Using ssl v23 to avoid POODLE

Ionatan Wiznia · Ionatan Wiznia · commit 1160f9fc0349 · 2014-10-30T12:55:15.000+01:00
diff --git a/barrister.gemspec b/barrister.gemspec
@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name = %q{barrister}
-  s.version = "0.1.1"
+  s.version = "0.1.2"
   s.date = %q{2012-04-25}
   s.authors = [ "James Cooper" ]
   s.homepage = "https://github.com/coopernurse/barrister-ruby"
diff --git a/lib/barrister.rb b/lib/barrister.rb
@@ -25,7 +25,7 @@
 ### Barrister Module
 
 module Barrister
-  
+
   # Reads the given filename and returns a Barrister::Contract
   # object.  The filename should be a Barrister IDL JSON file created with
   # the `barrister` tool.
@@ -70,7 +70,7 @@ def parse_method(method)
     end
   end
   module_function :parse_method
-  
+
   # Helper function to create a JSON-RPC 2.0 response hash.
   #
   # * `req` - Request hash sent from the client
@@ -123,7 +123,7 @@ def initialize(code, message, data=nil)
     end
 
   end
- 
+
   ### Server
 
   # The Server class is responsible for taking an incoming request, validating
@@ -134,7 +134,7 @@ def initialize(code, message, data=nil)
   # It uses the Contract for validation.
   #
   # The Server doesn't do any network communication.  It contains a default
-  # `handle_json` convenience method that encapsulates JSON serialization, and a 
+  # `handle_json` convenience method that encapsulates JSON serialization, and a
   # lower level `handle` method.  This will make it easy to add other serialization
   # formats (such as MessagePack) later.
   #
@@ -161,7 +161,7 @@ def add_handler(iface_name, handler)
       @handlers[iface_name] = handler
     end
 
-    # Handles a request encoded as JSON.  
+    # Handles a request encoded as JSON.
     # Returns the result as a JSON encoded string.
     def handle_json(json_str)
       begin
@@ -170,7 +170,7 @@ def handle_json(json_str)
       rescue JSON::ParserError => e
         resp = err_resp({ }, -32700, "Unable to parse JSON: #{e.message}")
       end
-      
+
       # Note the `:ascii_only` usage here. Important.
       return JSON::generate(resp, { :ascii_only=>true })
     end
@@ -212,13 +212,13 @@ def handle_single(req)
       if err_resp != nil
         return err_resp
       end
-      
+
       # Make sure that the params on the request match the IDL types
       err_resp = @contract.validate_params(req, func)
       if err_resp != nil
         return err_resp
       end
-      
+
       params = [ ]
       if req["params"]
         params = req["params"]
@@ -237,10 +237,10 @@ def handle_single(req)
         return err_resp(req, -32000, "Server error. Handler for #{iface.name} does not implement #{func.name}")
       end
 
-      begin 
+      begin
         # Call the handler function. This is where your code gets invoked.
         result  = handler.send(func.name, *params)
-        
+
         # Verify that the handler function's return value matches the
         # correct type as specified in the IDL
         err_resp = @contract.validate_result(req, result, func)
@@ -261,13 +261,13 @@ def handle_single(req)
     end
 
   end
-  
+
   ### Client
 
   # This is the main class used when writing a client for a Barrister service.
   #
-  # Clients accept a transport class on the constructor which encapsulates 
-  # serialization and network communciation.  Currently this module only provides a 
+  # Clients accept a transport class on the constructor which encapsulates
+  # serialization and network communciation.  Currently this module only provides a
   # basic HTTP transport, but other transports can be easily written.
   class Client
     include Barrister
@@ -298,7 +298,7 @@ def initialize(trans, validate_req=true, validate_result=true)
     def get_meta
       return @contract.meta
     end
-   
+
     # Returns a Barrister::BatchClient instance that is associated with this Client instance
     #
     # Batches let you send multiple requests in a single round trip
@@ -330,7 +330,7 @@ def init_proxies
       end
     end
 
-    # Sends a JSON-RPC request.  This method is automatically called by the proxy classes, 
+    # Sends a JSON-RPC request.  This method is automatically called by the proxy classes,
     # so in practice you don't usually call it directly.  However, it is available if you
     # wish to avoid the use of proxy classes.
     #
@@ -342,37 +342,37 @@ def request(method, params)
       if params
         req["params"] = params
       end
-      
+
       # We always validate that the method is valid
       err_resp, iface, func = @contract.resolve_method(req)
       if err_resp != nil
         return err_resp
       end
-        
+
       if @validate_req
         err_resp = @contract.validate_params(req, func)
         if err_resp != nil
           return err_resp
         end
       end
-      
+
       # This makes the request to the server
       resp = @trans.request(req)
-      
+
       if @validate_result && resp != nil && resp.key?("result")
         err_resp = @contract.validate_result(req, resp["result"], func)
         if err_resp != nil
           resp = err_resp
         end
       end
-      
+
       return resp
     end
 
   end
 
   # Default HTTP transport implementation.  This is a simple implementation that
-  # doesn't support many options.  We may extend this class in the future, but 
+  # doesn't support many options.  We may extend this class in the future, but
   # you can always write your own transport class based on this one.
   class HttpTransport
 
