Mechanize with SSL thru proxy error - ruby

My code:
require 'machanize'
agent = Mechanize.new
agent.user_agent = 'Mac Safari'
page = agent.get 'https://github.com
Everything is ok. But here what i've got if try to use proxy
require 'machanize'
agent = Mechanize.new
agent.user_agent = 'Mac Safari'
agent.set_proxy 'X.X.X.X', <port>
page = agent.get 'https://github.com
i've got
OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A
I've also tried to turn off validation of cert, trying different certs and other. Any way, this error i've only got when trying to use proxy. Any ideas?

It was problem in 'openssl' program. I've installed postgresql.app on my system and it change PATH env to it self. So, same programs comes from poesgresql.app and openssl too. Problem was solved with correcting path, to make system's openssl preferred by default.

Related

Images don't download correctly Ruby

I'm trying to make a simple program that downloads a file (image) from the Internet and stores it on my computer using Ruby. I get it to download something but the images look really weird. I run Windows 10 and Ruby 2.2.3. This is my code:
require "open-uri"
require "openSSL"
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
File.open("test.jpg", "w+") do |f|
open("https://upload.wikimedia.org/wikipedia/commons/c/c9/Moon.jpg","r") do |file|
f.puts file.read
end
end
These two lines:
require "openSSL"
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
are to solve a problem where I get this error if I try to download a file via https:
C:/Ruby22-x64/lib/ruby/2.2.0/net/http.rb:923:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)
Better solutions for this are very welcome!
Here is one example when I tried to download this image: https://upload.wikimedia.org/wikipedia/commons/c/c9/Moon.jpg the downloaded file looked like this: test.jpg
But it only seems to happen to images. HTML files look exactly the same. I know images can look different depending on file type but the URL ends with .jpg and when you download it via for example chrome, it is stored as a .jpg.
All suggestions are appreciated!

SSLv3 read server certificate B: certificate verify failed (Twitter::Error)

I have received this error message:
twitter/rest/client.rb:96:in 'rescue in request' ssl_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (Twitter::Error)
My code is:
require 'twitter'
client = Twitter::REST::Client.new do |config|
config.consumer_key = "xxxx" #removed for posting
config.consumer_secret = "xxxx" #removed for posting
config.access_token = "xxxx" #removed for posting
config.access_token_secret = "xxxx" #removed for posting
end
client.status(27558893223)
I am working with Windows 7 and Ruby 1.9.3. I have installed the latest certificates and updated my ruby gems to the latest version.
I have tried http://railsapps.github.io/openssl-certificate-verify-failed.html and https://gist.github.com/fnichol/867550 already and have been able to install everything mentioned there, but the error persists.
This is How you fix this problem is Windows
download .perm file first, then set the SSL_CERT_FILE in command prompt like this:
SSL_CERT_FILE=C:\my_path\to.pem
https://gist.github.com/fnichol/867550

How do I make HTTParty ignore SSL?

I'm using a local server to test an application, and make requests to that server from my own machine.
The test server's SSL is bad, and HTTParty throws errors because of that. From what I read, HTTParty should ignore SSL by default, but when I try to do this:
HTTParty.get( "#{ #settings.api_server }#{ url }" ).parsed_response
It throws this error:
OpenSSL::SSL::SSLError at /
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
How do I make it ignore the SSL?
In the latest HTTParty, you can use the verify option to disable SSL verification;
HTTParty.get( "#{ #settings.api_server }#{ url }", :verify => false ).parsed_response
To make HTTParty always skip SSL cert verification, and not have to specify this in every call:
require 'httparty'
HTTParty::Basement.default_options.update(verify: false)
HTTParty.get("#{#settings.api_ssl_server}#{url1}")
HTTParty.get("#{#settings.api_ssl_server}#{url2}")
HTTParty.get("#{#settings.api_ssl_server}#{url3}")
# ...
You can also do this scoped to a class when including HTTParty as a module:
require 'httparty'
class Client
include HTTParty
default_options.update(verify: false)
end
Client.get("#{#settings.api_ssl_server}#{url1}")
Client.get("#{#settings.api_ssl_server}#{url2}")
Client.get("#{#settings.api_ssl_server}#{url3}")
Or
require 'httparty'
module APIHelpers
class Client
include HTTParty
default_options.update(verify: false)
end
end
World(APIHelpers)
Client.get("#{#settings.api_ssl_server}#{url1}")
Client.get("#{#settings.api_ssl_server}#{url2}")
Client.get("#{#settings.api_ssl_server}#{url3}")
If you want to still send your certificates, use this flag:
verify_peer: false
This may be totally off base, as I'm new to Ruby, but this is what worked for me when other solutions wouldnt
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
Additional ways of doing this, if you get a 'dynamic constant assignment' (pulled from here)
OpenSSL::SSL.const_set(:VERIFY_PEER, OpenSSL::SSL::VERIFY_NONE)

