« Back to channel list

#ruby - 21 December 2018

« Back 1 day Forward 1 day »
[00:00:06] ixti: isene: where do you get `false`?
[00:00:19] ixti: basically it means `fileutils` was already required
[00:00:46] uplime: isene: are you using something like pry?
[00:01:51] isene: I tried both irb and pry and get the same (as the first command)
[00:02:41] havenwood: isene: It's always `false` in Pry, since Pry requires FileUtils. In IRB it'd usually be `true` the first time.
[00:03:37] cnsvc_: has joined #ruby
[00:07:10] havenwood: isene: Maybe Ubuntu packagers are doing `irb -rfileutils` or patched IRB. Assuming it's not causing you any issue? Just curious?
[00:09:47] uplime: fwiw it works for me: https://clbin.com/Ci82V
[00:11:04] tiff: has joined #ruby
[00:11:40] isene: Hmm.. it seems it doesn't cause me any issues - I have an issue that I'm wrestling with, and I thought this could be an issue but it's not. Thanks for the input regarding pry and fileutils, though - I didn't know that
[00:18:40] nchambers: has joined #ruby
[00:21:16] isene: I have a mail fetch script that has run more than 5 million times without a hickup. Now as I upgraded from Ubuntu 18.04 to 18.10 (with Ruby 2.5), I get this when trying to login to a remote (gmail) server:
[00:21:21] isene: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate)
[00:21:22] isene: from /usr/lib/ruby/2.5.0/net/protocol.rb:44:in `connect_nonblock'
[00:25:56] Some-body_: has joined #ruby
[00:30:50] ellcs: has joined #ruby
[00:33:50] havenwood: isene: Did you add your self-signed cert .crt to /usr/local/share/ca-certificates and c_rehash or whatever?
[00:34:28] havenwood: isene: Normally you'd install the update-ca-certificates package to update certs, but looks like you're using a self signed one?
[00:35:35] isene: havenwood: I'm clueless in this - my script has worked just nicely before and now it fails... baby steps please?
[00:35:37] cnsvc_: has joined #ruby
[00:36:33] havenwood: isene: So this isn't a Ruby issue, but your OS has a list of certs it trusts. There's an apt package called update-ca-certificates that folk usually use to update trusted certs.
[00:37:17] isene: There is no package called update-ca-certificates on Ubuntu 18.10 :-/
[00:38:41] isene: And also; ca-certificates is already the newest version (20180409)
[00:38:54] havenwood: isene: That's what I meant, ca-certificates.
[00:39:06] havenwood: (I forgot the package name.)
[00:39:42] isene: So, how do I fix the error that my script encounters, then?
[00:39:44] havenwood: isene: In your case, an up-to-date list of trusted certs doesn't help, because it's balking at a self-signed cert.
[00:39:54] havenwood: isene: "certificate verify failed (self signed certificate)"
[00:40:09] havenwood: isene: So it's up to you to trust your own cert.
[00:40:11] isene: Do I need that to login to gmail?
[00:40:37] isene: Or how do I make me trust my cert here?
[00:40:53] isene: "me" as in "my system"
[00:42:59] havenwood: isene: It's pretty offtopic for this channel, but the good folk in #ubuntu can probably guide you.
[00:43:42] havenwood: isene: Generally, try `apropos certificates`, and then check any manpages that seem relevant. Like: man update-ca-certificates
[00:45:23] havenwood: isene: It's likely put a cert in a folder then run a command. I don't recall offhand or I'd just say.
[00:46:24] havenwood: isene: Or you're not supposed to be using a self-signed cert. That's another possibility, but the reason Ruby is balking is it doesn't know about this cert.
[00:47:55] havenwood: isene: I see you mention Gmail, which makes me think something is amiss with a self-signed cert.
[00:48:25] havenwood: isene: Check the cert outside Ruby, but it's likely a system problem rather than Ruby-related.
[00:49:11] isene: Thanks for trying to help me here... So, how can I check the cert outside Ruby?
[00:52:44] havenwood: isene: E.g.: openssl s_client -showcerts -connect gmail.com:https
[00:53:41] havenwood: isene: Take a look at the cert and see if you can spot any issues. You might want to read up a bit on certs.
[00:54:02] isene: wooha - lots of stuff :-)
[00:55:43] isene: Hmmm... doesn't seem bad - can't see any issues :-/
[00:57:16] Puffball: has joined #ruby
[00:57:23] havenwood: isene: Is there a certificate chain? You changed "gmail.com" to what you're really hitting?
