From: benjamin.a.roberts83@...
Date: 2014-11-22T04:49:10+00:00
Subject: [ruby-core:66407] [ruby-trunk - Bug #10467] net/http reconnects	without SNI

Issue #10467 has been updated by Ben Roberts.


This looks to be a duplicate now of #10533, which has a patch

----------------------------------------
Bug #10467: net/http reconnects without SNI
https://bugs.ruby-lang.org/issues/10467#change-50045

* Author: Ben Roberts
* Status: Open
* Priority: Normal
* Assignee: Yui NARUSE
* Category: lib
* Target version: current: 2.2.0
* ruby -v: ruby 2.1.2p95 (2014-05-08 revision 45877) [x86_64-linux] AND ruby 2.2.0preview1 (2014-09-17 trunk 47616) [x86_64-linux] 
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
When using net/http and reusing a connection after a 5 minute timeout, the reconnection fails on Servers using SNI that do not return the same ssl key when using a non-sni connection.

I used wireshark to confirm that the second attempt to connect is returning the incorrect SSL certificate (the certificate the server returns without the hostname set)

Attaching a test script to easily reproduce the error.

---Files--------------------------------
test.rb (1019 Bytes)


-- 
https://bugs.ruby-lang.org/