby 1.9.3p545 (2014-02-24 revision 45159) [x86_64-darwin13.2.0]

$ ruby -ropenssl -e 'p = "TLSv1_1"'
-e:1:in `ssl_version=': unknown SSL method `TLSv1.1'. (ArgumentError)
    from -e:1:in `<main>'
$ ruby --version
ruby 2.0.0p451 (2014-02-24 revision 45167) [x86_64-darwin12.5.0]

$ ruby -ropenssl -e 'p = "TLSv1.1"'
-e:1:in `ssl_version=': unknown SSL method `TLSv1.1'. (ArgumentError)
    from -e:1:in `<main>'
$ jruby --version
jruby 1.7.12 (1.9.3p392) 2014-04-15 643e292 on Java HotSpot(TM) 64-Bit Server VM 1.7.0_55-b13 [darwin-x86_64]

$ jruby -ropenssl -e 'p"TLSv1.2"'
OpenSSL::SSL::SSLError: unknown SSL method `TLSv1.2'.
  ssl_version= at org/jruby/ext/openssl/
        (root) at -e:1

JRuby's current tip of master also appears to still have this issue in ext/openssl/src/main/java/org/jruby/ext/openssl/ It calls newSSLError() to create the error object.

    @JRubyMethod(name = "ssl_version=")
    public IRubyObject set_ssl_version(IRubyObject version) {
        final String versionStr;
        if ( version instanceof RubyString ) {
            versionStr = version.convertToString().toString();
        } else {
            versionStr = version.toString();
        final String mapped = SSL_VERSION_OSSL2JSSE.get(versionStr);
        if ( mapped == null ) {
            throw newSSLError(getRuntime(), String.format("unknown SSL method `%s'.", versionStr));
        protocol = mapped;
        protocolForServer = ! versionStr.endsWith("_client");
        protocolForClient = ! versionStr.endsWith("_server");
        return version;

Split out of #1733

@kares kares self-assigned this Apr 9, 2015
kares added a commit to jruby/jruby-openssl that referenced this issue Apr 9, 2015
Copy link

kares commented Apr 15, 2015

this should now behave the same as MRI (in jruby-openssl >= 0.9.7), thanks for the report!

@kares kares closed this as completed Apr 15, 2015
@enebo enebo added this to the Non-Release milestone Apr 28, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

No branches or pull requests

4 participants