diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | lib/net/http.rb | 5 |
2 files changed, 9 insertions, 1 deletions
@@ -1,3 +1,8 @@ +Tue Nov 25 16:09:28 2014 Eric Hodel <drbrain@segment7.net> + + * lib/net/http.rb: Do not attempt SSL session resumption when the + session is expired. [Bug #10533] + Tue Nov 25 15:59:46 2014 Eric Hodel <drbrain@segment7.net> * lib/rake: Update to rake 10.4.0 diff --git a/lib/net/http.rb b/lib/net/http.rb index aceb530442..b5706c597f 100644 --- a/lib/net/http.rb +++ b/lib/net/http.rb @@ -914,7 +914,10 @@ module Net #:nodoc: @socket.write(buf) HTTPResponse.read_new(@socket).value end - s.session = @ssl_session if @ssl_session + if @ssl_session and + Time.now < @ssl_session.time + @ssl_session.timeout + s.session = @ssl_session if @ssl_session + end # Server Name Indication (SNI) RFC 3546 s.hostname = @address if s.respond_to? :hostname= Timeout.timeout(@open_timeout, Net::OpenTimeout) { s.connect } |