[ruby-core:65783] [Backport21 - Backport #9640] Please backport SSL fixes to 2.1

< ^ > P N |<>| ^ _>< --- | ~ ...Help

Issue #9640 has been updated by Tomoyuki Chikanaga.


I thought before it cannot be backported because it seems to cause compatibility issues.
But now I feel the necessity of rethink about it according to the change of circumstance (ex. POODLE).

I think users can protect themselves via configuration or update OpenSSL itself, not the by ruby C extension library. Is it correct?

I think r45274 changes only default settings, so users who need SSLv3 or old ciphers have some workarounds, for example via Net::HTTP#ssl_version= or Net::HTTP#ciphers=). Is it correct?


----------------------------------------
Backport #9640: Please backport SSL fixes to 2.1
https://bugs.ruby-lang.org/issues/9640#change-49519

* Author: Christian Hofstaedtler
* Status: Open
* Priority: Normal
* Assignee: 
----------------------------------------
Please backport the fixes for issue #9424 to 2.1.

https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/45274/diff/ext/openssl/lib/openssl/ssl.rb




-- 
https://bugs.ruby-lang.org/