Need a bit of a hand with a new Gateway

101 views
Skip to first unread message

Robert Cotey

unread,
Jun 17, 2013, 5:13:00 PM6/17/13
to activem...@googlegroups.com
I have created a new Gateway module for Active Merchant. Everything works fine, except that I have to use Crub instead of the built in ssl_post method.

I have overwritten the ssl_post method as such

def ssl_post(url, data, headers={})
  url = "#{url}?#{data}"
  curlObj = Curl::Easy.new(url)
  curlObj.connect_timeout = 15
  curlObj.timeout = 15
  curlObj.header_in_body = false
  curlObj.ssl_verify_peer = false
  curlObj.post_body = ''
  curlObj.perform()
  data = curlObj.body_str
  data
end



The main problem seems to be some kind of time out when doing ssl_post (the original).

The class should let me just remove my ssl_post method to use use the original one, but for some reason it just won't connect. 

I have the same problem when trying to wget from the command line, or using Net::HTTP, though I can not figure out why. Even when using  verify_mode = OpenSSL::SSL::VERIFY_NONE it still won't work. 

Any ideas would be helpful. I would like to submit a pull request, but I don't think that's proper if I add a new dependency just for this ( which is almost something I am just missing).

Nathaniel Talbott

unread,
Jun 18, 2013, 8:25:58 PM6/18/13
to activem...@googlegroups.com
I'm a bit confused - why do you have to use Curl? Is the issue that it only works with Curl, or that when you use Curl other things time out?

--
Nathaniel


--
You received this message because you are subscribed to the Google Groups "Active Merchant" group.
To unsubscribe from this group and stop receiving emails from it, send an email to activemerchan...@googlegroups.com.
To post to this group, send email to activem...@googlegroups.com.
Visit this group at http://groups.google.com/group/activemerchant.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

Robert Cotey

unread,
Jun 18, 2013, 11:45:09 PM6/18/13
to activem...@googlegroups.com
 Because I have only be able to get it to work with curl, though to be honest I can't figure out why.

Nathaniel Talbott

unread,
Jun 19, 2013, 12:15:36 AM6/19/13
to activem...@googlegroups.com
OK, can you try using the original ssl_post, but adding these lines at the top of your test that is timing out?

  require 'logger'
  ActiveMerchant::Billing::Gateway.logger = Logger.new(STDOUT)
  ActiveMerchant::Billing::Gateway.wiredump_device = STDOUT

I'm really curious as to what output that spits out. Thanks!

--
Nathaniel

Robert Cotey

unread,
Jun 19, 2013, 11:07:11 AM6/19/13
to activem...@googlegroups.com
The output is: 

I, [2013-06-19T11:04:42.318371 #32606]  INFO -- : [ActiveMerchant::Billing::MerchantOneGateway] POST https://secure.merchantonegateway.com/api/transact.php
D, [2013-06-19T11:04:42.318515 #32606] DEBUG -- : firstname=&lastname=&username=****&password=****&cvv=123&ccnumber=4111111111111111&ccexp=0914&address1=1234+My+Street&city=Tampa&state=FL&zip=33603&country=US&amount=100.00&type=auth
opening connection to secure.merchantonegateway.com...
opened
Conn close because of connect error execution expired

Nathaniel Talbott

unread,
Jun 19, 2013, 11:27:09 AM6/19/13
to activem...@googlegroups.com
I wonder if they could be doing something bogus like checking the user agent? Can you try setting the user agent header when calling ssl_post to match the agent sent by Curl?

--
Nathaniel

Robert Cotey

unread,
Jun 20, 2013, 3:57:46 PM6/20/13
to activem...@googlegroups.com
Same behavior. My best guess is that something in ssl negation is going sideways. But I can't figure out why.

Nathaniel Talbott

unread,
Jun 21, 2013, 10:39:18 AM6/21/13
to activem...@googlegroups.com
It looks like openssl can be used to debug HTTPS:


I'd probably be looking at something like that next.

I'd also recommend forcing the use of every different version of SSL/TLS possible: SSL 3.0, TLS v1.0, TLS v1.1, and TLS v1.2 at a minimum.

--
Nathaniel

Robert Cotey

unread,
Jun 21, 2013, 1:31:06 PM6/21/13
to activem...@googlegroups.com
That did it. I found the issue. Ruby's SSL implementation (with Net:HTTP) doesn't like to degrade to a proper ssl method for this server. 

Basically just a very odd set of configurations. The server wanted TLS 1.2 -> SSLv3 -> .....  But Ruby, for whatever reason was getting stuck on TLSv1. Once I told it to just use SSLv3 it started working like you would think it would.

Not sure why ruby would not decide to pick the correct version of TLS for the connection, that's still very odd to me, but it's working. And overwiding new_connection is slightly less cludgy then adding a totally new gem requirement. Thanks for the help. Will submit the pull request shortly, after I clean up, then I can start the real fun of trying to get it included.  
Reply all
Reply to author
Forward
0 new messages