Rails omniauth facebook SSL handshake failure -



Rails omniauth facebook SSL handshake failure -

my app has been running fine months, , of sudden logging in doesn't work, this:

2014-10-18t18:09:33.971670+00:00 app[web.1]: faraday::sslerror (ssl_connect returned=1 errno=0 state=sslv3 read server hello a: sslv3 alert handshake failure): 2014-10-18t18:09:33.971672+00:00 app[web.1]: vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:918:in `connect' 2014-10-18t18:09:33.971674+00:00 app[web.1]: vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:918:in `block in connect' 2014-10-18t18:09:33.971675+00:00 app[web.1]: vendor/ruby-2.0.0/lib/ruby/2.0.0/timeout.rb:52:in `timeout' 2014-10-18t18:09:33.971676+00:00 app[web.1]: vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:918:in `connect' 2014-10-18t18:09:33.971678+00:00 app[web.1]: vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:862:in `do_start' 2014-10-18t18:09:33.971679+00:00 app[web.1]: vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:851:in `start' 2014-10-18t18:09:33.971680+00:00 app[web.1]: vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:1367:in `request' 2014-10-18t18:09:33.971682+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/newrelic_rpm-3.8.1.221/lib/new_relic/agent/instrumentation/net.rb:27:in `block (2 leve ls) in request_with_newrelic_trace' 2014-10-18t18:09:33.971683+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/newrelic_rpm-3.8.1.221/lib/new_relic/agent.rb:404:in `disable_all_tracing' 2014-10-18t18:09:33.971685+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/newrelic_rpm-3.8.1.221/lib/new_relic/agent/instrumentation/net.rb:26:in `block in requ est_with_newrelic_trace' 2014-10-18t18:09:33.971686+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/newrelic_rpm-3.8.1.221/lib/new_relic/agent/cross_app_tracing.rb:41:in `trace_http_requ est' 2014-10-18t18:09:33.971687+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/newrelic_rpm-3.8.1.221/lib/new_relic/agent/instrumentation/net.rb:23:in `request_with_ newrelic_trace' 2014-10-18t18:09:33.971689+00:00 app[web.1]: vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:1126:in `get' 2014-10-18t18:09:33.971690+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/faraday-0.9.0/lib/faraday/adapter/net_http.rb:78:in `perform_request' 2014-10-18t18:09:33.971691+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/faraday-0.9.0/lib/faraday/adapter/net_http.rb:39:in `call' 2014-10-18t18:09:33.971693+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/faraday-0.9.0/lib/faraday/request/url_encoded.rb:15:in `call' 2014-10-18t18:09:33.971694+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/faraday-0.9.0/lib/faraday/rack_builder.rb:139:in `build_response' 2014-10-18t18:09:33.971695+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/faraday-0.9.0/lib/faraday/connection.rb:377:in `run_request' 2014-10-18t18:09:33.971696+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/oauth2-0.8.1/lib/oauth2/cli ent.rb:88:in `request' 2014-10-18t18:09:33.971698+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/oauth2-0.8.1/lib/oauth2/access_token.rb:99:in `request' 2014-10-18t18:09:33.971699+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/oauth2-0.8.1/lib/oauth2/access_token.rb:106:in `get' 2014-10-18t18:09:33.971700+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/omniauth-facebook-access-token-0.1.3/lib/omniauth/strategies/facebook-access-token.rb: 90:in `callback_phase' 2014-10-18t18:09:33.971702+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/omniauth-1.2.1/lib/omniauth/strategy.rb:227:in `callback_call' 2014-10-18t18:09:33.971703+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/omniauth-1.2.1/lib/omniauth/strategy.rb:184:in `call!' 2014-10-18t18:09:33.971704+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/omniauth-1.2.1/lib/omniauth/strategy.rb:164:in `call' 2014-10-18t18:09:33.971706+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/omniauth-1.2.1/lib/omniauth/strategy.rb:186:in `call!' 2014-10-18t18:09:33.971707+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/omniauth-1.2.1/lib/omniauth/strategy.rb:164:in `call' 2014-10-18t18:09:33.971708+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/omniauth-1.2.1/lib/omniauth/builder.rb:59:in `call' 2014-10-18t18:09:33.971709+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/newrelic_rpm-3.8.1.221/lib/new_relic/rack/error_collector.rb:55:in `call' 2014-10-18t18:09:33.971711+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/newrelic_rpm-3.8.1.221/lib/new_relic/rack/agent_hooks.rb:32:in `call' 2014-10-18t18:09:33.971712+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/newrelic_rpm-3.8.1.221/lib/new_relic/rack/browser_monitoring.rb:27:in `call' 2014-10-18t18:09:33.971713+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/rack-ssl-1.4.1/lib/rack/ssl.rb:27:in `call' 2014-10-18t18:09:33.971714+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/warden-1.2.3/lib/warden/manager.rb:35:in `block in call' 2014-10-18t18:09:33.880979+00:00 app[web.1]: i, [2014-10-18t18:09:33.880840 #15] info -- omniauth: (facebook_access_token) callback phase initiated. 2014-10-18t18:09:33.971716+00:00 app[web.1]: vendor/bundle/ruby/2.0.0/gems/warden-1.2.3/lib/warden/manager.rb:34:in `catch'

