[ruby-core:100612] [Ruby master Feature#9459] Net::HTTP initializes openssl library after TCP connection is established

ruby-core@ruby-lang.org archive (unofficial mirror)
 help / color / mirror / Atom feed

* [ruby-core:100612] [Ruby master Feature#9459] Net::HTTP initializes openssl library after TCP connection is established
       [not found] <redmine.issue-9459.20140129055333.6750@ruby-lang.org>
@ 2020-10-27 21:55 ` merch-redmine
  0 siblings, 0 replies; only message in thread
From: merch-redmine @ 2020-10-27 21:55 UTC (permalink / raw)
  To: ruby-core

Issue #9459 has been updated by jeremyevans0 (Jeremy Evans).

Backport deleted (1.9.3: UNKNOWN, 2.0.0: UNKNOWN, 2.1: UNKNOWN)
ruby -v deleted (ruby 1.8.7 (2012-02-08 patchlevel 358) [universal-darwin12.0])
Tracker changed from Bug to Feature

This appears to still be an issue, though I think this is a feature request and not a bug. I've submitted the patch as a pull request to the net-http repository: https://github.com/ruby/net-http/pull/4

----------------------------------------
Feature #9459: Net::HTTP initializes openssl library after TCP connection is established
https://bugs.ruby-lang.org/issues/9459#change-88243

* Author: joshc (Josh C)
* Status: Assigned
* Priority: Normal
* Assignee: naruse (Yui NARUSE)
----------------------------------------
When making an HTTPS connection, the Net::HTTP#connect method makes the following calls:

1. TCPSocket.new
2. OpenSSL:SSL::SSLContext.new
3. OpenSSL:SSL:SSLSocket.connect

Here is a link to the [2.1.0](https://github.com/ruby/ruby/blob/v2_1_0/lib/net/http.rb#L877-L920) version, though the basic sequence is the same in trunk and as far back as 1.8.7, possibly earlier.

The problem is that between step 1 and 3, the server must keep the TCP socket open while the SSL client calls OpenSSL:SSL::SSLContext.new. The first time this code path is taken, step 2 has the side effect of initializing the OpenSSL library. This can take a non-trivial amount of time, and is made worse when several clients start at the same time.

I would suggest that the order of operations be switched to:

1. OpenSSL:SSL::SSLContext.new
2. TCPSocket.new
3. OpenSSL:SSL:SSLSocket.connect

I've attached a patch that shows this. It is based off of trunk.

Thank you

---Files--------------------------------
net_http_connect.patch (742 Bytes)

-- 
https://bugs.ruby-lang.org/

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2020-10-27 21:55 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <redmine.issue-9459.20140129055333.6750@ruby-lang.org>
2020-10-27 21:55 ` [ruby-core:100612] [Ruby master Feature#9459] Net::HTTP initializes openssl library after TCP connection is established merch-redmine

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).