[00:59:38] havenwood: isene: If you can share your Ruby code, folk here might be better able to guess what's going on.
[01:03:28] jottr: has joined #ruby
[01:03:31] isene: havenwood: Sure, it's all here: https://github.com/isene/mailfetch/blob/master/mail_fetch.rb
[01:09:14] Tharbakim: has joined #ruby
[01:11:02] DTZUZO: has joined #ruby
[01:13:14] isene: havenwood: It's failing on this: $imap_from = Net::IMAP.new("imap.gmail.com", port="993", usessl="true")
[01:25:01] hutch: has joined #ruby
[01:33:35] tiff: has joined #ruby
[01:43:25] lunarkitty7: has joined #ruby
[01:48:28] DTZUZO: has joined #ruby
[01:49:22] roshanavand: has joined #ruby
[01:50:17] cnsvc_: has joined #ruby
[01:55:46] Arkantos: has joined #ruby
[02:09:37] s3nd1v0g1us: has joined #ruby
[02:22:56] cats: has joined #ruby
[02:25:13] connermcd: has joined #ruby
[02:38:25] connermcd: has joined #ruby
[02:48:20] kapil____: has joined #ruby
[02:51:16] roshanavand: has joined #ruby
[03:01:01] EminenceHC: has joined #ruby
[03:04:25] jottr: has joined #ruby
[03:05:11] Puffball: has joined #ruby
[03:05:35] \void: has joined #ruby
[03:19:38] jthomas1: has joined #ruby
[03:25:14] ellcs: has joined #ruby
[03:26:56] hutch: has joined #ruby
[03:29:56] tiff: has joined #ruby
[03:32:44] Arkantos: has joined #ruby
[03:38:05] cnsvc_: has joined #ruby
[04:10:00] braincrash: has joined #ruby
[04:11:37] cnsvc_: has joined #ruby
[04:15:42] hutch: has joined #ruby
[04:21:44] houhoulis: has joined #ruby
[04:28:22] Exuma: has joined #ruby
[04:31:25] cats: has joined #ruby
[04:41:41] elphe: has joined #ruby
[04:44:24] darkhanb: has joined #ruby
[04:56:29] Renich: has joined #ruby
[04:58:04] hutch: has joined #ruby
[04:59:15] venmx: has joined #ruby
[05:02:30] EminenceHC: has joined #ruby
[05:02:32] sauvin: has joined #ruby
[05:05:19] jottr: has joined #ruby
[05:08:41] Renich: has joined #ruby
[05:12:22] Exuma: has joined #ruby
[05:34:35] dellavg_: has joined #ruby
[05:34:52] venmx: has joined #ruby
[05:48:17] themsay: has joined #ruby
[05:51:11] gambl0r3: has joined #ruby
[05:51:21] gambl0r3: has left #ruby: ("Leaving")
[05:53:47] KeyJoo: has joined #ruby
[05:59:04] Exuma: has joined #ruby
[06:00:46] paranoicsan: has joined #ruby
[06:09:28] drbrain: has joined #ruby
[06:19:41] roshanavand: has joined #ruby
[06:20:31] Fusl: has joined #ruby
[06:26:25] aupadhye: has joined #ruby
[06:29:20] reber: has joined #ruby
[06:31:55] kt2: has joined #ruby
[06:40:10] endemic: has joined #ruby
[06:53:17] za1b1tsu: has joined #ruby
[07:00:22] prestorium: has joined #ruby
[07:03:56] EminenceHC: has joined #ruby
[07:06:18] jottr: has joined #ruby
[07:20:45] DTZUZO: has joined #ruby
[07:35:08] Dbugger: has joined #ruby
[07:48:16] Dreamer3_: has joined #ruby
[07:50:23] irdr: has joined #ruby
[07:52:44] wolfshappen: has joined #ruby
[07:54:09] clemens3_: has joined #ruby
[07:59:57] roshanavand: has joined #ruby
[08:09:09] prestorium: has joined #ruby
[08:12:34] rubydoc: has joined #ruby
[08:13:54] jsc: has joined #ruby
[08:16:10] dbz: has joined #ruby
[08:25:35] prestorium: has joined #ruby
[08:30:36] tiff: has joined #ruby
[08:30:37] jottr: has joined #ruby
[08:50:23] mikecmpbll: has joined #ruby
[08:50:30] phaul: has joined #ruby
[08:59:02] elphe: has joined #ruby
[09:05:27] m0w: has joined #ruby
[09:15:21] neuraload: has joined #ruby
[09:15:34] status402_: has joined #ruby
[09:16:03] conta: has joined #ruby
[09:20:36] mikecmpbll: has joined #ruby
[09:23:03] elphe: has joined #ruby
[09:23:33] jottr: has joined #ruby
[09:41:06] neuraload: has joined #ruby
[10:01:10] dhollin3: has joined #ruby
[10:04:07] jthomas1: has joined #ruby
[10:06:19] isene: back to the issue at hand after a night's sleep; Anyone knows how to ensure Ruby looks for certificates in the correct place?