i accidentally stumbled upon tweet mentioned facebook quietly dealt poodle vulnerability in manner, , have feeling has im experiencing. im not sure how solve it

well basically, in case happened -- using omniauth-facebook gem, , within gem ( not sure ) kept using sslv3 (even though facebook dropped due poodle vulnerability ). switched koala gem instead , go!

ruby-on-rails facebook ssl omniauth poodle-attack

Comments

Post a Comment

Popular posts from this blog

c# - ASP.NET MVC Sequence contains no matching element -

c# - ASP.NET MVC Sequence contains no matching element - i new asp.net mvc. have finished project unusual issue appeared in project. as seek run project error message. an exception of type 'system.invalidoperationexception' occurred in entityframework.dll not handled in user code additional information: sequence contains no matching element in 1 of controller using statement below groups display in dropdownlist. http://localhost....../clients (trying run page) , getting error on line containing code below. viewbag.groupdropdownvalues = new selectlist(db.groups.orderby(m => m.groupid), "groupid", "groupname"); or other controller: viewbag.categorydropdownvalues = new selectlist(db.category.orderby(m => m.categoryid), "categoryid", "categoryname"); this happening in controllers using syntax. i need display dropdownlists values database. working correctly till morning. don't have thought changed ,
Read more

java - Parsing XML, skip certain tags -

java - Parsing XML, skip certain tags - i next mkyong's great tutorial on how parse xml in java, have situation need read tags within area. e.g. <?xml version="1.0"?> <company> <staff id="1001"> <firstname>yong</firstname> <lastname>mook kim</lastname> <nickname>mkyong</nickname> <salary>100000</salary> </staff> <staff id="2001"> <firstname>low</firstname> <lastname>yin fong</lastname> <nickname>fong fong</nickname> <salary>200000</salary> </staff> <changes> <staff id="2001"> <firstname>low</firstname> <lastname>yin fong</lastname> <nickname>fong fong</nickname> <old_salary>175000</salary> <ne
Read more

rest - How to invalidate user session on inactivity in a stateless server? -

rest - How to invalidate user session on inactivity in a stateless server? - i'm building stateless restful server backend in java, used angularjs frontend. since should stateless, don't create sessions generate access tokens, more exactly json web tokens, client has nowadays on every request. the tokens contain "expires" field acts absolute expiration date. however, have additional expiration on user inactivity. define access token valid long 24 hours if user active 1 time every 30 minutes. i implement writing database on every request , verify time between requests, seems lot of work working out of box when using application server's session management. to 100% stateless on server side need force state logic client. solution is: issue jwt 2 expiry dates (one session - 30 minutes, sec refresh - 24h) implement getting new token same user previous token (new token has new expiry date session, same refresh) reject requests when whatever expir
Read more