jruby-openssl icon indicating copy to clipboard operation
jruby-openssl copied to clipboard
verified publisher icon jruby

Add OpenSSL::SSL::OP_NO_RENEGOTIATION

Open p-mongo opened this issue 5 years ago • 2 comments

This constant is used to disable renegotiation.

MRI:

serene% irb -ropenssl
irb(main):001:0> OpenSSL::SSL::OP_NO_RENEGOTIATION
=> 1073741824

JRuby:

irb(main):001:0> OpenSSL::SSL::OP_NO_RENEGOTIATION
Traceback (most recent call last):
        7: from /home/w/.rbenv/versions/jruby-9.2.11/bin/irb:13:in `<main>'
        6: from org/jruby/RubyKernel.java:1189:in `catch'
        5: from org/jruby/RubyKernel.java:1189:in `catch'
        4: from org/jruby/RubyKernel.java:1442:in `loop'
        3: from org/jruby/RubyKernel.java:1048:in `eval'
        2: from (irb):1:in `evaluate'
        1: from org/jruby/RubyModule.java:3760:in `const_missing'
NameError (uninitialized constant OpenSSL::SSL::OP_NO_RENEGOTIATION)
Did you mean?  OpenSSL::SSL::OP_NO_TICKET

Tested on JRuby 9.2.13.0.

p-mongo avatar Sep 10 '20 21:09 p-mongo

Thanks Oleg, not sure it makes sense. We do not have all OpenSSL constants, some such as controlling renegotiation might not be exposed by Java's SSL. However, I do not mind keeping this open for future reference, in case we have a more low level backend.

kares avatar Oct 05 '20 09:10 kares

If some of the javas expose the respective functionality, exposing this constant in JRuby will allow applications to disable renegotiation in those environments.

If none of the javas expose this functionality, perhaps not having the constant is better, but a note in documentation would be helpful to developers looking for it.

p-mongo avatar Oct 05 '20 10:10 p-mongo