sslv3 alert unexpected message when using soap4r
-
15-04-2021 - |
Domanda
I am working against the level3 SOAP API. Everything was working wonderfully until recently when OpenSSL was updated.
Here is the full output of the error message:
OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: sslv3 alert unexpected message):
httpclient (2.1.5.2) lib/httpclient/session.rb:247:in `connect'
httpclient (2.1.5.2) lib/httpclient/session.rb:247:in `ssl_connect'
httpclient (2.1.5.2) lib/httpclient/session.rb:639:in `connect'
httpclient (2.1.5.2) lib/httpclient/timeout.rb:128:in `timeout'
httpclient (2.1.5.2) lib/httpclient/session.rb:631:in `connect'
httpclient (2.1.5.2) lib/httpclient/session.rb:522:in `query'
httpclient (2.1.5.2) lib/httpclient/session.rb:147:in `query'
httpclient (2.1.5.2) lib/httpclient.rb:953:in `do_get_block'
httpclient (2.1.5.2) lib/httpclient.rb:765:in `do_request'
httpclient (2.1.5.2) lib/httpclient.rb:848:in `protect_keep_alive_disconnected'
httpclient (2.1.5.2) lib/httpclient.rb:764:in `do_request'
httpclient (2.1.5.2) lib/httpclient.rb:666:in `request'
httpclient (2.1.5.2) lib/httpclient.rb:596:in `post'
/Users/glanotte/.rvm/gems/ruby-1.8.7-p302/gems/soap4r-1.5.8/lib/soap/streamHandler.rb:238:in `send_post'
/Users/glanotte/.rvm/gems/ruby-1.8.7-p302/gems/soap4r-1.5.8/lib/soap/streamHandler.rb:172:in `send'
/Users/glanotte/.rvm/gems/ruby-1.8.7-p302/gems/soap4r-1.5.8/lib/soap/rpc/proxy.rb:179:in `route'
/Users/glanotte/.rvm/gems/ruby-1.8.7-p302/gems/soap4r-1.5.8/lib/soap/rpc/proxy.rb:143:in `call'
/Users/glanotte/.rvm/gems/ruby-1.8.7-p302/gems/soap4r-1.5.8/lib/soap/rpc/driver.rb:181:in `call'
(eval):6:in `validateSLServiceAvailability'
The error is very similar to the error reported here:
http://dev.ctor.org/http-access2/ticket/223
the solution that the person who opened the above was "I fixed this by passing in SSL::OP_NO_TICKET as an option to SSLConfig." I have tried to do this by:
object = WsdlToRubyPortType.new
object.options['client.protocol.http.ssl_config.options'] = OpenSSL::SSL::OP_NO_TICKET
I have tried the following as well:
object.options['client.protocol.http.ssl_config.options'] = "OpenSSL::SSL::OP_NO_TICKET"
object.options['client.protocol.http.ssl_config.options'] = "SSL::OP_NO_TICKET"
The results are identical and the error message persists. I have tried adding a line to the soap/property file but it is not recognized as a valid option by the httpconfigloader.
Any help would be greatly appreciated, I am completely stuck. I feel the answer is obvious but cannot see it.
Soluzione 3
We ended up dropping soap4r, it is severely out of date. Switching libraries, while not ideal, solved the problem. For anyone running into issues similar to this, I recommend switching to savon. It was actually easier than I thought it would be
Altri suggerimenti
You would need to set the config on the HTTP instance:
http = HTTPClient.new
http.ssl_config.options = OpenSSL::SSL::OP_NO_TICKET
It seems that with the latest gem, this is how the option can be set:
jira.driver.options["protocol.http.ssl_config.options"] = OpenSSL::SSL::OP_NO_TICKET
where "jira" is an instance of a JiraTool class.
Just a guess: you may need to first specify OP_ALL then OR in the OP_NO_TICKET bit:
object = WsdlToRubyPortType.new
object.options['client.protocol.http.ssl_config.options'] = OpenSSL::SSL::OP_ALL
object.options['client.protocol.http.ssl_config.options'] |= OpenSSL::SSL::OP_NO_TICKET
Haven't tested this.