New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Possible regression in Sidekiq 6.0.7 with Redis and SSL certs #4531
Comments
It looks like the deep cloning by using |
I wonder why it doesn't implement Marshal. A Certificate is just a blob of data... |
Support was added six months ago. I don't know which versions of Ruby will include this change. |
I bundled the gem and tried |
Absolutely. Please add a test case and changelog entry too. |
#4532) In 3f9c4bf the Redis connection options began to be cloned (via dumping and re-marshalling) to avoid issues with password redaction in logging altering the connection options and breaking authentication with Sentinels. Unfortunately, this change caused an exception on boot for users of Redis over SSL. The `OpenSSL::X509::Store` object used for SSL certs is not yet dumpable in the bundled OpenSSL wrapper for current Rubies (although it does in master as of ruby/openssl#281). The fix here prunes the `ssl_params` options out of the Redis configuration options before the dumping and marshalling. It's probably better not to include those in logging anyway for privacy purposes. Fix #4531
@mperham thank you for the quick review and merge! |
Your fix was actually better than mine so thank you! |
Ruby version:
Sidekiq 6.0.7 / Pro 5.0.1 / Enterprise 2.0.1
We tested this with OSS Sidekiq as well and got the same result.
Please include your initializer and any error message with the full backtrace.
The crash looks like this and happens on dyno boot:
It looks like the failure is something with our cert (we use Redis over SSL through RedisLabs), but we've never seen this happen before. Any ideas? Line 25 is the interior of the
Sidekiq.configure_server
block.The text was updated successfully, but these errors were encountered: