From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Original-To: poffice@blade.nagaokaut.ac.jp Delivered-To: poffice@blade.nagaokaut.ac.jp Received: from kankan.nagaokaut.ac.jp (kankan.nagaokaut.ac.jp [133.44.2.24]) by blade.nagaokaut.ac.jp (Postfix) with ESMTP id A865317CC763 for ; Sat, 22 Nov 2014 08:11:40 +0900 (JST) Received: from funfun.nagaokaut.ac.jp (funfun.nagaokaut.ac.jp [133.44.2.201]) by kankan.nagaokaut.ac.jp (Postfix) with ESMTP id 7FFD9B5D863 for ; Sat, 22 Nov 2014 08:01:33 +0900 (JST) Received: from funfun.nagaokaut.ac.jp (localhost.nagaokaut.ac.jp [127.0.0.1]) by funfun.nagaokaut.ac.jp (Postfix) with ESMTP id 4FFD297A826 for ; Sat, 22 Nov 2014 08:01:34 +0900 (JST) X-Virus-Scanned: amavisd-new at nagaokaut.ac.jp Authentication-Results: funfun.nagaokaut.ac.jp (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=sendgrid.me Received: from funfun.nagaokaut.ac.jp ([127.0.0.1]) by funfun.nagaokaut.ac.jp (funfun.nagaokaut.ac.jp [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r6w9Gy2I3LCt for ; Sat, 22 Nov 2014 08:01:33 +0900 (JST) Received: from voscc.nagaokaut.ac.jp (voscc.nagaokaut.ac.jp [133.44.1.100]) by funfun.nagaokaut.ac.jp (Postfix) with ESMTP id CB0E697A82C for ; Sat, 22 Nov 2014 08:01:33 +0900 (JST) Received: from neon.ruby-lang.org (neon.ruby-lang.org [221.186.184.75]) by voscc.nagaokaut.ac.jp (Postfix) with ESMTP id DA60D952408 for ; Sat, 22 Nov 2014 08:01:32 +0900 (JST) Received: from [221.186.184.76] (localhost [IPv6:::1]) by neon.ruby-lang.org (Postfix) with ESMTP id AEADB1204AE; Sat, 22 Nov 2014 08:01:29 +0900 (JST) X-Original-To: ruby-core@ruby-lang.org Delivered-To: ruby-core@ruby-lang.org Received: from o10.shared.sendgrid.net (o10.shared.sendgrid.net [173.193.132.135]) by neon.ruby-lang.org (Postfix) with ESMTPS id CA5351204A3 for ; Sat, 22 Nov 2014 08:01:25 +0900 (JST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.me; h=from:to:references:subject:mime-version:content-type:content-transfer-encoding:list-id; s=smtpapi; bh=THl2MmSVSfi3sMJEWULvTfbRv0Y=; b=TbWig9HjstSWVRhyER KuHjDLGATsMO/Wk0TKIOYgFTRKeMkwC3/zc+YUAE6D1bwRs+c610P0fa8zmstgmz 03EYP9Th/iITcNm54IIQ4praQK0gdiSKiYSCIO5PWrvJ3VBhXm00koi5D5StAkUl fBV7pXKc1hw3WqTZx0KO/E4FA= Received: by filter0063p1mdw1.sendgrid.net with SMTP id filter0063p1mdw1.24066.546FC43D17 2014-11-21 23:01:18.049139172 +0000 UTC Received: from ismtpd-028.iad1.sendgrid.net ([UNAVAILABLE]. [10.42.2.92]) by 10.42.243.103:2500 (trex/5.2.14); Fri, 21 Nov 2014 23:01:18 GMT Received: from herokuapp.com (ec2-54-161-230-241.compute-1.amazonaws.com [54.161.230.241]) by ismtpd-028 (SG) with ESMTP id 149d49691bc.9d5.39236d for ; Fri, 21 Nov 2014 23:01:17 +0000 (UTC) Date: Fri, 21 Nov 2014 23:01:17 +0000 From: drbrain@segment7.net To: ruby-core@ruby-lang.org Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Redmine-MailingListIntegration-Message-Ids: 40787 X-Redmine-Project: ruby-trunk X-Redmine-Issue-Id: 10533 X-Redmine-Issue-Author: drbrain X-Redmine-Sender: drbrain X-Mailer: Redmine X-Redmine-Host: bugs.ruby-lang.org X-Redmine-Site: Ruby Issue Tracking System X-Auto-Response-Suppress: OOF Auto-Submitted: auto-generated X-SG-EID: ync6xU2WACa70kv/Ymy4QrNMhiuLXJG8OTL2vJD1yS6ltDO0aWFqP6uuXgECS9QW0z76c2vVzDw2nt VQbHBFgX4pQKXbJ/fjrk9JxQpODGm3OqQW/0jSMg/aBSghCdyrQIdOrmdDWO/RIMo2LMTWVdYC4X3k fCaMfz7ST6gtgzKf8xBzTQ8RMlK+whJW753Q X-SendGrid-Contentd-ID: {"test_id":"1416610882"} X-ML-Name: ruby-core X-Mail-Count: 66400 Subject: [ruby-core:66400] [ruby-trunk - Bug #10533] HTTP reconnection with SNI does not send correct hostname X-BeenThere: ruby-core@ruby-lang.org X-Mailman-Version: 2.1.15 Precedence: list Reply-To: Ruby developers List-Id: Ruby developers List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: ruby-core-bounces@ruby-lang.org Sender: "ruby-core" Issue #10533 has been updated by Eric Hodel. File net.http.bug10533.patch added Backport changed from 2.0.0: UNKNOWN, 2.1: UNKNOWN to 2.0.0: REQUIRED, 2.1: REQUIRED If session resumption is requested with an expired SSL session on an SNI server then the handshake goes wrong and the connection fails as above. The attached patch only attempts session resumption if the session is still valid. ---------------------------------------- Bug #10533: HTTP reconnection with SNI does not send correct hostname https://bugs.ruby-lang.org/issues/10533#change-50040 * Author: Eric Hodel * Status: Open * Priority: Normal * Assignee: * Category: lib * Target version: * ruby -v: ruby 2.1.5p273 (2014-11-13 revision 48405) [x86_64-darwin14.0] * Backport: 2.0.0: REQUIRED, 2.1: REQUIRED ---------------------------------------- When reconnecting after connection timeout on an SNI connection the server name is not sent during reconnect which results in a failed reconnection: ~~~ $ cat test.rb require 'net/http' uri = URI 'https://david.shanske.com' Net::HTTP.start uri.hostname, uri.port, use_ssl: true do |http| req = Net::HTTP::Get.new uri response = http.request req p response.code sleep 310 req = Net::HTTP::Get.new uri response = http.request req p response.code end $ ruby -v test.rb ruby 2.1.5p273 (2014-11-13 revision 48405) [x86_64-darwin14.0] "200" /usr/local/lib/ruby/2.1.0/openssl/ssl.rb:178:in `post_connection_check': hostname "david.shanske.com" does not match the server certificate (OpenSSL::SSL::SSLError) from /usr/local/lib/ruby/2.1.0/net/http.rb:922:in `connect' from /usr/local/lib/ruby/2.1.0/net/http.rb:1447:in `begin_transport' from /usr/local/lib/ruby/2.1.0/net/http.rb:1404:in `transport_request' from /usr/local/lib/ruby/2.1.0/net/http.rb:1378:in `request' from test.rb:10:in `block in
' from /usr/local/lib/ruby/2.1.0/net/http.rb:853:in `start' from /usr/local/lib/ruby/2.1.0/net/http.rb:583:in `start' from test.rb:4:in `
' ~~~ ---Files-------------------------------- net.http.bug10533.patch (685 Bytes) -- https://bugs.ruby-lang.org/