puma--puma

mirror of https://github.com/puma/puma.git synced 2022-11-09 13:48:40 -05:00

History

Ekin Dursun ef1a9f57c5 Set session id context while creating SSLContext (#2633 ) When using client certificates, session id context needs to be set. OpenSSL documentation covers it like this: If the session id context is not set on an SSL/TLS server and client certificates are used, stored sessions will not be reused but a fatal error will be flagged and the handshake will fail. Details: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_session_id_context.html Ruby OpenSSL wrapper conforms to this by setting the session id context to a random sequence of bytes whenever a context is created: http://github.com/ruby/openssl/blob/master/lib/openssl/ssl.rb#L493 I am open to suggestions about generating random bytes. I feel like there can be a better way than this.	2021-06-04 07:01:34 -06:00
..
puma_http11	Set session id context while creating SSLContext (#2633 )	2021-06-04 07:01:34 -06:00

Set session id context while creating SSLContext (#2633 )

When using client certificates, session id context needs to be set.
OpenSSL documentation covers it like this:

If the session id context is not set on an SSL/TLS server and client
certificates are used, stored sessions will not be reused but a fatal
error will be flagged and the handshake will fail. Details:
https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_session_id_context.html

Ruby OpenSSL wrapper conforms to this by setting the session id context
to a random sequence of bytes whenever a context is created:
http://github.com/ruby/openssl/blob/master/lib/openssl/ssl.rb#L493

I am open to suggestions about generating random bytes. I feel like
there can be a better way than this.

2021-06-04 07:01:34 -06:00

puma_http11

Set session id context while creating SSLContext (#2633 )

2021-06-04 07:01:34 -06:00