[10:10:21] Guest49234: has joined #ruby
[10:17:12] neuraload: has joined #ruby
[10:25:34] cnsvc_: has joined #ruby
[10:30:38] roshanavand: has joined #ruby
[10:32:09] trif: has joined #ruby
[10:36:22] nickjj: has joined #ruby
[10:40:32] trif: has joined #ruby
[10:42:43] ellcs: has joined #ruby
[10:43:36] neuraload: has joined #ruby
[10:43:38] trif: has joined #ruby
[10:47:16] trif: has joined #ruby
[10:49:11] trif: has joined #ruby
[10:50:56] Iambchop: isene: are you using ubuntu's packaged, build your own, 3rd party package? you used imap.gmail.com:993 on your s_client test? the line you said it's failing on "imap.gmail.com" isn't in the script you posted (ms[0][0] is in the script). test with just a minimal example e.g. $ ruby -r net/imap -e 'p Net::IMAP.new("imap.gmail.com", 993, ssl: true)'
[11:05:48] EminenceHC: has joined #ruby
[11:09:04] Guest78161: has joined #ruby
[11:10:29] trif: has joined #ruby
[11:14:22] neuraload: has joined #ruby
[11:18:27] dbz: has joined #ruby
[11:26:34] trif: has joined #ruby
[11:33:22] deathwishdave: has joined #ruby
[11:34:36] trif: has joined #ruby
[11:39:21] AJA4350: has joined #ruby
[11:39:33] trif: has joined #ruby
[11:47:05] paranoicsan: has joined #ruby
[11:51:10] neuraload: has joined #ruby
[11:53:22] lucasb: has joined #ruby
[11:53:28] elphe: has joined #ruby
[11:55:46] trif: has joined #ruby
[12:01:35] rippa: has joined #ruby
[12:04:02] DTZUZO: has joined #ruby
[12:13:44] neuraload: has joined #ruby
[12:14:29] ellcs: has joined #ruby
[12:15:55] Guest49234: has joined #ruby
[12:24:25] neuraload: has joined #ruby
[12:37:37] Guest49234: has joined #ruby
[12:47:58] nickjj: has joined #ruby
[12:50:42] nickjj: has joined #ruby
[13:03:50] jthomas1: has joined #ruby
[13:05:05] kapil____: has joined #ruby
[13:09:36] Guest49234: has joined #ruby
[13:14:18] marz_d`ghostman: Does Logger automatically capture stderr and stdout if you set it to FATAL?
[13:18:43] conta: has joined #ruby
[13:21:48] bmurt: has joined #ruby
[13:22:27] Guest49234: has joined #ruby
[13:24:31] cnsvc_: has joined #ruby
[13:28:30] Inline: has joined #ruby
[13:31:27] nowhere_man: has joined #ruby
[13:31:31] roshanavand: has joined #ruby
[13:40:08] dinfuehr: has joined #ruby
[13:41:55] connermcd: has joined #ruby
[13:45:42] ua: has joined #ruby
[13:47:44] Guest49234: has joined #ruby
[14:03:46] neuraload: has joined #ruby
[14:04:15] Arkantos: has joined #ruby
[14:06:21] jcalla: has joined #ruby
[14:08:57] chouhoulis: has joined #ruby
[14:09:55] chouhoulis: has joined #ruby
[14:14:52] DTZUZO: has joined #ruby
[14:20:06] chouhoulis: has joined #ruby
[14:21:10] chouhoulis: has joined #ruby
[14:25:37] chouhoulis: has joined #ruby
[14:26:45] chouhoulis: has joined #ruby
[14:27:01] Rapture: has joined #ruby
[14:31:10] chouhoulis: has joined #ruby
[14:31:27] isene: OK, I have checked and verified left, right & center. This is a Ruby specific issue with my setup after upgrading from Ubuntu 18.04 to 18.10. It seems some package was broken, but I don't understand which (or if there is another Ruby issue relating to upgrade to 2.5). Here's my testing results:
[14:32:25] isene: Checking with openssl raw ' openssl s_client -showcerts -connect imap.gmail.com -port 993 ' all certs checks out with verify=1
[14:33:12] isene: I have tested logging in with the correct username/pw with Python, all ok
[14:33:35] isene: But when I do this simple thing in irb/pry:
[14:33:51] isene: require 'net/imap'
[14:34:02] mostlybadfly: has joined #ruby
[14:34:05] isene: $imap_from = Net::IMAP.new("imap.gmail.com", port="993", usessl="true")
[14:34:12] isene: I get this:
[14:34:24] isene: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate)
[14:34:26] isene: from /usr/lib/ruby/2.5.0/net/protocol.rb:44:in `connect_nonblock'
[14:35:20] isene: There is no issue with the certificates (as verified with openssl and python). It may be that Ruby is looking for certificates in the wrong place or something?
