-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unit tests no longer pass on OpenSSL 3.0 #8
Comments
I just had a quick run through of Here's an example failure for OpenSSL 3.0:
Versus OpenSSL 1.1.1:
I thought it made sense grouping issues for openssl-ccm and openssl-cmac together, but I can raise a separate issue if that's preferred 💯 |
Thank you very much @adfoster-r7. I am very happy about your PRs. It's been a long time since I last worked with Ruby, so this helps alot. Do you think it is possible for each gem, to make a small commit / PR first, where only ccm.rb / cmac.rb is changed? Maybe the memory for the initialization vector is no longer initialized with zero bytes by OpenSSL and contains data garbage. So it can be seen as an security improvement to force user to set/consider an own initialization vector and avoid to work with a constant default. |
I've created two new PRs with just the code changes, and it looks like the old Travis setup no longer triggers: Unfortunately Travis isn't really a viable option for running tests on Github for open source projects these days! Let me know if there's anything else I can do to help 👍 |
@SmallLars Let me know if there's anything I can do to help here 👍 As an additional data point - I've verified the fixes against our RubySMB Gem and all of our unit tests are passing now 👍 |
Thank you for landing + releasing the single line change PRs 🎉 |
Hi there @SmallLars - thanks for the openssl-ccm Gem! 👍
It looks like OpenSSL 3.0 is out now, and the library/unit tests no longer work as expected with OpenSSL 3.0
https://github.com/ruby/openssl/blob/b31446464e1e9f8bd0c58e92f9e74a9c7663b0e0/History.md#version-300
With a fresh Ubuntu 22.04 machine, and the default Ruby 3.0 and OpenSSL 3.0 install the test suite fails:
With openssl 1.1.1n and libressl tests pass as expected:
I'm happy to help out where possible, let me know your thoughts 👍
The text was updated successfully, but these errors were encountered: