Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ssl_bind not compatible with localhost integration #2708

Closed
erikaxel opened this issue Sep 22, 2021 · 4 comments · Fixed by #2764
Closed

ssl_bind not compatible with localhost integration #2708

erikaxel opened this issue Sep 22, 2021 · 4 comments · Fixed by #2764
Labels

Comments

@erikaxel
Copy link

@erikaxel erikaxel commented Sep 22, 2021

Hi,

I'm really happy that it is now (from v 5.5.0) possible to run Puma with self signed certificates generated by the localhost gem, However, I met a small bump trying to set it up.

I can run self signed SSL from the command line like this:
puma -b 'ssl://localhost:9292' config.ru
I would therefore expect one of the following to work in puma.rb:

ssl_bind 'localhost', '9292'
ssl_bind 'localhost', '9292', {}

However this does not work, I have to set it up like this:

  ssl_bind 'localhost', '9292', {
    key: "#{ENV["HOME"]}/.localhost/localhost.key",
    cert: "#{ENV["HOME"]}/.localhost/localhost.crt"
  }

I found this approach by reading #2706.

I think it would make sense to either support the first version (best in my opinion) or document the second one.

@nateberkopec
Copy link
Member

@nateberkopec nateberkopec commented Sep 22, 2021

As mentioned in #2706, you must require 'localhost' inside your application (in your case, inside config.ru).

@nateberkopec
Copy link
Member

@nateberkopec nateberkopec commented Sep 22, 2021

Oh! I'm sorry, I didn't read your report closely enough. You're right, that doesn't work and it totally should. Marking as bug.

@nateberkopec nateberkopec changed the title Self signed certificate config (via localhost gem) in puma.rb ssl_bind not compatible with localhost integration Sep 22, 2021
@rodzyn
Copy link
Contributor

@rodzyn rodzyn commented Nov 20, 2021

@erikaxel Is it still a bug? I failed to reproduce that in the latest master

@dentarg
Copy link
Member

@dentarg dentarg commented Dec 11, 2021

@rodzyn How did you try?

Using current master branch at 909f51e, this still fails for me:

ssl_bind "localhost", "9292"
$ cat test/config/ssl_self_signed_config.rb
require "localhost"
ssl_bind "localhost", "9292"
app do |env|
  [200, {}, ["embedded app"]]
end

$ b e bin/puma -C test/config/ssl_self_signed_config.rb
bundler: failed to load command: bin/puma (bin/puma)
/Users/dentarg/src/puma/lib/puma/dsl.rb:465:in `ssl_bind': wrong number of arguments (given 2, expected 3) (ArgumentError)
  from test/config/ssl_self_signed_config.rb:2:in `_load_from'
  from /Users/dentarg/src/puma/lib/puma/dsl.rb:81:in `instance_eval'
  from /Users/dentarg/src/puma/lib/puma/dsl.rb:81:in `_load_from'
  from /Users/dentarg/src/puma/lib/puma/configuration.rb:216:in `block in load'
  from /Users/dentarg/src/puma/lib/puma/configuration.rb:216:in `each'
  from /Users/dentarg/src/puma/lib/puma/configuration.rb:216:in `load'
  from /Users/dentarg/src/puma/lib/puma/launcher.rb:59:in `initialize'
  from /Users/dentarg/src/puma/lib/puma/cli.rb:71:in `new'
  from /Users/dentarg/src/puma/lib/puma/cli.rb:71:in `initialize'
  from bin/puma:8:in `new'
  from bin/puma:8:in `<top (required)>'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/cli/exec.rb:58:in `load'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/cli/exec.rb:58:in `kernel_load'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/cli/exec.rb:23:in `run'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/cli.rb:479:in `exec'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/vendor/thor/lib/thor/command.rb:27:in `run'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/vendor/thor/lib/thor/invocation.rb:127:in `invoke_command'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/vendor/thor/lib/thor.rb:392:in `dispatch'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/cli.rb:31:in `dispatch'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/vendor/thor/lib/thor/base.rb:485:in `start'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/cli.rb:25:in `start'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/exe/bundle:49:in `block in <top (required)>'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/friendly_errors.rb:103:in `with_friendly_errors'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/exe/bundle:37:in `<top (required)>'
  from /Users/dentarg/.gem/ruby/3.0.2/bin/bundle:23:in `load'
  from /Users/dentarg/.gem/ruby/3.0.2/bin/bundle:23:in `<main>'
ssl_bind "localhost", "9292", {}
$ cat test/config/ssl_self_signed_config.rb
require "localhost"
ssl_bind "localhost", "9292", {}
app do |env|
  [200, {}, ["embedded app"]]
end

