Issue #10522 has been updated by Kazuki Yamaguchi.

Status changed from Feedback to Rejected

As commented at the GitHub PR, there doesn't seem to be anything wrong. `ssl_socket.set_params(ssl_version: :TLSv1)` should be equivalent to `ssl_socket.set_params; ssl_socket.ssl_version = :TLSv1`.

----------------------------------------
Bug #10522: SSL_VERSION not handled properly in Net::Http, OpenSSL libraries
https://bugs.ruby-lang.org/issues/10522#change-61016

* Author: Matt Dressel
* Status: Rejected
* Priority: Normal
* Assignee: openssl
* ruby -v: ruby 2.1.3p242
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
https://github.com/ruby/ruby/pull/762/files

While using the Faraday gem with the default net/http adapter, we are passing an explicit ssl_version to net/http, however we still received handshake warnings from the server suggesting that the ssl_version was not getting down to the OpenSSL layer.  After realizing that the Typhoeus adapter works just fine, I decided to dig deeper into Net::Http.  

The Net::Http#connect method passes the ssl_version to OpenSSL::SSL::SSLContext via the set_params method.  This appears to be problematic.  The only case I can get to work as expected calls ssl_version= without calling set_params at all.  I believe the error revolves around the set_params calling setters for all params (always includes an ssl_version).



-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>