net-http-persistent icon indicating copy to clipboard operation
net-http-persistent copied to clipboard

Published 20 hours ago verified publisher icon drbrain

avoiding ssl.session= on JRuby

Open kares opened this issue 9 years ago • 4 comments

its just a stub since we can not implement session reuse using the underlying Java security APIs.

users seems to be getting annoyed by our session= printing a warning.

would that be acceptable if that session= line did a unless defined? JRUBY_VERSION check?

kares avatar Mar 29 '16 14:03 kares

Yes, that would be fine

drbrain avatar Mar 29 '16 20:03 drbrain

did not rush into this as I stumbled upon an experiment: https://github.com/jruby/jruby-openssl/commit/f12aab2db0470fc669a765afabd98d5c193de68b in jruby-openssl ... where setting the session = would try to force session re-use on the Java end ... not exactly swapping the session but probably gets as close as we can. unfortunately this would need some real world testing if its behaving as expected.

@lolwhitaker would you be interested in confirming it works as expected (since you fired up a PR) ?

kares avatar Apr 01 '16 15:04 kares

@kares Happy to help with testing if you can guide me a little as to the different scenarios (both positive and negative) you think should be covered.

lolwhitaker avatar Apr 04 '16 20:04 lolwhitaker

@lolwhitaker you could try jruby-openssl 0.9.17 pre-release from: https://oss.sonatype.org/content/repositories/snapshots/rubygems/jruby-openssl/0.9.17.dev-SNAPSHOT/ ... did some testing using bundle install --jobs xx (from https://github.com/jruby/jruby/issues/3635) WARNING: SSLSocket#session= is not supported are gone and things seems to work. the change is that session= is now trying to force the underlying engine to not create new sessions but re-use. this needs real-world testing (not yet sure if it will be in 0.9.17)

kares avatar Apr 21 '16 15:04 kares