Project

General

Profile

Bug #9459

Net::HTTP initializes openssl library after TCP connection is established

Added by Josh C over 2 years ago. Updated about 2 years ago.

Status:
Assigned
Priority:
Normal
Assignee:
ruby -v:
ruby 1.8.7 (2012-02-08 patchlevel 358) [universal-darwin12.0]
[ruby-core:60202]

Description

When making an HTTPS connection, the Net::HTTP#connect method makes the following calls:

  1. TCPSocket.new
  2. OpenSSL:SSL::SSLContext.new
  3. OpenSSL:SSL:SSLSocket.connect

Here is a link to the 2.1.0 version, though the basic sequence is the same in trunk and as far back as 1.8.7, possibly earlier.

The problem is that between step 1 and 3, the server must keep the TCP socket open while the SSL client calls OpenSSL:SSL::SSLContext.new. The first time this code path is taken, step 2 has the side effect of initializing the OpenSSL library. This can take a non-trivial amount of time, and is made worse when several clients start at the same time.

I would suggest that the order of operations be switched to:

  1. OpenSSL:SSL::SSLContext.new
  2. TCPSocket.new
  3. OpenSSL:SSL:SSLSocket.connect

I've attached a patch that shows this. It is based off of trunk.

Thank you

net_http_connect.patch Magnifier (742 Bytes) Josh C, 01/29/2014 05:50 AM

History

#1 [ruby-core:61064] Updated by Tomoyuki Chikanaga about 2 years ago

  • Status changed from Open to Assigned

Also available in: Atom PDF