coalescing: do not try to use a self-signed certificate for coalescing verification purposes

2025-08-10 00:01:27 -04:00 · 2021-11-17 21:35:31 +00:00 · 2021-11-17 21:35:31 +00:00 · c7d73d09b8
commit c7d73d09b8
parent f31b06c150
2 changed files with 7 additions and 1 deletions
--- a/lib/httpx/connection.rb
+++ b/lib/httpx/connection.rb
@ -117,7 +117,8 @@ module HTTPX
    def coalescable?(connection)
      if @io.protocol == "h2" &&
         @origin.scheme == "https" &&
-         connection.origin.scheme == "https"
+         connection.origin.scheme == "https" &&
+         @io.can_verify_peer?
        @io.verify_hostname(connection.origin.host)
      else
        @origin == connection.origin
@ -463,6 +464,7 @@ module HTTPX
          transition(:closing)
          transition(:closed)
          emit(:reset)
+
          @parser.reset if @parser
          transition(:idle)
          transition(:open)
--- a/lib/httpx/io/ssl.rb
+++ b/lib/httpx/io/ssl.rb
@ -27,6 +27,10 @@ module HTTPX
      super
    end

+    def can_verify_peer?
+      @ctx.verify_mode == OpenSSL::SSL::VERIFY_PEER
+    end
+
    def verify_hostname(host)
      return false if @ctx.verify_mode == OpenSSL::SSL::VERIFY_NONE
      return false if !@io.respond_to?(:peer_cert) || @io.peer_cert.nil?