Project

General

Profile

Actions
Copy link

Feature #15215

closed

HTTPS server name indication (SNI): explicit server_name in Net::HTTP

Added by Anonymous over 6 years ago. Updated over 5 years ago.

Status:
Closed
Assignee:
-
Target version:
-
[ruby-core:89305]

Description

Current behavior and problem:
At the moment, the host name or IP address given in the URL is used to provide the server name for SNI in HTTPS connections. While this behavior is sufficient in most cases, establishing a connection to a fixed IP using a certain server name is not possible.

Proposed solution:
Decouple the server name used for SNI from the address used for connecting. Add a new ssl_server_name attribute in Net::HTTP that defaults to the address (so the default behavior stays exactly the same).

Notes

  • There are scenarios where a client would like to select a specific host when e.g. DNS round robin is configured. Examples: fallback strategies, monitoring of individual hosts.
  • This has nothing to do with the HTTP "Host" header, which one needs to set additionally.

For my "proposed solution", a patch is attached (or see https://github.com/ruby/ruby/pull/1977).
Please let me know about any ideas for improvement or other approaches, thanks!

Files

ssl_server_name.patch (2.17 KB) ssl_server_name.patch Patch: Introduce new attribute ssl_server_name in Net::HTTP Anonymous, 10/07/2018 09:15 AM

Related issues 1 (0 open1 closed)

Is duplicate of Ruby - Feature #5180: net/http の接続時に用いる IP アドレスの指定Closednaruse (Yui NARUSE)Actions
Actions
Copy link

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0