Skip to content

ossl.c: implement OpenSSL::OpenSSLError#detailed_message #976

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rhenium merged 1 commit into from
Dec 13, 2025
Merged

ossl.c: implement OpenSSL::OpenSSLError#detailed_message #976

rhenium merged 1 commit into from
Dec 13, 2025
+100 −16

Conversation

@rhenium
Copy link
Member

@rhenium rhenium commented Dec 5, 2025
edited
Loading

An OpenSSL function sometimes puts more than one error entry into the thread-local error queue. We currently use the last, the highest level entry for generating the exception message. The rest is silently dropped unless OpenSSL.debug is set to true, which makes it print to rb_warn().

Capture all current OpenSSL error queue contents into OpenSSL::OpenSSLError#errors in ossl_make_error(), and extend OpenSSL::OpenSSLError#detailed_message to include the information.

An example:

$ ruby -Ilib -ropenssl -e'OpenSSL::X509::ExtensionFactory.new.create_ext("a", "b")'
-e:1:in 'OpenSSL::X509::ExtensionFactory#create_ext': a = b: error in extension (name=a, value=b) (OpenSSL::X509::ExtensionError)
OpenSSL error queue reported 2 errors:
error:11000082:X509 V3 routines:do_ext_nconf:unknown extension name
error:11000080:X509 V3 routines:X509V3_EXT_nconf_int:error in extension (name=a, value=b)
        from -e:1:in '<main>'

Closes #312.

@rhenium rhenium force-pushed the ky/err-extras branch 2 times, most recently from b70d4c1 to 5d5d8a7 Compare December 5, 2025 13:06
@rhenium
ossl.c: implement OpenSSL::OpenSSLError#detailed_message
d28f7a9 
An OpenSSL function sometimes puts more than one error entry into the
thread-local OpenSSL error queue. Currently, we use the highest-level
entry for generating the exception message and discard the rest.

Let ossl_make_error() capture all current OpenSSL error queue contents
into OpenSSL::OpenSSLError#errors and extend
OpenSSL::OpenSSLError#detailed_message to include the information.

An example:

    $ ruby -Ilib -ropenssl -e'OpenSSL::X509::ExtensionFactory.new.create_ext("a", "b")'
    -e:1:in 'OpenSSL::X509::ExtensionFactory#create_ext': a = b: error in extension (name=a, value=b) (OpenSSL::X509::ExtensionError)
    OpenSSL error queue reported 2 errors:
    error:11000082:X509 V3 routines:do_ext_nconf:unknown extension name
    error:11000080:X509 V3 routines:X509V3_EXT_nconf_int:error in extension (name=a, value=b)
            from -e:1:in '<main>'
rhenium
rhenium commented Dec 13, 2025
View reviewed changes
ext/openssl/extconf.rb
Comment on lines +41 to +42
# Missing in TruffleRuby
have_func("rb_call_super_kw(0, NULL, 0)", "ruby.h")
Copy link
Member Author

@rhenium rhenium Dec 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Upstream issue: truffleruby/truffleruby#4056

@rhenium rhenium merged commit 7999e1e into ruby:master Dec 13, 2025
44 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

how to return SSL error stack

1 participant

@rhenium