Project

General

Profile

Feature #13729

PATCH: Add Server Name Indication (SNI) support to WEBrick

Added by Tietew (Toru Iwase) over 1 year ago. Updated over 1 year ago.

Status:
Closed
Priority:
Normal
Target version:
-
[ruby-dev:50165]

Description

WEBrick に Server Name Indication (SNI) サポートを追加するパッチです。

よくWEBrickで簡易サーバを立てているのですが、SNIでバーチャルホストを立てたかった(けどできなかった)のでパッチを書きました。
WEBrick::HTTPServer が元々持っているバーチャルホストの仕組みに乗っかっています。

一応テストも入っています。
Google Chrome + Let's Encryptの証明書(SANではない単一CNの証明書複数)でちゃんと接続できることも確認しました。

usage:

# master (default) server
master = WEBrick::HTTPSerevr.new({
    :ServerName => "master.example.com",
    :Port => 443,
    :SSLEnable => true,
    :SSLCertificate => "CN=master.example.com の証明書",
    :SSLPrivateKey => "秘密鍵",
})
master.mount_proc("/") { |req, res| res.body = "default host!\n" }
# virtual host
vhost = WEBrick::HTTPServer.new({
    :ServerName => "vhost.example.jp", # SNIバーチャルホスト名
    :Port => 443,                      # master serverと同じポート番号を指定
    :DoNotListen => true,              # true必須
    :SSLEnable => true,                # true必須
    :SSLCertificate => "CN=vhost.example.jp の証明書",
    :SSLPrivateKey => "秘密鍵",
})
vhost.mount_proc("/") { |req, res| res.body = "virtual host!\n" }
master.virtual_host(vhost)
master.start

Files

webrick_sni_support.patch (5.16 KB) webrick_sni_support.patch Tietew (Toru Iwase), 07/07/2017 08:43 AM
webrick_sni_support_fix.patch (6.12 KB) webrick_sni_support_fix.patch Tietew (Toru Iwase), 07/14/2017 05:43 AM

Associated revisions

Revision 08bdbef5
Added by normal over 1 year ago

webrick: add Server Name Indication (SNI)

  • lib/webrick/https.rb: servername_cb implementation.
  • lib/webrick/ssl.rb: abstract servername_cb.
  • test/webrick/test_https.rb: test. [ruby-dev:50165] [Feature #13729] Author: Tietew tietew@gmail.com

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59281 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 59281
Added by normalperson (Eric Wong) over 1 year ago

webrick: add Server Name Indication (SNI)

  • lib/webrick/https.rb: servername_cb implementation.
  • lib/webrick/ssl.rb: abstract servername_cb.
  • test/webrick/test_https.rb: test. [ruby-dev:50165] [Feature #13729] Author: Tietew tietew@gmail.com

Revision 59281
Added by normal over 1 year ago

webrick: add Server Name Indication (SNI)

  • lib/webrick/https.rb: servername_cb implementation.
  • lib/webrick/ssl.rb: abstract servername_cb.
  • test/webrick/test_https.rb: test. [ruby-dev:50165] [Feature #13729] Author: Tietew tietew@gmail.com

Revision 59281
Added by normal over 1 year ago

webrick: add Server Name Indication (SNI)

  • lib/webrick/https.rb: servername_cb implementation.
  • lib/webrick/ssl.rb: abstract servername_cb.
  • test/webrick/test_https.rb: test. [ruby-dev:50165] [Feature #13729] Author: Tietew tietew@gmail.com

Revision 61a8b4c1
Added by normal over 1 year ago

NEWS: entry for WEBRick SNI support [Feature #13729]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59283 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 59283
Added by normalperson (Eric Wong) over 1 year ago

NEWS: entry for WEBRick SNI support [Feature #13729]

Revision 59283
Added by normal over 1 year ago

NEWS: entry for WEBRick SNI support [Feature #13729]

Revision 59283
Added by normal over 1 year ago

NEWS: entry for WEBRick SNI support [Feature #13729]

Revision a6c13d08
Added by normal over 1 year ago

webrick: fix SNI support

  • lib/webrick/https.rb: check ssl context of virtual host.
  • lib/webrick/ssl.rb: ensure to return ssl context.
  • test/webrick/test_https.rb: test returned cert is correct. [Feature #13729][ruby-dev:50173]

Author: Tietew tietew@gmail.com

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59351 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 59351
Added by normalperson (Eric Wong) over 1 year ago

webrick: fix SNI support

  • lib/webrick/https.rb: check ssl context of virtual host.
  • lib/webrick/ssl.rb: ensure to return ssl context.
  • test/webrick/test_https.rb: test returned cert is correct. [Feature #13729][ruby-dev:50173]

Author: Tietew tietew@gmail.com

Revision 59351
Added by normal over 1 year ago

webrick: fix SNI support

  • lib/webrick/https.rb: check ssl context of virtual host.
  • lib/webrick/ssl.rb: ensure to return ssl context.
  • test/webrick/test_https.rb: test returned cert is correct. [Feature #13729][ruby-dev:50173]

Author: Tietew tietew@gmail.com

Revision 59351
Added by normal over 1 year ago

webrick: fix SNI support

  • lib/webrick/https.rb: check ssl context of virtual host.
  • lib/webrick/ssl.rb: ensure to return ssl context.
  • test/webrick/test_https.rb: test returned cert is correct. [Feature #13729][ruby-dev:50173]

Author: Tietew tietew@gmail.com

History

#1

Updated by Anonymous over 1 year ago

  • Status changed from Open to Closed

Applied in changeset trunk|r59281.


webrick: add Server Name Indication (SNI)

  • lib/webrick/https.rb: servername_cb implementation.
  • lib/webrick/ssl.rb: abstract servername_cb.
  • test/webrick/test_https.rb: test. [ruby-dev:50165] [Feature #13729] Author: Tietew tietew@gmail.com

Updated by Tietew (Toru Iwase) over 1 year ago

ごめんなさい。前回送ったパッチですが、不完全でした。正しくContextを返していませんでした。
テスト時に大ぽかしてSAN証明書を参照していたため、見誤っていました。
そこの修正と、正しい証明書が提示されたことを確認するテストを追加したパッチを追加します。

Updated by hsbt (Hiroshi SHIBATA) over 1 year ago

  • Assignee set to normalperson (Eric Wong)
  • Status changed from Closed to Assigned
#4

Updated by Anonymous over 1 year ago

  • Status changed from Assigned to Closed

Applied in changeset trunk|r59351.


webrick: fix SNI support

  • lib/webrick/https.rb: check ssl context of virtual host.
  • lib/webrick/ssl.rb: ensure to return ssl context.
  • test/webrick/test_https.rb: test returned cert is correct. [Feature #13729][ruby-dev:50173]

Author: Tietew tietew@gmail.com

Also available in: Atom PDF