Skip to content

Don't modify SSLContext::DEFAULT_PARAMS #362

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
nevans wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Don't modify SSLContext::DEFAULT_PARAMS #362

nevans wants to merge 1 commit into from

Conversation

@nevans
Copy link
Contributor

@nevans nevans commented Dec 15, 2025
edited
Loading

The OpenSSL::SSL::SSLContext#set_params method has had secure defaults since ruby 2.4 or 2.5. Since support for ruby versions prior to 3.1 has been dropped, there's no need to modify this anymore.

Also, the openssl 4.0 gem now freezes the DEFAULT_PARAMS hash. So this is needed for compatibility with both openssl 4.0 and ruby 4.0.

@nevans
Don't modify SSLContext::DEFAULT_PARAMS
f524514 
The OpenSSL::SSL::SSLContext#set_params has had secure defaults since
ruby 2.4 or 2.5.  Since support for ruby versions prior to 3.1 has been
dropped, there's no need to modify this anymore.

Also, the openssl 4.0 gem now _freezes_ the `DEFAULT_PARAMS` hash.  So
this is needed for compatibility with both openssl 4.0 and ruby 4.0.
@nevans nevans requested a review from a team as a code owner December 15, 2025 23:34
@nevans nevans mentioned this pull request Dec 15, 2025
Open
@nevans
Copy link
Contributor Author

nevans commented Jan 5, 2026
edited
Loading

@chrisarcand Happy New Year! 😄 Any thoughts on this this PR (and #361, and #360)? This change is needed for compatibility with v4.0.0 of the openssl gem, which is the default version installed with ruby 4.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@nevans