|
|
|
|
|
|
by rubynerd
5128 days ago
|
|
|
Hmm, at the moment I'm writing something in Ruby using OpenSSL, where a Socket object becomes an OpenSSL::SSL::SSLSocket It's an absolute nightmare. It won't stay alive for more than 10 minutes without some form of OpenSSL error, and I've even managed to create some kind of weird condition where pure bytes and other garbage are read off the socket What really concerns me is the lack of documentation for this. It's SSL, out of any piece of Ruby I would like it to be the most documentated/most maintained/easy to find help with piece, but instead, I've been stuck with this giant piece of broken code for three months with no idea where to et help The point being, it's all very well saying massive companies with engineers on tap are supporting these technologies. But for a startup with one person at the keyboard, they are figuratively screwed. I'm still holding out for the possibility that there is somewhere in the world someone who understands how to securely handle OpenSSL sockets in Ruby, I really do. I refuse to go to MVP with a server which is raising exceptions left right and center, and at the moment, that's gonna kill the startup dead in its tracks. |
|
|
I wrote an article[1] on this a while back (C++ code), but it should give you an idea as to how to accomplish this. Do note that it looks complicated at first, but it is fairly easy to implement.
Code based on what is in that article has been in production service for about 4 months now and it is completely stable. No weird errors, no weird issues, nothing.
Also, if you let something like OpenSSL causing issues kill your startup dead in its tracks you need to reconsider what MVP is... restart it every so often if it becomes an issue, fork a different process like netcat that does the SSL instead and use pipes to communicate. Please don't let issues with SSL kill your product!
[1]: http://funcptr.net/2012/04/08/openssl-as-a-filter-(or-non-bl...