Why does accessing a SSL site with Mechanize on Windows fail, but on Mac work?

This is the code I'm using to connect to the SSL site.
require 'mechanize'
a = Mechanize.new
page = a.get 'https://site.com'
I"m using using Ruby 1.9.3 and Mechanize 2.1pre1 + dependencies. On Mac the above code works and returns the page. On windows 7 running the same versions it gives me the following error:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3
read server certificate B: certificate verify failed
Reverting to Mechanize 2.0.1 seems to solve this problem, but I then get plagued with the too many connections reset by peer problem. Thus that is not a solution.
I've tried doing a.verify_mode = false, but that does not do anything. I have read that you can turn off SSL verification by using:
open(uri,:ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE)
How can I turn it off in Mechanize ? Why am I only getting this error on Windows ?
The version of OpenSSL (the library used to establish secure connections with Net::HTTPS) is not able to properly find the certificate chain in your computer.
To our bad, OpenSSL was never able to use the Windows installed cert storage to validate remote servers so is failing because of that.
From your example, you can do:
a.agent.http.verify_mode = OpenSSL::SSL::VERIFY_NONE
To avoid the verification, however that is far from ideal (due clear security issues)
I recommend you download some cert bundles (like the ones from curl):
http://curl.haxx.se/ca
And modify your code to something like this:
require "rbconfig"
require "mechanize"
a = Mechanize.new
# conditionally set certificate under Windows
# http://blog.emptyway.com/2009/11/03/proper-way-to-detect-windows-platform-in-ruby/
if RbConfig::CONFIG["host_os"] =~ /mingw|mswin/
# http://curl.haxx.se/ca
ca_path = File.expand_path "~/Tools/bin/curl-ca-bundle.crt"
a.agent.http.ca_file = ca_path
end
page = a.get "https://github.com/"
That seems to work, Ruby 1.9.3-p0 (i386-mingw32), Windows 7 x64 and mechanize 2.1.pre.1
Hope that helps.
Luis' answer looks fine but more generally:
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
You can simply do the following:
agent = Mechanize.new
agent.verify_mode = OpenSSL::SSL::VERIFY_NONE
This worked on the latest version 2.8

sslv3 alert illegal parameter using Net::HTTP in Ruby on Linux

I am attempting to use a remote system for user authentication. This chunk of code gets a response when I run it on MacOSX, but fails on my machine:
def create
uri = URI.parse('https://ourclient.example.com/')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new('/login.jsp')
request.set_form_data({'login_name' => params[:login], 'password' => params[:password]})
response = http.request(request)
puts "Response BODY: #{response.body.inspect}"
end
Turning verify off gets rid of a warning on the Macs. On my machine, the http.request raises this exception:
OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: sslv3 alert illegal parameter):
app/controllers/sessions_controller.rb:16:in `create'
I get the same behavior using IRB without Rails. I did a clean install of Fedora 14 yesterday, installed the required development tools and libraries. I'm using Ruby 1.9.2-p180, and Rails 3.0.4. I thought I might have had my libraries misconfigured (I had Fedora 12 that had been upgraded a few times), but this is now a new install.
The remote system is probably Microsoft's IIS, but I'm not certain of that. Perhaps I can use an older SSL protocol, but my Google-fu can't find the incantation.
I would appreciate any tips on resolving this issue. Thanks,
Chris
how was created the ssl cert on the server? self-signed or ca-signed?
which is the error you receive if you remove the VERIFY_NONE?
use Mechanize gem for it
gem install mechanize
and try
require 'mechanize'
page = Mechanize.new{|a| a.ssl_version, a.verify_mode = 'SSLv3', OpenSSL::SSL::VERIFY_NONE}.get "**YOUR HTTPS LINK HERE**"

Resources