Setting RestClient SSL version to SSLv3 - ruby-on-rails

Is there a way to force SSL version on a single RestClient connection?
I need to set it to 'SSLv3'.
I'm able to do that for ALL connections using:
OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:ssl_version] = 'SSLv3'
But that of course is too global.
When trying to pass parameters in the initialization, it doesn't work:
RestClient::Resource.new('https://example.com',:ssl_version => "SSLv3")

You can use an invocation like this:
RestClient::Request.execute(:url => 'https://example.com', :ssl_version => 'SSLv3', :method => 'get')
But note that older versions of rest-client would silently discard the :ssl_version option. You can test whether this is happening by using a bogus SSL version:
>> RestClient::Request.execute(:url => 'https://example.com', :ssl_version => 'blah', :method => 'get')
ArgumentError: unknown SSL method `blah'.
from /usr/lib/ruby/1.9.1/openssl/ssl-internal.rb:38:in `ssl_version='

Related

Trying to call third party api through rest-client giving RestClient::SSLCertificateNotVerified error

I am trying to call rest api of https://example.com but getting above error pls help me with the same
To bypass verify SSL certificate you can use :verify_ssl => false like this
RestClient::Request.execute(:url => 'https://example.com/', :method => :get, :verify_ssl => false)
Just in case that doesn't work also put :proxy => nil like this
RestClient::Request.execute(:url => 'https://example.com/', :method => :get, :verify_ssl => false, :proxy => nil)

The content type 'application/x-www-form-urlencoded' is not supported in Ruby on Rails

So I'm just trying to make a simple post request using httpclient in RoR.
I'm going through a proxy, doing ntlm authentication with the server ( I can make GET requests without a problem).
Now when I try and do a post request, I get the error mentioned in the title...
proxy = ENV['HTTP_PROXY']
client=HTTPClient.new(proxy)
client.set_auth(nil,user,pass)
body= [{'Content-Type' => 'application/atom+xml, :content => ...}]
res = client.post('url',body)
puts res.body
How am i getting this error when I clearly specify the header as atom+xml..?
You should use
res = client.post('url',
:body => "...body content...",
:header => {'Content-Type' => 'application/atom+xml'})

jruby-openssl vs mri openssl - Socket Closed

Issue: Net::HTTP calls failing when using jruby with a OpenSSL::SSLError Socket Closed, but working fine using MRI.
Side Note: Calls to many servers work, however this app is calling to a cisco sensor. Again, it works via MRI but not Jruby. I've tried a number of different things to no avail. I've tried jruby 1.6.7, 1.7, and the recently released 1.7.1.dev. I've also tried jruby-openssl-0.7.4, 0.7.7, and 0.8.0.pre3. I've even tried running the script with from Ruby 1.8, and 1.9.
Failing At https://github.com/jruby/jruby/blob/master/src/org/jruby/ext/openssl/SSLSocket.java#L404 ?
Similar Issue in research: http://jira.codehaus.org/browse/JRUBY-6346
Small Back Trace Excerpt
org/jruby/ext/openssl/Utils.java:79:in newError'
org/jruby/ext/openssl/SSL.java:92:innewSSLError'
org/jruby/ext/openssl/SSLSocket.java:192:in connectCommon'
org/jruby/ext/openssl/SSLSocket.java:162:inconnect'
org/jruby/runtime/callsite/CachingCallSite.java:306:in cacheAndCall'
org/jruby/runtime/callsite/CachingCallSite.java:136:incall'
org/jruby/ast/CallNoArgNode.java:64:in interpret'
org/jruby/ast/NewlineNode.java:105:ininterpret'
I have scoured google with no luck. Any help would be greatly appreciated.
It should also be noted that I am running OSX Mountain Lion 10.8.2.
[UPDATE]
I have ran out of time to debug this and used the following workaround:
Gemfile
gem 'typhoeus'
Test method
def send_post(url, body)
response = Typhoeus::Request.post(url,
:method => :post,
:disable_ssl_host_verification => true,
:disable_ssl_peer_verification => true,
:username => #auth[:username],
:password => #auth[:password],
:headers => {
'Accept' => 'text/xml',
'Content-type' => 'application/binary',
'Connection' => 'keepalive',
'Accept-Charset' => 'iso-8859-1,*,utf-8',
'Pragma' => 'no-cache',
'Cache-Control' => 'no-cache',
},
:body => body
)
response
end

