lib/support/ssl_version.rb
require 'active_merchant'
require 'support/gateway_support'
class SSLVersion
attr_accessor :success, :failed, :missing, :errored
def initialize
@gateways = GatewaySupport.new.gateways
@success, @failed, @missing, @errored = [], [], [], []
end
def test_gateways(min_version = :TLS1_1)
raise 'Requires Ruby 2.5 or better' unless Net::HTTP.instance_methods.include?(:min_version=)
puts "Verifying #{@gateways.count} gateways for SSL min_version=#{min_version}\n\n"
@gateways.each do |g|
unless g.live_url
missing << g unless g.abstract_class
next
end
uri = URI.parse(g.live_url)
result, message = test_min_version(uri, min_version)
case result
when :success
print '.'
success << g
when :fail
print 'F'
failed << { gateway: g, message: message }
when :error
print 'E'
errored << { gateway: g, message: message }
end
end
print_summary
end
def print_summary
puts "\n\nSucceeded gateways (#{success.length})"
puts "\n\nFailed Gateways (#{failed.length}):"
failed.each do |f|
puts "#{f[:gateway].name} - #{f[:message]}"
end
puts "\n\nError Gateways (#{errored.length}):"
errored.each do |e|
puts "#{e[:gateway].name} - #{e[:message]}"
end
if missing.length > 0
puts "\n\nGateways missing live_url (#{missing.length}):"
missing.each do |m|
puts m.name
end
end
end
private
def test_min_version(uri, min_version)
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE # don't care about certificate validity, just protocol version
http.min_version = min_version
http.open_timeout = 10
http.read_timeout = 10
http.post('/', '')
return :success
rescue Net::HTTPBadResponse
return :success # version negotiation succeeded
rescue OpenSSL::SSL::SSLError => e
return :fail, e.inspect
rescue Interrupt => e
print_summary
raise e
rescue StandardError => e
return :error, e.inspect
end
end