[feature:trunk] Server Name Indication (SNI) for net/http

$B$U$H!"(BSSL $B$G(B name based vitual $B$r$d$kOC(B (SNI - RFC 3546)
$B$O$I$&[email protected]$C$1!"(B
$B$H;W$C$FC5$7$?$i!“0J2<$r8+$D$1$?$N$G!”(Bnet/http $B$K$bBP=h$r(B

ssl - OpenSSL Server Name Indication support in Ruby - Stack Overflow


ruby -ropen-uri -e

% svn diff --diff-cmd diff -x -u lib/net/http.rb
Index: lib/net/http.rb

— lib/net/http.rb (revision 30734)
+++ lib/net/http.rb (working copy)
@@ -780,6 +780,7 @@
@socket.writeline ‘’

  •      s.hostname = @address
         timeout(@open_timeout) { s.connect }
         if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE

チケット #4351 が更新されました。 (by Yui NARUSE)


Could this be backported to 1.8.x? The certificates for Gmail currently
require SNI, which encourages many Ruby developers to switch to
VERIFY_NONE. Needless to say, this is bad for security. It’s also a
blocking issue for implementing the WebFinger and Salmon protocols on

チケット #4351 が更新されました。 (by Akira T.)

ステータス OpenからClosedに変更
進捗 % 0から100に変更

This issue was solved with changeset r30816.
Akira, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs