From 0fd238c72f2952c5fa22841c1828c39e8c2faa95 Mon Sep 17 00:00:00 2001 From: nagachika Date: Tue, 12 Mar 2019 23:23:17 +0000 Subject: merge revision(s) 64234,64252: [Backport #15219] net/http, net/ftp: fix session resumption with TLS 1.3 When TLS 1.3 is in use, the session ticket may not have been sent yet even though a handshake has finished. Also, the ticket could change if multiple session ticket messages are sent by the server. Use SSLContext#session_new_cb instead of calling SSLSocket#session immediately after a handshake. This way also works with earlier protocol versions. net/http, net/ftp: skip SSL/TLS session resumption tests Due to a bug in OpenSSL 1.1.0h[1] (it's only in this specific version; it was introduced just before the release and is already fixed in their stable branch), the callback set by SSLContext#session_new_cb= does not get called for clients, making net/http and net/ftp not attempt session resumption. Let's disable the affected test cases for now. Another option would be to fallback to using SSLSocket#session as we did before r64234. But since only a single version is affected and hopefully a new stable version containing the fix will be released in near future, I chose not to add such workaround code to lib/. [1] https://github.com/openssl/openssl/pull/5967 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67237 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- version.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'version.h') diff --git a/version.h b/version.h index f1792fe296..a2e53cc0c4 100644 --- a/version.h +++ b/version.h @@ -1,6 +1,6 @@ #define RUBY_VERSION "2.5.4" #define RUBY_RELEASE_DATE "2019-03-13" -#define RUBY_PATCHLEVEL 149 +#define RUBY_PATCHLEVEL 150 #define RUBY_RELEASE_YEAR 2019 #define RUBY_RELEASE_MONTH 3 -- cgit v1.2.3