[14:35:36] chouhoulis: has joined #ruby
[14:35:38] venmx: has joined #ruby
[14:36:13] isene: As you see, I don't even get to logging in to gmail with un/pw - as it fails on connect
[14:36:33] isene: lambarena: ^^
[14:37:50] phaul: you could try scanning through strace of pry vs python. Looking for paths they open for certs. It's a long shot but it could prove you right, or give more hints
[14:38:17] phaul: https://linux.die.net/man/1/strace
[14:39:59] chouhoulis: has joined #ruby
[14:41:03] isene: phaul: I could do that (will check when I get home - I am on an airplane as I write with a spartan connection)
[14:42:11] phaul: well, it's just an idea, usually strace outputs thousands of lines of logs, so it helps if you have something to grp for. like "cert"
[14:43:21] isene: phaul: Yup :-)
[14:44:23] isene: lambarena: The very basic ' ruby -r net/imap -e 'p Net::IMAP.new("imap.gmail.com", 993, ssl: true)' ' returns the same error as the pry/irb example; /usr/lib/ruby/2.5.0/net/protocol.rb:44:in `connect_nonblock': SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate) (OpenSSL::SSL::SSLError)
[14:52:44] ellcs: has joined #ruby
[14:53:14] isene: phaul: Seems that was a really good idea to use strace. Check this: http://dpaste.com/26N1H17
[14:53:39] isene: Ruby is looking for stuff in the wrong places. How do I fix this the right way?
[14:54:14] isene: (about to land - will be afk for an hour or so)
[14:54:35] chouhoulis: has joined #ruby
[14:55:34] chouhoulis: has joined #ruby
[15:00:04] chouhoulis: has joined #ruby
[15:02:28] d10n-work: has joined #ruby
[15:05:38] chouhoulis: has joined #ruby
[15:07:35] EminenceHC: has joined #ruby
[15:11:13] chouhoulis: has joined #ruby
[15:14:00] EminenceHC: has joined #ruby
[15:16:28] chouhoulis: has joined #ruby
[15:18:31] cd: has joined #ruby
[15:19:46] hutch: has joined #ruby
[15:22:23] chouhoulis: has joined #ruby
[15:28:21] nchambers: has joined #ruby
[15:33:35] chouhoulis: has joined #ruby
[15:38:59] chouhoulis: has joined #ruby
[15:40:19] spacesuitdiver: has joined #ruby
[15:42:45] jthomas1: has joined #ruby
[15:43:39] chouhoulis: has joined #ruby
[15:49:08] chouhoulis: has joined #ruby
[15:52:07] jthomas1: has joined #ruby
[15:52:10] neuraload: has joined #ruby
[15:54:23] chouhoulis: has joined #ruby
[15:55:00] cnsvc_: has joined #ruby
[15:55:32] cow[moo]: has joined #ruby
[15:56:23] elphe: has joined #ruby
[16:04:10] twobitsprite: has joined #ruby
[16:04:45] chouhoulis: has joined #ruby
[16:10:52] tjarvis: has joined #ruby
[16:17:43] ellcs: has joined #ruby
[16:20:04] davidw: has joined #ruby
[16:23:22] DTZUZO: has joined #ruby
[16:26:24] maryo: has joined #ruby
[16:26:25] samort7: has joined #ruby
[16:29:38] Mike11: has joined #ruby
[16:31:59] za1b1tsu: has joined #ruby
[16:34:00] marz_d`ghostman: If a thread raises an error like TypeError: no implicit converison of nil into String, how do I capture it for logging?
