SSL ConnectionFailed issue on second SSL connection request

[mikefogg]

Hi!

Wanted to thank you for the hard work on this, and see if you had any thoughts on an issue I'm currently running into.

I'm running ruby 1.9.3 (which I see you're soon dropping support for but, I unfortunately can't yet).

I'm using Faraday which has a dependency on your gem, and I am getting this error:

First call I make to my server works perfectly! I get back the response body and all that.

Second call however, hits me with a:

Faraday::Error::ConnectionFailed: SSL_connect returned=1 errno=0 state=SSLv3 read server hello A: tlsv1 alert internal error
    from /Users/me/.rbenv/versions/1.9.3-p327/lib/ruby/gems/1.9.1/gems/net-http-persistent-2.9.4/lib/net/http/persistent/ssl_reuse.rb:70:in `connect'
    from /Users/me/.rbenv/versions/1.9.3-p327/lib/ruby/gems/1.9.1/gems/net-http-persistent-2.9.4/lib/net/http/persistent/ssl_reuse.rb:70:in `block in connect'

It seems to me that it's trying to use SSLv3 on the second call (which my server doesn't allow). I could be wrong though, before I switch to just using net-http (which works perfectly, but is obviously going to be a bit slower).

Thanks!

[drbrain]

OpenSSL says "SSLv3" when negotiating a TLSv1+ connection for whatever reason.

I think this is due to session resumption not being supported correctly, I imagine what happens is:

1. New connection starts up, session data is saved
2. Connection expires
3. Connection is closed
4. Net::HTTP attempts to reconnect, TLS session data is used to speed up connect time
5. Server and client disagree

Try http.reuse_ssl_sessions = false

[mikefogg]

@drbrain Awesome! Thanks for the quick feedback. That does seem like it may be the issue because if i fire the request 3 times quick, they all work. The second I pause a bit... it breaks :) I'm going to post a similar issue in Faraday because it doesn't look like they allow you to customize the reuse_ssl_sessions property.