New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"TLS hostname validation is disabled" – Streaming API #543
Comments
@almonk does this issue faye/faye#524 look relevant? |
If you've pinned Faye to v0.8.9 then it's my understanding that we don't have any practical options available to ensure certificates are validated during the subscription connection initialization. If not, then update the Faye library to the latest version 1.4 and this warning should go away (I haven't tested this assumption, but this should be true according to Faye's CHANGELOG). em-http-request is the underlying dependency logging the warning. Here's a snippet of the faye library at v0.8.9 showing how it uses em-http-request. Notice the options variable is hard coded in the method and doesn't include # faye/lib/transport/http.rb#42 (v0.8.9)
def create_request(params)
version = EventMachine::HttpRequest::VERSION.split('.')[0].to_i
client = if version >= 1
options = { # for em-http-request >= 1.0
:inactivity_timeout => 0 # connection inactivity (post-setup) timeout (0 = disable timeout)
}
EventMachine::HttpRequest.new(@endpoint, options)
else
EventMachine::HttpRequest.new(@endpoint)
end
client.post(params)
end One way to confirm locally is to reopen the Faye::Transport::Http class and redefine module Faye
class Transport::Http
def create_request(params)
options = { inactivity_timeout: 0, tls: { verify_peer: true } }
EventMachine::HttpRequest.new(@endpoint, options).post(params)
end
end
end However, reopening classes you do not own is not a practical solution. The main problem as I understand it is that Restforce's streaming implementation is only known to be compatible with version 0.8.9 of the faye gem. Supporting the latest version of Faye solves the current issue and helps for any future patches to Faye that impact the Streaming API client implementation. |
This issue has been fixed in version 1.4.0 of Faye. This warning can be fixed by upgrading your gems. At the time of writing:
|
While running EventMachine listening to a streaming PushTopic, I get the following warning printed into the console:
It's unclear to me where in the dependencies this should be fixed, or whether it can be rectified within restforce itself.
For context, my code is as follows:
The text was updated successfully, but these errors were encountered: