Skip to content

OpenSSL::X509::Certificate regression in 1.7.23 and 9.0.4.0 #78

New issue
New issue
Closed
Closed
OpenSSL::X509::Certificate regression in 1.7.23 and 9.0.4.0#78
@tagomoris

Description

@tagomoris
tagomoris
opened on Dec 24, 2015

In my environment, JRuby 1.7.23 (& 1.7.22) and 9.0.4.0 crash when Certificate#to_text called.

Certificate#to_text always called when WEBrick starts with SSL configuration, so it always crashes.

# show_cert.rb
p PLATFORM
p RUBY_VERSION
key = OpenSSL::PKey::RSA.generate(2048)

issuer = subject = OpenSSL::X509::Name.new
subject.add_entry('C', 'JP')
subject.add_entry('ST', 'Tokyo')
subject.add_entry('L', 'Chiyoda')
subject.add_entry('CN', 'demo.example.com')

digest = OpenSSL::Digest::SHA1.new

cert = OpenSSL::X509::Certificate.new
cert.not_before = Time.at(0)
cert.not_after = Time.now + 5 * 365 * 86400 # 5 years after
cert.public_key = key
cert.serial = 1
cert.issuer = issuer
cert.subject = subject
cert.add_extension OpenSSL::X509::Extension.new('basicConstraints', OpenSSL::ASN1.Sequence([OpenSSL::ASN1::Boolean(true)]))
cert.sign(key, digest)

p cert
puts cert.to_text

9.0.4.0:

$ ruby -v
jruby 9.0.4.0 (2.2.2) 2015-11-12 b9fb7aa Java HotSpot(TM) 64-Bit Server VM 25.31-b07 on 1.8.0_31-b13 +jit [darwin-x86_64]
$ ruby show_cert.rb 
"java"
"2.2.2"
#<OpenSSL::X509::Certificate:0x5b799640 subject=/C=JP/ST=Tokyo/L=Chiyoda/CN=demo.example.com, issuer=/C=JP/ST=Tokyo/L=Chiyoda/CN=demo.example.com, serial=1, not_before=1970-01-01 00:00:00 UTC, not_after=2020-12-22 12:18:42 UTC>
Unhandled Java exception: java.lang.NullPointerException
java.lang.NullPointerException: null
           other2long at org/jruby/RubyNumeric.java:214
             num2long at org/jruby/RubyNumeric.java:209
              fix2int at org/jruby/RubyNumeric.java:275
              to_text at org/jruby/ext/openssl/X509Cert.java:313
         cacheAndCall at org/jruby/runtime/callsite/CachingCallSite.java:293
                 call at org/jruby/runtime/callsite/CachingCallSite.java:131
                <top> at show_cert.rb:34
  invokeWithArguments at java/lang/invoke/MethodHandle.java:636
                 load at org/jruby/ir/Compiler.java:111
            runScript at org/jruby/Ruby.java:821
            runScript at org/jruby/Ruby.java:813
          runNormally at org/jruby/Ruby.java:751
          runFromMain at org/jruby/Ruby.java:573
        doRunFromMain at org/jruby/Main.java:409
          internalRun at org/jruby/Main.java:304
                  run at org/jruby/Main.java:233
                 main at org/jruby/Main.java:200

1.7.23:

$ ruby -v
jruby 1.7.23 (1.9.3p551) 2015-11-24 f496dd5 on Java HotSpot(TM) 64-Bit Server VM 1.8.0_31-b13 +jit [darwin-x86_64]
$ ruby show_cert.rb 
"java"
"1.9.3"
#<OpenSSL::X509::Certificate:0xf736069 subject=/C=JP/ST=Tokyo/L=Chiyoda/CN=demo.example.com, issuer=/C=JP/ST=Tokyo/L=Chiyoda/CN=demo.example.com, serial=1, not_before=1970-01-01 00:00:00 UTC, not_after=2020-12-22 12:19:33 UTC>
RubyNumeric.java:202:in `other2long': java.lang.NullPointerException
    from RubyNumeric.java:197:in `num2long'
    from RubyNumeric.java:263:in `fix2int'
    from X509Cert.java:313:in `to_text'
    from X509Cert$INVOKER$i$0$0$to_text.gen:-1:in `call'
    from CachingCallSite.java:306:in `cacheAndCall'
    from CachingCallSite.java:136:in `call'
    from show_cert.rb:34:in `__file__'
    from show_cert.rb:-1:in `load'
    from Ruby.java:857:in `runScript'
    from Ruby.java:850:in `runScript'
    from Ruby.java:729:in `runNormally'
    from Ruby.java:578:in `runFromMain'
    from Main.java:393:in `doRunFromMain'
    from Main.java:288:in `internalRun'
    from Main.java:217:in `run'
    from Main.java:197:in `main'

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions