From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Original-To: poffice@blade.nagaokaut.ac.jp Delivered-To: poffice@blade.nagaokaut.ac.jp Received: from kankan.nagaokaut.ac.jp (kankan.nagaokaut.ac.jp [133.44.2.24]) by blade.nagaokaut.ac.jp (Postfix) with ESMTP id 958A017D10D6 for ; Thu, 11 Jul 2013 18:18:42 +0900 (JST) Received: from funfun.nagaokaut.ac.jp (funfun.nagaokaut.ac.jp [133.44.2.201]) by kankan.nagaokaut.ac.jp (Postfix) with ESMTP id 0148FEA6281 for ; Thu, 11 Jul 2013 17:51:27 +0900 (JST) Received: from funfun.nagaokaut.ac.jp (localhost.nagaokaut.ac.jp [127.0.0.1]) by funfun.nagaokaut.ac.jp (Postfix) with ESMTP id 309BF97A826 for ; Thu, 11 Jul 2013 17:51:27 +0900 (JST) X-Virus-Scanned: amavisd-new at nagaokaut.ac.jp Received: from funfun.nagaokaut.ac.jp ([127.0.0.1]) by funfun.nagaokaut.ac.jp (funfun.nagaokaut.ac.jp [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DPMRd6LFwGHM for ; Thu, 11 Jul 2013 17:51:27 +0900 (JST) Received: from voscc.nagaokaut.ac.jp (voscc.nagaokaut.ac.jp [133.44.1.100]) by funfun.nagaokaut.ac.jp (Postfix) with ESMTP id E5F4097A820 for ; Thu, 11 Jul 2013 17:51:26 +0900 (JST) Received: from carbon.ruby-lang.org (carbon.ruby-lang.org [221.186.184.68]) by voscc.nagaokaut.ac.jp (Postfix) with ESMTP id BBE2B95241A for ; Thu, 11 Jul 2013 17:51:24 +0900 (JST) Received: from beryllium.ruby-lang.org (beryllium.ruby-lang.org [127.0.0.1]) by carbon.ruby-lang.org (Postfix) with ESMTP id 394BC3C21E311; Thu, 11 Jul 2013 17:51:23 +0900 (JST) Received: from fluorine.ruby-lang.org (www.rubyist.net [210.251.121.216]) by carbon.ruby-lang.org (Postfix) with ESMTP id C76393C21E2FC for ; Thu, 11 Jul 2013 17:51:14 +0900 (JST) Received: from ruby-lang.org (localhost [127.0.0.1]) by fluorine.ruby-lang.org (Postfix) with ESMTP id 942513FA09 for ; Thu, 11 Jul 2013 17:51:14 +0900 (JST) Delivered-To: ruby-core@ruby-lang.org Date: Thu, 11 Jul 2013 17:51:14 +0900 Posted: Thu, 11 Jul 2013 17:51:14 +0900 From: "naruse (Yui NARUSE)" Reply-To: ruby-core@ruby-lang.org Subject: [ruby-core:55945] [ruby-trunk - Bug #8590] Second call of https.get results in timeout To: ruby-core@ruby-lang.org Message-Id: References: X-ML-Name: ruby-core X-Mail-Count: 55945 X-MLServer: fml [fml 4.0.3 release (20011202/4.0.3)]; post only (only members can post) X-ML-Info: If you have a question, send e-mail with the body "help" (without quotes) to the address ruby-core-ctl@ruby-lang.org; help= X-Mailer: Redmine X-Redmine-Issue-Author: yhara X-Redmine-Issue-Assignee: naruse X-Auto-Response-Suppress: OOF X-Redmine-Issue-Id: 8590 X-Redmine-Mailinglistintegration-Message-Ids: 29361 X-Redmine-Project: ruby-trunk Auto-Submitted: auto-generated X-Redmine-Site: Ruby Issue Tracking System X-Redmine-Host: bugs.ruby-lang.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Precedence: bulk List-Id: ruby-core.ruby-lang.org List-Software: fml [fml 4.0.3 release (20011202/4.0.3)] List-Post: List-Owner: List-Help: List-Unsubscribe: Issue #8590 has been updated by naruse (Yui NARUSE). drbrain (Eric Hodel) wrote: > I can reproduce it with OpenSSL 1.0.1e 11 Feb 2013 and ruby trunk, it seems related to SSL session reuse. > > (({openssl s_client})) for 1.0.1e behaves strangely with this server, however. (({openssl s_client -host secure.nicovideo.jp -port 443})) times out, (({openssl s_client -host secure.nicovideo.jp -port 443 -tls1})) connects successfully. Adding the (({-reconnect})) flag does not produce the timeout for subsequent connections. > > With the attached patch the following test.rb attaches successfully twice: > > require "net/https" > https = Net::HTTP.new("secure.nicovideo.jp", 443) > #https = Net::HTTP.new("www.sbisec.co.jp", 443) # same result for this server > > https.open_timeout = 5 > > https.use_ssl = true > https.reuse_ssl_session = false > https.ssl_version = 'TLSv1' > https.start{ p https.get('/') } #=> OK > https.start{ p https.get('/') } #=> (Timeout) > > May I commit? The reuse_ssl_session = false feels workaround; it can't be applied generally. As far as I understand, this is because SSL-related timeout won't be reconnected though normal HTTP is reconnected automatically. Therefore https should also reconnect automatically. ---------------------------------------- Bug #8590: Second call of https.get results in timeout https://bugs.ruby-lang.org/issues/8590#change-40442 Author: yhara (Yutaka HARA) Status: Feedback Priority: Normal Assignee: naruse (Yui NARUSE) Category: lib Target version: current: 2.1.0 ruby -v: ruby 2.0.0p247 (2013-06-27 revision 41674) [x86_64-darwin12.4.0] Backport: 1.9.3: UNKNOWN, 2.0.0: UNKNOWN Hi, In the following code, second call of https.get results in an error "Connection reset by peer - SSL_connect" after timeout. --- require "net/https" https = Net::HTTP.new("secure.nicovideo.jp", 443) #https = Net::HTTP.new("www.sbisec.co.jp", 443) # same result for this server https.use_ssl = true https.ssl_version = 'TLSv1' https.start{ p https.get('/') } #=> OK https.start{ p https.get('/') } #=> (Timeout) --- Expected: prints response twice Actual: prints response once, and raises the following error after timeout /Users/yhara/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/net/http.rb:918:in `connect': Connection reset by peer - SSL_connect (Errno::ECONNRESET) from /Users/yhara/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/net/http.rb:918:in `block in connect' from /Users/yhara/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/timeout.rb:52:in `timeout' from /Users/yhara/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/net/http.rb:918:in `connect' from /Users/yhara/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/net/http.rb:862:in `do_start' from /Users/yhara/.rbenv/versions/2.0.0-p247/lib/ruby/2.0.0/net/http.rb:851:in `start' Is this a bug of Net::HTTP, or a problem of the server, or just I'm doing something wrong? Thanks in advance. -- http://bugs.ruby-lang.org/