Project

General

Profile

Feature #5341 ยป net.http.rb.ssl_session_reuse.patch

Create a new ssl_context for each call to #connect - drbrain (Eric Hodel), 11/23/2011 09:28 AM

View differences:

lib/net/http.rb (working copy)
586 586
      @debug_output = nil
587 587
      @use_ssl = false
588 588
      @ssl_context = nil
589
      @ssl_session = nil
589 590
      @enable_post_connection_check = true
590 591
      @compression = nil
591 592
      @sspi_enabled = false
......
783 784
        @ssl_context = OpenSSL::SSL::SSLContext.new
784 785
        @ssl_context.set_params(ssl_parameters)
785 786
        s = OpenSSL::SSL::SSLSocket.new(s, @ssl_context)
787
        s.session = @ssl_session if @ssl_session
786 788
        s.sync_close = true
787 789
      end
788 790
      @socket = BufferedIO.new(s)
......
809 811
          if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE
810 812
            s.post_connection_check(@address)
811 813
          end
814
          @ssl_session = s.session
812 815
        rescue => exception
813 816
          D "Conn close because of connect error #{exception}"
814 817
          @socket.close if @socket and not @socket.closed?
test/net/http/test_https.rb (working copy)
59 59
    skip $!
60 60
  end
61 61

  
62
  def test_session_reuse
63
    http = Net::HTTP.new("localhost", config("port"))
64
    http.use_ssl = true
65
    http.verify_callback = Proc.new do |preverify_ok, store_ctx|
66
      store_ctx.current_cert.to_der == config('ssl_certificate').to_der
67
    end
68

  
69
    http.start
70
    http.get("/")
71
    http.finish
72

  
73
    http.start
74
    http.get("/")
75
    http.finish # three times due to possible bug in OpenSSL 0.9.8
76

  
77
    http.start
78
    http.get("/")
79

  
80
    socket = http.instance_variable_get(:@socket).io
81

  
82
    assert socket.session_reused?
83
  end
84

  
62 85
  if ENV["RUBY_OPENSSL_TEST_ALL"]
63 86
    def test_verify
64 87
      http = Net::HTTP.new("ssl.netlab.jp", 443)