Shopify + Ubuntu 12.04LTS + Faraday问题=可以使用较旧的OpenSSL吗? [英] Shopify + Ubuntu 12.04LTS + Faraday issue = OK to use older OpenSSL?
问题描述
我正在使用Ubuntu 12.04LTS Desktop开发Shopify应用程序(使用shopify_app gem),并且在处理回调URL时遇到了这个问题.
I'm using Ubuntu 12.04LTS Desktop to develop a Shopify App (using the shopify_app gem), and I ran into this problem when processing the callback URL.
Faraday::Error::ConnectionFailed (Connection reset by peer - SSL_connect)
查看shopify-app-discuss组找到的另一种方法是使用另一种较旧的OpenSSL, RVM提供的.
Looking at the shopify-app-discuss group here and here, it seems that the problem is with Ubuntu 12.04 and its OpenSSL. I tried to install the most up-to-date OpenSSL, but nothing. One alternative that I found was to use a different, older OpenSSL, one that RVM provides.
$ rvm remove 1.9.3 (or whatever version of ruby you are using)
$ rvm pkg install openssl
$ rvm install 1.9.3 --with-openssl-dir=$rvm_path/usr
现在Shopify应用程序运行正常.它可以连接到API. (本技巧可能会帮助其他Ubuntu 12.04用户!)
And now the Shopify App is working fine. It can connect to the API. (This tip may help other Ubuntu 12.04 users!)
所以,我的问题是:这是最好的解决方案吗?我有点担心较旧的OpenSSL版本.它可能存在一些安全问题.以此开发应用程序安全吗?
So, my question is: Is this the best solution? I'm a little bit concerned about the older OpenSSL version. It might have some security issues. Is it safe to develop the app with this?
当我部署应用程序(例如Heroku)时,使用较旧的OpenSSL是否会出现安全问题?
And when I deploy the app (e.g. Heroku), is there going to be a security issue with an older OpenSSL?
提前谢谢!
推荐答案
其他建议对我们不起作用.具体来说,我们需要强制使用:SSLv3
而不是:TLSv1
. (对于股票Ubuntu 12.04.01 Ruby 1.9.3以及我们从Passenger PPM中使用的股票.)
The other suggestions didn't work for us. Specifically we needed to force :SSLv3
instead of :TLSv1
. (For both the stock Ubuntu 12.04.01 Ruby 1.9.3 and the one that we use from the Passenger PPM.)
此外,还需要检查是否定义了@ssl_options
.我从ActiveResource实现中复制了一个.
Also, there needs to be a check for @ssl_options
being defined. I copied the one from the ActiveResource Implementation.
我们将其放置在config/initializers/shopify_ssl.rb
中,一切都变得柔和:
We dropped this in config/initializers/shopify_ssl.rb
and everything is peachy:
require 'active_resource/connection'
class ActiveResource::Connection
def apply_ssl_options_with_ssl_version(http)
apply_ssl_options_without_ssl_version(http)
return http unless defined?(@ssl_options)
http.ssl_version = @ssl_options[:ssl_version] if @ssl_options[:ssl_version]
http
end
alias_method_chain :apply_ssl_options, :ssl_version
end
ShopifyAPI::Base.ssl_options = { :ssl_version => :SSLv3 }
这篇关于Shopify + Ubuntu 12.04LTS + Faraday问题=可以使用较旧的OpenSSL吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!