From: James Tucker <jftucker@gmail.com>
To: Rack Development <rack-devel@googlegroups.com>
Subject: Re: newby issue with rack-ssl gem
Date: Sat, 17 Dec 2016 17:49:13 -0800 [thread overview]
Message-ID: <CABGa_T8+eahWOt=Wgw2EPG+75TnZeBJXSRS1xa++0Zf4BB94_Q@mail.gmail.com> (raw)
In-Reply-To: <d36ffbe8-00ed-4fce-bbd4-44eb14881c5b@googlegroups.com>
[-- Attachment #1: Type: text/plain, Size: 1643 bytes --]
On Dec 17, 2016 5:42 PM, "Rich Morin" <rdm@cfcl.com> wrote:
On Saturday, December 17, 2016 at 5:08:12 PM UTC-8, raggi wrote:
>
> This is a web server issue, not a rack issue. Most webservers will not let
> you serve plaintext and TLS over the same port. When I say most, I mean I
> don't know of any ruby webservers that support this, as all of them rely on
> openssl listen sockets for TLS.
>
Hmmm. A lot of web servers I've encountered force a switch from HTTP to
HTTPS, but then, they're also switching from port 80 to port 443.
Thats precisely the point.
I suppose that I could redirect requests from (say) http://<IP>:34567/...
to https://<IP>:44567/..., but I'm not sure how useful that would be.
Also, not exactly sure how to do this.
Any other suggestions, anyone?
Your other option is to fingerprint the first few bytes, which are more
than sufficient to determine http/http2/TLS clienthello/unknown. Like I
said, I don't know of any ruby implementations of this, so you'd likely
have to write one. It's not particularly tricky.
-r
--
---
You received this message because you are subscribed to the Google Groups
"Rack Development" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to rack-devel+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
---
You received this message because you are subscribed to the Google Groups "Rack Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rack-devel+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[-- Attachment #2: Type: text/html, Size: 3277 bytes --]
next prev parent reply other threads:[~2016-12-18 1:49 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-18 0:32 newby issue with rack-ssl gem Rich Morin
2016-12-18 1:08 ` James Tucker
2016-12-18 1:42 ` Rich Morin
2016-12-18 1:49 ` James Tucker [this message]
2016-12-18 1:51 ` Rich Morin
2016-12-18 7:01 ` James Tucker
2016-12-18 18:04 ` Rich Morin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://groups.google.com/group/rack-devel
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CABGa_T8+eahWOt=Wgw2EPG+75TnZeBJXSRS1xa++0Zf4BB94_Q@mail.gmail.com' \
--to=rack-devel@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).