[16:34:19] elphe: has joined #ruby
[16:35:09] maryo: has joined #ruby
[16:41:55] znz_jp: has joined #ruby
[16:46:56] \void: has joined #ruby
[16:49:25] tjarvis: has joined #ruby
[16:52:58] spacesuitdiver: has joined #ruby
[16:55:33] KrzaQ: is there somethign like .first_or(val) for arrays/enumerables? I want to streamline getting data from containers
[16:55:50] mikecmpbll: has joined #ruby
[16:57:07] reber: has joined #ruby
[16:59:05] marz_d`ghostman: How do I capture errors from a thread. I tried: https://gist.github.com/marzdgzmn/da9c0eb69a6fa9647531e8ffbeecf2eb/edit. But it does't seem to work
[17:01:50] nowhere_man: has joined #ruby
[17:12:40] Iambchop: KrzaQ: when should it return val instead of first (e.g. only if array is empty, only if first is nil, only if first is falsey)?
[17:12:49] Iambchop: &>> [([1,2].first || 3), ([nil,4].first || 5)]
[17:12:50] rubydoc: # => [1, 5] (https://carc.in/#/r/5u7u)
[17:13:49] KrzaQ: good point
[17:15:21] KrzaQ: In my case I wanted to get a proper value, but anything that would allow me getting a point-free chain would be preferred over wrapping the chain in parens or naming variables
[17:15:41] darkhanb: has joined #ruby
[17:16:57] phaul: point free brings back memories from my haskell days
[17:17:16] phaul: ppl also called it pointless style :)
[17:17:51] KrzaQ: I would say it makes for very clear intent if you're doing just data manipulation and can fit it short code
[17:18:45] KrzaQ: I guess I can yield_self on the array to avoid polluting the scope
[17:19:05] dbz: has joined #ruby
[17:20:22] marz_d`ghostman: Can someone suggest a good article or book about threads in ruby like how to capture its stdout and stderr.
[17:21:46] havenwood: marz_d`ghostman: Your gist link is 404ing. What did you try?
[17:22:35] KrzaQ: havenwood: remove /edit.
[17:22:55] Iambchop: https://gist.github.com/marzdgzmn/da9c0eb69a6fa9647531e8ffbeecf2eb
[17:23:15] havenwood: KrzaQ: Use #fetch for that. :)
[17:23:25] KrzaQ: ACTION blinks
[17:23:33] KrzaQ: heh, I totally forgot about that
[17:23:38] havenwood: KrzaQ: array.fetch(0, 3)
[17:23:47] KrzaQ: thanks, that's exactly what I wanted
[17:24:02] havenwood: KrzaQ: yeah, I usually think Hash with #fetch too. you're welcome.
[17:24:29] havenwood: I do think #fetch is generally underused. With ENV too.
[17:24:48] KrzaQ: I use it quite a lot, actually, but rarely with arrays
[17:24:53] akaiiro: has joined #ruby
[17:24:54] havenwood: ACTION nods
[17:25:26] KrzaQ: recent advent of code made me wish for array fetch that wouldn't interpret negative indices
[17:26:37] Dbugger: has joined #ruby
[17:28:37] KrzaQ: I mean, it was trivial to monkey patch it into the class, but I would prefer not having to do that (and not doing it outside of a toy puzzle code)
[17:31:22] m0w: has joined #ruby
[17:40:20] Renich: has joined #ruby
[17:42:19] cthulchu_: has joined #ruby
[17:45:12] neuraload: has joined #ruby
[17:45:57] Nicmavr: has joined #ruby
[17:47:41] GodFather: has joined #ruby
[17:53:53] bmurt: has joined #ruby
[17:58:01] brendan-: has joined #ruby
[18:00:57] reber: has joined #ruby
[18:02:01] venmx: has joined #ruby
[18:03:40] orbyt_: has joined #ruby
[18:04:56] spacesuitdiver: has joined #ruby
[18:11:02] maryo: has joined #ruby
[18:20:16] havenwood: KrzaQ: what should the return value be for a negative index?
