ruby-changes:24477
From: drbrain <ko1@a...>
Date: Wed, 25 Jul 2012 09:06:17 +0900 (JST)
Subject: [ruby-changes:24477] drbrain:r36528 (trunk): * lib/net/http.rb: Added SSL session reuse across connections for a
drbrain 2012-07-25 09:05:59 +0900 (Wed, 25 Jul 2012) New Revision: 36528 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=36528 Log: * lib/net/http.rb: Added SSL session reuse across connections for a single instance to speed up connection. [Feature #5341] * NEWS: ditto * test/net/http/test_https.rb: Tests for #5341 Modified files: trunk/ChangeLog trunk/NEWS trunk/lib/net/http.rb trunk/test/net/http/test_https.rb Index: ChangeLog =================================================================== --- ChangeLog (revision 36527) +++ ChangeLog (revision 36528) @@ -1,3 +1,10 @@ +Wed Jul 25 09:05:38 2012 Eric Hodel <drbrain@s...> + + * lib/net/http.rb: Added SSL session reuse across connections for a + single instance to speed up connection. [Feature #5341] + * NEWS: ditto + * test/net/http/test_https.rb: Tests for #5341 + Wed Jul 25 06:54:24 2012 Eric Hodel <drbrain@s...> * doc/re.rdoc: Fix spelling Index: lib/net/http.rb =================================================================== --- lib/net/http.rb (revision 36527) +++ lib/net/http.rb (revision 36528) @@ -649,6 +649,7 @@ @use_ssl = false @ssl_context = nil + @ssl_session = nil @enable_post_connection_check = true @sspi_enabled = false SSL_IVNAMES.each do |ivname| @@ -903,12 +904,14 @@ @socket.write(buf) HTTPResponse.read_new(@socket).value end + s.session = @ssl_session if @ssl_session # Server Name Indication (SNI) RFC 3546 s.hostname = @address if s.respond_to? :hostname= Timeout.timeout(@open_timeout, Net::OpenTimeout) { s.connect } if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE s.post_connection_check(@address) end + @ssl_session = s.session rescue => exception D "Conn close because of connect error #{exception}" @socket.close if @socket and not @socket.closed? Index: NEWS =================================================================== --- NEWS (revision 36527) +++ NEWS (revision 36528) @@ -89,6 +89,8 @@ variable. See Net::HTTP::new for details. * gzip and deflate compression are now requested for all requests by default. See Net::HTTP for details. + * SSL sessions are now reused across connections for a single instance. + This speeds up connection by using a previously negotiated session. * new methods: * Net::HTTP#local_host * Net::HTTP#local_host= Index: test/net/http/test_https.rb =================================================================== --- test/net/http/test_https.rb (revision 36527) +++ test/net/http/test_https.rb (revision 36528) @@ -59,6 +59,29 @@ skip $! end + def test_session_reuse + http = Net::HTTP.new("localhost", config("port")) + http.use_ssl = true + http.verify_callback = Proc.new do |preverify_ok, store_ctx| + store_ctx.current_cert.to_der == config('ssl_certificate').to_der + end + + http.start + http.get("/") + http.finish + + http.start + http.get("/") + http.finish # three times due to possible bug in OpenSSL 0.9.8 + + http.start + http.get("/") + + socket = http.instance_variable_get(:@socket).io + + assert socket.session_reused? + end + if ENV["RUBY_OPENSSL_TEST_ALL"] def test_verify http = Net::HTTP.new("ssl.netlab.jp", 443) -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/