$ b e bin/puma -C test/config/ssl_self_signed_config.rb
Puma starting in single mode...
* Puma version: 5.5.2 (ruby 3.0.2-p107) ("Zawgyi")
*  Min threads: 0
*  Max threads: 5
*  Environment: development
*          PID: 90874
bundler: failed to load command: bin/puma (bin/puma)
/Users/dentarg/src/puma/lib/puma/minissl.rb:243:in `key=': No such key file '' (ArgumentError)
  from /Users/dentarg/src/puma/lib/puma/minissl/context_builder.rb:30:in `context'
  from /Users/dentarg/src/puma/lib/puma/binder.rb:247:in `block in parse'
  from /Users/dentarg/src/puma/lib/puma/binder.rb:156:in `each'
  from /Users/dentarg/src/puma/lib/puma/binder.rb:156:in `parse'
  from /Users/dentarg/src/puma/lib/puma/runner.rb:155:in `load_and_bind'
  from /Users/dentarg/src/puma/lib/puma/single.rb:44:in `run'
  from /Users/dentarg/src/puma/lib/puma/launcher.rb:181:in `run'
  from /Users/dentarg/src/puma/lib/puma/cli.rb:80:in `run'
  from bin/puma:10:in `<top (required)>'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/cli/exec.rb:58:in `load'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/cli/exec.rb:58:in `kernel_load'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/cli/exec.rb:23:in `run'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/cli.rb:479:in `exec'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/vendor/thor/lib/thor/command.rb:27:in `run'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/vendor/thor/lib/thor/invocation.rb:127:in `invoke_command'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/vendor/thor/lib/thor.rb:392:in `dispatch'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/cli.rb:31:in `dispatch'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/vendor/thor/lib/thor/base.rb:485:in `start'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/cli.rb:25:in `start'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/exe/bundle:49:in `block in <top (required)>'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/lib/bundler/friendly_errors.rb:103:in `with_friendly_errors'
  from /Users/dentarg/.gem/ruby/3.0.2/gems/bundler-2.2.33/exe/bundle:37:in `<top (required)>'
  from /Users/dentarg/.gem/ruby/3.0.2/bin/bundle:23:in `load'
  from /Users/dentarg/.gem/ruby/3.0.2/bin/bundle:23:in `<main>'

dentarg added a commit to dentarg/puma that referenced this issue Dec 11, 2021
Close puma#2708
Close puma#2711

Co-authored-by: Marcin Olichwirowicz <marcin.olichwirowicz@nedap.com>
dentarg added a commit to dentarg/puma that referenced this issue Dec 12, 2021
Close puma#2708
Close puma#2711

Co-authored-by: Marcin Olichwirowicz <marcin.olichwirowicz@nedap.com>
dentarg added a commit to dentarg/puma that referenced this issue Dec 12, 2021
Close puma#2708
Close puma#2711

Co-authored-by: Marcin Olichwirowicz <marcin.olichwirowicz@nedap.com>
dentarg added a commit to dentarg/puma that referenced this issue Dec 13, 2021
Close puma#2708
Close puma#2711

Co-authored-by: Marcin Olichwirowicz <marcin.olichwirowicz@nedap.com>
nateberkopec pushed a commit that referenced this issue Jan 18, 2022
Close #2708
Close #2711

Co-authored-by: Marcin Olichwirowicz <marcin.olichwirowicz@nedap.com>

Co-authored-by: Marcin Olichwirowicz <marcin.olichwirowicz@nedap.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
4 participants