[18:21:21] KrzaQ: in the case I wanted? nil, basically I wanted to build a grid out of arrays, and to cut the edge cases by having out-of-bounds access return nil
[18:22:54] salasrod: has joined #ruby
[18:25:40] cnsvc_: has joined #ruby
[18:26:31] deathwishdave: has joined #ruby
[18:30:40] \void: has joined #ruby
[18:36:41] spacesuit: has joined #ruby
[18:36:46] deathwishdave: has joined #ruby
[18:51:42] tjarvis: has joined #ruby
[18:59:55] MyMind: has joined #ruby
[19:00:55] connermcd: has joined #ruby
[19:01:42] connermcd: has joined #ruby
[19:02:47] neuraload: has joined #ruby
[19:11:36] DTZUZO: has joined #ruby
[19:16:03] onkelhotte: has joined #ruby
[19:19:44] dbz: has joined #ruby
[19:20:08] isene: phaul: I'm back. And with a bit more research it seems that Ruby is looking for a cert.pem in /usr/lib/ssl/ that doesn't exist (this may be just one of several issues). I tried prging ruby completely and reinstalling it - to no use. wtf?
[19:28:07] havenwood: isene: What's your DEFAULT_CERT_DIR?: ruby -ropenssl -e "p OpenSSL::X509::DEFAULT_CERT_DIR"
[19:28:31] havenwood: isene: If the cert is there, c_rehash that dir.
[19:28:41] havenwood: isene: See: man c_rehash
[19:29:22] roshanavand: has joined #ruby
[19:29:45] havenwood: isene: E.g.: c_rehash /usr/lib/ssl/certs
[19:30:37] cnsvc_: has joined #ruby
[19:30:47] elphe: has joined #ruby
[19:32:14] isene: havenwood: command returns "/usr/lib/ssl/certs"
[19:32:47] havenwood: isene: I think that's standard on Ubuntu. Checking here I get the same.
[19:33:33] ubuntuisloved: has joined #ruby
[19:33:36] isene: then I did the c_rehash and got:
[19:33:59] isene: Doing /usr/lib/ssl/certs
[19:34:03] havenwood: isene: An aside, but did you already run?: sudo update-ca-certificates
[19:34:11] isene: "WARNING: Skipping duplicate certificate ca-certificates.crt"
[19:34:33] spacesuitdiver: has joined #ruby
[19:34:50] isene: Yes, I did update-ca-certificates
[19:34:50] ubuntuisloved: I'm taking over a project with pundit but I cannot seem to figure out how to get my user authorized with it. There are api routes and such but none actually throw up a user auth screen. Any direction you can send me to look for would be very helpful.
[19:35:02] havenwood: ?rails ubuntuisloved
[19:35:03] ruby[bot]: ubuntuisloved: Please join #RubyOnRails for Rails questions. You need to be identified with NickServ, see /msg NickServ HELP
[19:35:41] isene: after yet another update-ca-certificates and the c_rehash I still get the same :-/
[19:36:09] havenwood: isene: Is the cert you're looking for in /usr/lib/ssl/certs at all?
[19:37:09] isene: Well, openssl finds it and python runs everything just fine... how do I see if it's there (I'm not well versed in certificates and such)?
[19:38:55] havenwood: isene: It'd be one of the .pem files in that dir. You could put it there then c_rehash if it's not there.
[19:39:23] SoftDed: has joined #ruby
[19:39:43] neuraload: has joined #ruby
[19:40:30] havenwood: isene: Here's how you can just load a .pem directly without getting it setup in /usr/lib/ssl/certs at all: https://mislav.net/2013/07/ruby-openssl/#it-was-a-custom-certificate-that-we-use-internally-in-our-organization-that-my-program-cant-verify
[19:40:59] havenwood: isene: That ^ writeup mislav did also has some background reading about certs in the context of Ruby.
[19:41:53] isene: The cert I need is for imap.gmail.com - how do I find it in that dir? I have no idea what I'm looking for even
[19:42:47] isene: Would you want to see the full strace of ruby -r net/imap -e 'p Net::IMAP.new("imap.gmail.com", 993, ssl: true)' ?
[19:43:17] twobitsprite: has joined #ruby
[19:43:20] lxsameer: has joined #ruby
[19:44:31] isene: It's here: http://isene.org/x/strace.log3
[19:44:42] havenwood: isene: Usually you grab a CA certificate store in .pem format from curl or mozilla that has a whitelist of certificate authority certs. pdate-ca-certificates is the automagical way to do that.
