Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-8352

Puppet's webrick master fails on Ruby 2.4.3

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Normal
    • Resolution: Duplicate
    • Affects Version/s: None
    • Fix Version/s: PUP 5.3.4
    • Component/s: None
    • Labels:
      None
    • Template:
      PUP Bug Template
    • Sub-team:
    • Team:
      Platform Core
    • Sprint:
      Platform Core KANBAN
    • Method Found:
      Needs Assessment
    • QA Risk Assessment:
      No Action

      Description

      Puppet Version: 5.3.x
      Ruby Version: 2.4.3

      Ruby 2.4.3 contains a backported fix to webrick. See https://github.com/ruby/ruby/commit/2e728d51e70ed3756ad760c687a08b8487b0112f
      and https://github.com/ruby/ruby/compare/v2_4_2...v2_4_3#diff-5396c7bc1e5154a82bf825e6bf470f80 which breaks puppet master (webrick).

      When an agent connects, the SSL handshake succeeds, but the connection fails as soon as the agent sends data. The puppet webrick log shows:

      [2018-01-12 13:46:06] ERROR OpenSSL::SSL::SSLError: SSL_accept returned=1 errno=0 state=unknown state: unexpected record
      	/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/webrick.rb:32:in `accept'
      	/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/webrick.rb:32:in `block (2 levels) in listen'
      

      While the agent reports:

      Warning: Unable to fetch my node definition, but the agent run will continue:
      Warning: SSL_read: decryption failed or bad record mac
      

      If you revert ruby's /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/webrick.rb back to v2.4.2, then it works ok.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                josh Josh Cooper
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Zendesk Support