Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set session id context while creating SSLContext #2633

Merged
merged 1 commit into from Jun 4, 2021
Merged

Set session id context while creating SSLContext #2633

merged 1 commit into from Jun 4, 2021

Commits on May 25, 2021

  1. Set session id context while creating SSLContext 

    When using client certificates, session id context needs to be set.
OpenSSL documentation covers it like this:

If the session id context is not set on an SSL/TLS server and client
certificates are used, stored sessions will not be reused but a fatal
error will be flagged and the handshake will fail. Details:
https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_session_id_context.html

Ruby OpenSSL wrapper conforms to this by setting the session id context
to a random sequence of bytes whenever a context is created:
http://github.com/ruby/openssl/blob/master/lib/openssl/ssl.rb#L493

I am open to suggestions about generating random bytes. I feel like
there can be a better way than this.
    Ekin Dursun committed May 25, 2021
    Copy the full SHA
    6332949 View commit details
    Browse the repository at this point in the history