[19:44:46] havenwood: isene: For example: http://curl.haxx.se/ca/cacert.pem
[19:44:54] spacesuit: has joined #ruby
[19:45:44] havenwood: isene: In my experience it usually *just works* after a: sudo update-ca-certificates
[19:46:05] isene: So, does that include the imap.gmail.com? You see, this was working just beautifully since 10 years back, and my mail_fetch.rb has been running more than 5 million time since then without a glitch. No stuff is wrecked.
[19:47:07] isene: And it DOES work with openssl and with Python, and That is what drives me nuts here
[19:48:45] havenwood: isene: It looks like Gmail used to be configured with a self-signed cert - one that wouldn't be in a cert bundle. Hrm. This isn't my area of expertise so I'm not spotting the issue.
[19:50:52] isene: But how can openssl and python do this without an issue while ruby balks? mepuzzled
[19:50:59] elphe: has joined #ruby
[19:51:27] havenwood: isene: What's the Python equivalent of OpenSSL::X509::DEFAULT_CERT_FILE pointing at?
[19:51:41] isene: And all of a sudden as a result of upgrading from Ubuntu 18.04 to 18.10
[19:52:03] havenwood: isene: OS upgrades tend to mess up certs - as ones get dropped and added. :P
[19:52:15] isene: ... that I don't know as I'm totally noob in python. Let me goog√łe
[19:57:03] isene: Commands here https://stackoverflow.com/questions/36449336/what-is-my-openssl-and-ssl-default-ca-certs-path tells me that python finds the certs here: /etc/ssl/certs/ca-certificates.crt and logs in to imap.gmail.com just fine
[20:00:10] isene: So, it cannot be a certificate issue - it must be a ruby issue :-/
[20:01:09] havenwood: isene: Does it work if you set: ENV['SSL_CERT_FILE'] = '/etc/ssl/certs/ca-certificates.crt'
[20:02:16] havenwood: isene: If so, from your shell you can: export SSL_CERT_FILE="/etc/ssl/certs/ca-certificates.crt"
[20:02:24] havenwood: isene: Someone else here might have a cleaner suggestion.
[20:02:56] havenwood: isene: I'm tempted to say just convert that .crt to a .pem, put it in /usr/lib/ssl/certs and c_rehash
[20:03:27] DTZUZO: has joined #ruby
[20:03:47] darix: seems I have another action items NOTE: Gem::Specification#has_rdoc is deprecated with no replacement. It will be removed on or after 2018-12-01.
[20:03:48] Dbugger: has joined #ruby
[20:04:24] havenwood: ACTION looks at the calendar
[20:04:41] darix: /etc/ssl/certs/ca-certificates.crt this seems like something wrong when you use update-ca-certificates
[20:05:06] darix: havenwood: before I can work on this I need to wait for my gitlab package to publish
[20:05:39] isene: That ENV['SSL_CERT_FILE'] = '/etc/ssl/certs/ca-certificates.crt' did nothing. I will try to copy the .crt file to .pem and do c_rehash
[20:06:10] darix: you shouldnt have to use c_rehash anymore with a system that uses update-ca-certificates
[20:06:20] darix: i have the feeling you are mixing a lot of things there
[20:07:42] isene: darix: Well, I have tried what seems to be everything under the sun here and still coming up short :-/
[20:09:32] darix: isene: normally if you use your system ruby and dont configure anything special with your CA certs in your script or any of the gems you are using
[20:09:50] darix: than ruby (well openssl) should find the system certs automatically
[20:10:00] darix: easiest way to test that is
[20:10:11] darix: openssl s_client -connect someservice:someport < /dev/null
[20:11:44] isene: darix: I have done that. Works just fine. Python also works just fine. But Ruby goes haywire (see https://isene.org/x/strace.log3)
[20:12:43] darix: how did you install that ruby?
[20:13:33] isene: So - it isn't a certificate issue, it is a ruby issue. I do this: ruby -r net/imap -e 'p Net::IMAP.new("imap.gmail.com", 993, ssl: true)' and it reports this: /usr/lib/ruby/2.5.0/net/protocol.rb:44:in `connect_nonblock': SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate) (OpenSSL::SSL::SSLError)
[20:13:38] darix: looks like debian or so
[20:14:24] spacesuitdiver: has joined #ruby
[20:14:37] darix: works fine with ruby 2.5 on opensuse :P
[20:14:39] venmx: has joined #ruby
[20:14:47] isene: Everything worked just fine up until I upgraded from Ubuntu 18.04 to 18.10 yesterday (I mean it has worked more than 5 million times over the past 10 years with script running every minute)
[20:14:47] postmodern: has joined #ruby
[20:15:10] code_zombie: has joined #ruby
[20:15:11] darix: did you check their bugtracker if it is a known issue?
[20:15:17] spacesuitdiver: has joined #ruby
[20:15:24] isene: didn't find anything
[20:16:18] isene: my full script is here, btw; https://github.com/isene/mailfetch/blob/master/mail_fetch.rb
[20:16:56] isene: I even tried to purge and reinstall all of ruby but with no change
[20:17:12] darix: poking a friend at ubuntu
[20:17:15] darix: if he can reproduce it
[20:17:34] isene: please do, I'm flustered like whack
[20:18:55] cow[moo]: has joined #ruby
[20:19:55] connermcd: has joined #ruby
[20:20:34] isene: running the connection to imap.gmail.com in irb, I get this:
[20:20:37] isene: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate)
[20:20:38] isene: from /usr/lib/ruby/2.5.0/net/protocol.rb:44:in `connect_nonblock'
[20:20:51] darix: isene: he can reproduce it
[20:21:09] darix: isene: my friend ask if you can file a bug
[20:21:25] isene: A fellow flusterado
[20:21:48] isene: Where and how do I file a bug?
[20:22:45] darix: launchpad i guess
[20:25:50] deathwishdave: has joined #ruby
[20:25:51] al2o3-cr: has joined #ruby
[20:37:56] sarink: has joined #ruby
[20:45:26] DTZUZO: has joined #ruby
[20:48:50] deathwishdave: has joined #ruby
[20:51:43] elphe: has joined #ruby
[20:52:32] mostlybadfly: has joined #ruby
[20:54:18] isene: darix: Here: https://bugs.launchpad.net/ubuntu/+source/ruby-defaults/+bug/1809500
[20:54:31] isene: Looks OK according to your friend?
[20:59:37] spacesuitdiver: has joined #ruby
[20:59:45] Ober: has joined #ruby
[21:20:56] sonofentropy: has joined #ruby
[21:30:48] dbz: has joined #ruby
[21:31:05] donofrio: has joined #ruby
[21:35:02] donofrio: has joined #ruby
[21:38:58] darix: isene: looks good
[21:42:21] kurko_: has joined #ruby
[21:52:15] twobitsprite: has joined #ruby
[21:52:28] elphe: has joined #ruby
[21:55:17] donofrio: has joined #ruby
[21:55:29] Fusl: has joined #ruby
[21:57:12] ixti: has joined #ruby
[22:07:21] druonysus: has joined #ruby
[22:10:58] Ober: has left #ruby: ("ERC (IRC client for Emacs 26.1)")
[22:11:46] Quintasan: Is anyone familiar with BigInteger internals? I'm trying to find how does MRI handle cases when a custom class implements #coerce
[22:15:35] Lytol: has joined #ruby
[22:18:50] donofrio: has joined #ruby
[22:30:53] ua: has joined #ruby
[22:31:08] connermcd: has joined #ruby
[22:39:44] donofrio: has joined #ruby
[22:40:09] cnsvc_: has joined #ruby
[22:40:50] sagax: has joined #ruby
[22:41:08] sagax: what i can read about `` ?
[22:42:03] Eiam: sagax: the docs http://ruby-doc.org/core-2.5.3/Kernel.html#method-i-60
[22:42:04] sagax: `` it's for execute command of system shell
[22:42:59] isene: On Ubuntu 18.10, there is only Ruby 2.5.1 What's the simplest way of installing Ruby 2.0 instead?
[22:43:08] sagax: i want to know - how it's work
[22:43:13] sagax: not just some example
[22:43:14] Eiam: isene: chruby and ruby-install?
[22:43:23] Eiam: sagax: "click to toggle source"
[22:43:26] Eiam: in the docs.
[22:43:58] Eiam: it will literally show the implementation, not sure how much more direct how it works gets!
[22:50:42] sagax: thanks, Eiam
[22:52:54] sagax: it's possible to know - how ruby was compiled?
[22:53:06] sagax: what keys was used
[22:53:35] elphe: has joined #ruby
[22:55:51] donofrio: has joined #ruby
[23:14:16] Paraxial: has joined #ruby
[23:15:36] tiff: has joined #ruby
[23:24:19] Exuma: has joined #ruby
[23:39:41] donofrio: has joined #ruby
[23:48:10] m0w: has joined #ruby
[23:54:22] elphe: has joined #ruby