[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ruby-core
Subject:    [ruby-core:66588] [ruby-trunk - Bug #10467] [Closed] net/http reconnects without SNI
From:       naruse () airemix ! jp
Date:       2014-11-30 8:35:17
Message-ID: redmine.journal-50203.20141130083517.d606f5b63a7497b3 () ruby-lang ! org
[Download RAW message or body]

Issue #10467 has been updated by Yui NARUSE.

Status changed from Open to Closed

----------------------------------------
Bug #10467: net/http reconnects without SNI
https://bugs.ruby-lang.org/issues/10467#change-50203

* Author: Ben Roberts
* Status: Closed
* Priority: Normal
* Assignee: Yui NARUSE
* Category: lib
* Target version: current: 2.2.0
* ruby -v: ruby 2.1.2p95 (2014-05-08 revision 45877) [x86_64-linux] AND ruby \
                2.2.0preview1 (2014-09-17 trunk 47616) [x86_64-linux] 
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
When using net/http and reusing a connection after a 5 minute timeout, the \
reconnection fails on Servers using SNI that do not return the same ssl key when \
using a non-sni connection.

I used wireshark to confirm that the second attempt to connect is returning the \
incorrect SSL certificate (the certificate the server returns without the hostname \
set)

Attaching a test script to easily reproduce the error.

---Files--------------------------------
test.rb (1019 Bytes)


-- 
https://bugs.ruby-lang.org/


[prev in list] [next in list] [prev in thread] [next in thread]