[ruby-core:48675] Re: Patch to test_ssl to validate server-side support for SNI

< ^ > P N |<>| ^ _>< --- | ~ ...Help
We have incorporated Patrick's SNI patch for upcoming release JRuby
1.7.1 and jruby-openssl 0.8.0, and are interested in seeing the test
patch get in as well. For now, we're excluding the test in question
using minitest excludes.

I have also sent a few recent pull requests to add more jruby-openssl
tests to the MRI suite. We have already incorporated them into our
fork of ruby_1_9_3 and I am standing by to help sort out issues.

I know ruby-core folks are busy with feature-freeze tasks. Hopefully
after RubyConf we can circle back to these tests and get them in.

- Charlie

On Mon, Oct 22, 2012 at 3:19 PM, Patrick Toomey <ptoomey3 / biasedcoin.com> wrote:
> I recently made a pull request to JRuby
> (https://github.com/jruby/jruby/pull/349) to add support for client-side
> SNI.  After making the patch I noticed that I was failing a unit test that
> they pull from MRI, specifically test/openssl/test_ssl.rb
> (test_tlsext_hostname).  This unit test validates that the client supports
> SNI, but not the server (i.e. supports servername_cb).  As of JAVA 7 there
> is support for client SNI, but not server.  As such, it is only
> possible/practical to patch JRuby to support client connections to SNI
> capable/required servers.  My patch simply adds an additional requirement
> that server-side SNI is supported before trying to run this specific unit
> test.
>
> Patrick
>
>
>