@@ -382,7 +382,7 @@ def initialize(url)
       @uri = URI.parse(url)
     end
 
-    # `request` is the only required method on a transport class.  
+    # `request` is the only required method on a transport class.
     #
     # `req` is a JSON-RPC request with `id`, `method`, and optionally `params` slots.
     #
@@ -397,6 +397,7 @@ def request(req)
       json_str = JSON::generate(req, { :ascii_only=>true })
       http    = Net::HTTP.new(@uri.host, @uri.port)
       http.use_ssl = (@uri.scheme == 'https')
+      http.ssl_version = :SSLv23
       request = Net::HTTP::Post.new(@uri.request_uri)
       request.body = json_str
       request["Content-Type"] = "application/json"
@@ -469,7 +470,7 @@ def request(req)
   # Use a batch if you have many small requests that you'd like to send at once.
   #
   # **Note:** the JSON-RPC spec indicates that servers **may** execute batch
-  # requests in parallel.  Do **not** batch requests that depend on being 
+  # requests in parallel.  Do **not** batch requests that depend on being
   # sequentially executed.
   class BatchClient < Client
 
@@ -509,7 +510,7 @@ def send
 
       # Send request batch to server
       resp_list = @parent.trans.request(requests)
-      
+
       # Build a hash for the responses so we can re-order them
       # in request order.
       sorted    = [ ]
@@ -536,7 +537,7 @@ def send
   end
 
   # Internal class used by the Client and BatchClient classes
-  # 
+  #
   # Each instance represents a proxy for a single interface in the IDL,
   # and will contain a method for each function in the interface.
   #
@@ -567,7 +568,7 @@ def initialize(client, iface)
   end
 
   ### Contract / IDL
-  
+
   # Represents a single parsed IDL definition
   class Contract
     include Barrister
@@ -576,7 +577,7 @@ class Contract
 
     # `idl` must be an Array loaded from a Barrister IDL JSON file
     #
-    # `initialize` iterates through the IDL and stores the 
+    # `initialize` iterates through the IDL and stores the
     # interfaces, structs, and enums specified in the IDL
     def initialize(idl)
       @idl = idl
@@ -612,7 +613,7 @@ def interface(name)
     def interfaces
       return @interfaces.values
     end
-    
+
     # Takes a JSON-RPC request hash, and returns a 3 element tuple. This is called as
     # part of the request validation sequence.
     #
@@ -625,7 +626,7 @@ def resolve_method(req)
       if iface_name == nil
         return err_resp(req, -32601, "Method not found: #{method}")
       end
-      
+
       iface = interface(iface_name)
       if !iface
         return err_resp(req, -32601, "Interface not found on IDL: #{iface_name}")
@@ -635,10 +636,10 @@ def resolve_method(req)
       if !func
         return err_resp(req, -32601, "Function #{func_name} does not exist on interface #{iface_name}")
       end
-      
+
       return nil, iface, func
     end
-    
+
     # Validates that the parameters on the JSON-RPC request match the types specified for
     # this function
     #
@@ -670,7 +671,7 @@ def validate_params(req, func)
       # valid
       return nil
     end
-    
+
     # Validates that the result from a handler method invocation match the return type
     # for this function
     #
@@ -726,7 +727,7 @@ def validate(name, expected, expect_array, val)
           else
             return type_err(name, "[]"+expected["type"], val)
           end
-          
+
         # Check the built in Barrister primitive types
         elsif exp_type == "string"
           if val.class == String
@@ -748,23 +749,23 @@ def validate(name, expected, expect_array, val)
           else
             return type_err(name, exp_type, val)
           end
-          
+
         # Expected type is not an array or a Barrister primitive.
         # It must be a struct or an enum.
         else
-          
+
           # Try to find a struct
           struct = @structs[exp_type]
           if struct
             if !val.kind_of?(Hash)
               return "#{name} #{exp_type} value must be a map/hash. not: " + val.class.name
             end
-            
+
             s_field_keys = { }
-            
+
             # Resolve all fields on the struct and its ancestors
             s_fields = all_struct_fields([], struct)
-            
+
             # Validate that each field on the struct has a valid value
             s_fields.each do |f|
               fname = f["name"]
@@ -774,14 +775,14 @@ def validate(name, expected, expect_array, val)
               end
               s_field_keys[fname] = 1
             end
-            
+
             # Validate that there are no extraneous elements on the value
             val.keys.each do |k|
               if !s_field_keys.key?(k)
                 return "#{name}.#{k} is not a field in struct '#{exp_type}'"
               end
             end
-            
+
             # Struct is valid
             return nil
           end
@@ -839,7 +840,7 @@ def type_err(name, exp_type, val)
 
   end
 
-  # Represents a Barrister IDL "interface" 
+  # Represents a Barrister IDL "interface"
   class Interface
 
     attr_accessor :name
@@ -859,14 +860,14 @@ def functions
     def function(name)
       return @functions[name]
     end
-    
+
   end
 
-  # Represents a single function on a Barrister IDL "interface" 
+  # Represents a single function on a Barrister IDL "interface"
   class Function
 
     attr_accessor :name, :returns, :params
-    
+
     def initialize(f)
       @name    = f["name"]
       @returns = f["returns"]