Rails: generate a full URL in an ActionMailer view

I'm using ActionMailer to send a sign up confirmation email. The email needs to contain a link back to the site to verify the user, but I can't persuade Rails to generate a full URL (including the domain etc).
I'm using:
<%= url_for :controller => 'login', :action => 'verify', :guid => #user.new_user.guid, :only_path => false, :host => 'http://plantality.com' %>
in my view
Part b:
In development mode Rails gripes if I don't specify the host explicilty in the link above. But I don't want to do this in production. Any solutions?
To solve the problem to pass a host for generating URLs in ActionMailer, check out this plugin and the reason why I wrote it.
To solve the first issue, use named routes when applicable. Instead of
<%= url_for :controller => 'login', :action => 'verify', :guid => #user.new_user.guid, :only_path => false, :host => 'http://plantality.com' %>
assuming the route is called login, use
<%= login_url(:guid => #user.new_user.guid) %>
Note, I'm using login_url, not login_path.
I'm not sure if it is what you want but in config/environments/development.rb you can specify default options for mailer urls
config.action_mailer.default_url_options = {
:host => "your.host.org",
:port => 3000
}
you can do the same in config/environments/production.rb
I don't know why the previous solutions seem so complicated, but since I'm here why not give my 2 cents...
Go to /config/environments and add:
config.absolute_site_url = 'your site url'
for the respective environment (ie. in development.rb, test.rb, or production.rb). Restart web server.
This allows you to call Rails.application.config.absolute_site_url to get the desired URL. No need for plugins or weird cheat, just store the site url as an application wide variable.
I think its not 100% correct way but this can also be a solution :
See the Using asset hosts section in the documentation. You need to specify an asset_host. You can also construct it dynamically from the request chaining "#{request.protocol}#{request.host_with_port}/login/?guid=#{#user.new_user.guid}"
To generate url, try this
Rails.application.routes.url_helpers.user_url(User.first.id, host: 'yourhost.io')
this will generate url like this:
http://yourhost.io/users/1
As well you can pass some params
expires = Time.now + 2.days
params = {expires: expires}
u = User.first.id
Rails.application.routes.url_helpers.user_url(u, params, host: 'host.com')
will generate:
http://yourhost.io/users/1.expires=2018-08-12+15%253A52%253A15+%252B0300
so you can werifi in action if link is not expired

How do I configure the hostname for Rails ActionMailer?

I'm working on a fairly traditional forgot password email - I want to email the user a password change token embedded in a link that they can click on in order to change their password. I'm emailing via the traditional ActionMailer.
If I use a normal link_to tag
<%= link_to "click here", :controller => foo, :action => 'bar', :token => token %>
I get a relative link - rather useless from an email.
If I add in
:only_path => false, then it errors saying I need to set default_url_options[:host]. The ActionController docs imply that you do that by overriding the #default_url_options methods in your controller. Surely there's a configuration option to tell Rails what it's hostname is without adding my own config file, parsing it, etc?
default_url_options is available from config.action_mailer and should be set in your environment's configuration file.
For example, in config/environments/production.rb:
config.action_mailer.default_url_options = {
:host => 'www.yourdomain.com'
}
For local testing, modify config/environments/development.rb:
config.action_mailer.default_url_options = {
:host => '127.0.0.1',
:port => 3000
}
Then, assuming you have a named route called forgot_password_login, you can generate the login link URL in your mailer using something like this:
forgot_password_login_url(:token => 'a7s8q15sk2...')
You probably want to set :protocol => 'https' as well, btw.
config.action_mailer.default_url_options = {
:host => "portal.example.com",
:protocol => 'https'
}
There is another alternative, as described in http://pivotallabs.com/how-i-leaned-to-stop-hating-and-love-action-mailer/
This solution has the advantage that it doesn't require any configuration (so less of a hassle), and works fine as long as you send emails from within controllers.
But if you plan on sending email without going through a controller (e.g. from command line or in response to another email), you need the static configuration.
Setting default_url_options directly is deprecated in Rails 3.1. Use url_for instead.
Add parameter :protocol to override default value (http), :protocol => 'https://'. This will create url starting with "https://..." instead of default "http://"
Interestingly, I had the same issue as you did, but in unit tests (while following Michael Hartl's railstutorial). I had this line in my test.rb file, but that didn't help:
config.action_mailer.default_url_options = { host: 'example.com', protocol: 'http' }
I've also added another line like this to test.rb, and surprisingly this solved the issue
default_url_options = { host: 'example.com', protocol: 'http' }
Setting default_url_options directly is deprecated in Rails 3.1
Use the url_for helper to create it:
<%= link_to "click here", url_for(:controller => foo, :action => 'bar', :token => token, :host => 'www.yourdomain.com') %>
Can you just do
<%="click here", :controller => foo, :action => 'bar', :token => token, :host=>request.host -%>

Resources