From b1ead3936c1b2929b99e8fc936377238d690b3ef Mon Sep 17 00:00:00 2001 From: MSP-Greg Date: Mon, 27 Nov 2023 11:37:48 -0600 Subject: [PATCH 1/2] net/http.rb - fixup session timeout logic for OpenSSL 3 --- lib/net/http.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/net/http.rb b/lib/net/http.rb index c32f913..3fcaabb 100644 --- a/lib/net/http.rb +++ b/lib/net/http.rb @@ -1668,7 +1668,9 @@ def connect s.hostname = ssl_host_address if s.respond_to?(:hostname=) && ssl_host_address if @ssl_session and - Process.clock_gettime(Process::CLOCK_REALTIME) < @ssl_session.time.to_f + @ssl_session.timeout + # @ssl_session.timeout is not reliable due to signed/unsigned issues with OpenSSL 3, + # use only if s.context.timeout is nil + Process.clock_gettime(Process::CLOCK_REALTIME) < @ssl_session.time.to_f + (s.context.timeout || @ssl_session.timeout) s.session = @ssl_session end ssl_socket_connect(s, @open_timeout) From b7a53a681bbe6b5ba7acc1f9c74bc8d4c93eefd6 Mon Sep 17 00:00:00 2001 From: MSP-Greg Date: Mon, 27 Nov 2023 20:04:50 -0600 Subject: [PATCH 2/2] net/http.rb - add comment about ssl_timeout values --- lib/net/http.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/net/http.rb b/lib/net/http.rb index 3fcaabb..97d6327 100644 --- a/lib/net/http.rb +++ b/lib/net/http.rb @@ -502,7 +502,7 @@ class HTTPHeaderSyntaxError < StandardError; end # - {:ssl_timeout}[rdoc-ref:Net::HTTP#ssl_timeout]: # Returns the ssl timeout. # - {:ssl_timeout=}[rdoc-ref:Net::HTTP#ssl_timeout=]: - # Sets the ssl timeout. + # Sets the client ssl session timeout. A zero or negative value will disable client session reuse. # - {:write_timeout}[rdoc-ref:Net::HTTP#write_timeout]: # Returns the write timeout. # - {write_timeout=}[rdoc-ref:Net::HTTP#write_timeout=]: