From: matt.dressel@...
Date: 2014-11-28T21:50:46+00:00
Subject: [ruby-core:66558] [ruby-trunk - Bug #10522] SSL_VERSION not handled properly in Net::Http, OpenSSL libraries

Issue #10522 has been updated by Matt Dressel.


Who is the best person to review this? AKA who should I assign this to?

----------------------------------------
Bug #10522: SSL_VERSION not handled properly in Net::Http, OpenSSL libraries
https://bugs.ruby-lang.org/issues/10522#change-50171

* Author: Matt Dressel
* Status: Open
* Priority: High
* Assignee: 
* Category: ext/openssl
* Target version: 
* ruby -v: ruby 2.1.3p242
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
https://github.com/ruby/ruby/pull/762/files

While using the Faraday gem with the default net/http adapter, we are passing an explicit ssl_version to net/http, however we still received handshake warnings from the server suggesting that the ssl_version was not getting down to the OpenSSL layer.  After realizing that the Typhoeus adapter works just fine, I decided to dig deeper into Net::Http.  

The Net::Http#connect method passes the ssl_version to OpenSSL::SSL::SSLContext via the set_params method.  This appears to be problematic.  The only case I can get to work as expected calls ssl_version= without calling set_params at all.  I believe the error revolves around the set_params calling setters for all params (always includes an ssl_version).



-- 
https://bugs.ruby-lang.org/