Net::HTTP doesn't allow to set SSL optionsΒ #139
Description
Context
Since OpenSSL 3.x, when a server close the TCP connection without first calling SSL_shutdown, the SSL client now error with SSL_read: unexpected eof while reading.
In OpenSSL 1.x, the client wouldn't mind and would behave like if the connection was cleanly closed.
To restore the 1.x behavior, you can set a specific options:
ssl_context = OpenSSL::SSL::SSLContext.new
ssl_context.options |= OpenSSL::SSL::OP_IGNORE_UNEXPECTED_EOFProblem
The issue is that Net::HTTP only allow to set specific fields on the SSLContext object, and options is not one of them.
Workaround
The issue can be worked around by changing the default options globally:
if OpenSSL::SSL.const_defined?(:OP_IGNORE_UNEXPECTED_EOF)
OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:options] |= OpenSSL::SSL::OP_IGNORE_UNEXPECTED_EOF
endHowever this impact all SSL connections, not just the ones that need it.
Solution
Not sure what the best API would be. But it would be great if we could directly pass a SSLContext instance to Net::HTTP, so that we're not limited on the SSL configuration.