From 6c5769cfb75648ea0b6a9613e77d1463a5a40285 Mon Sep 17 00:00:00 2001
From: jlhonora <jlhonora@ing.puc.cl>
Date: Thu, 28 Apr 2016 10:26:56 -0300
Subject: [PATCH] Disable SSL v2 and v3 if ssl enabled

---
 Gemfile                        |  1 +
 lib/geocoder/lookups/base.rb   |  3 +++
 lib/geocoder/lookups/google.rb |  7 +++++++
 test/test_helper.rb            |  1 +
 test/unit/lookup_test.rb       | 15 +++++++++++++++
 5 files changed, 27 insertions(+)

diff --git a/Gemfile b/Gemfile
index 6d695892..288a90ca 100644
--- a/Gemfile
+++ b/Gemfile
@@ -24,6 +24,7 @@ end
 
 group :test do
   gem 'sqlite3', :platform => [:ruby, :mswin, :mingw]
+  gem 'webmock'
 
   platforms :ruby do
     gem 'pg'
diff --git a/lib/geocoder/lookups/base.rb b/lib/geocoder/lookups/base.rb
index eb398937..ed9b946b 100644
--- a/lib/geocoder/lookups/base.rb
+++ b/lib/geocoder/lookups/base.rb
@@ -274,6 +274,7 @@ module Geocoder
         uri = URI.parse(query_url(query))
         Geocoder.log(:debug, "Geocoder: HTTP request being made for #{uri.to_s}")
         http_client.start(uri.host, uri.port, use_ssl: use_ssl?, open_timeout: configuration.timeout, read_timeout: configuration.timeout) do |client|
+          configure_ssl!(client) if use_ssl?
           req = Net::HTTP::Get.new(uri.request_uri, configuration.http_headers)
           if configuration.basic_auth[:user] and configuration.basic_auth[:password]
             req.basic_auth(
@@ -297,6 +298,8 @@ module Geocoder
         end
       end
 
+      def configure_ssl!(client); end
+
       def check_api_key_configuration!(query)
         key_parts = query.lookup.required_api_key_parts
         if key_parts.size > Array(configuration.api_key).size
diff --git a/lib/geocoder/lookups/google.rb b/lib/geocoder/lookups/google.rb
index d3ffeb74..8483f137 100644
--- a/lib/geocoder/lookups/google.rb
+++ b/lib/geocoder/lookups/google.rb
@@ -27,6 +27,13 @@ module Geocoder::Lookup
 
     private # ---------------------------------------------------------------
 
+    def configure_ssl!(client)
+      client.instance_eval {
+        @ssl_context = OpenSSL::SSL::SSLContext.new
+        @ssl_context.set_params({:options=> OpenSSL::SSL::OP_NO_SSLv2 | OpenSSL::SSL::OP_NO_SSLv3 | OpenSSL::SSL::OP_NO_COMPRESSION})
+      }
+    end
+
     def valid_response?(response)
       json = parse_json(response.body)
       status = json["status"] if json
diff --git a/test/test_helper.rb b/test/test_helper.rb
index 8ad22fc7..d0b6ca48 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -120,6 +120,7 @@ module Geocoder
         fixture_exists?(filename) ? filename : default_fixture_filename
       end
 
+      alias_method :make_api_http_request, :make_api_request
       remove_method(:make_api_request)
 
       def make_api_request(query)
diff --git a/test/unit/lookup_test.rb b/test/unit/lookup_test.rb
index 5a91ad57..c4dbce13 100644
--- a/test/unit/lookup_test.rb
+++ b/test/unit/lookup_test.rb
@@ -160,4 +160,19 @@ class LookupTest < GeocoderTestCase
     assert_equal :google, Geocoder::Lookup::Google.new.handle
     assert_equal :geocoder_ca, Geocoder::Lookup::GeocoderCa.new.handle
   end
+
+  def test_http_request
+    Geocoder.configure(use_https: true)
+
+    require 'webmock/test_unit'
+    WebMock.enable!
+    stub_all = WebMock.stub_request(:any, /.*/).to_return(status: 200)
+
+    g = Geocoder::Lookup::Google.new
+    g.send(:make_api_http_request, Geocoder::Query.new('test location'))
+    assert_requested(stub_all)
+
+    WebMock.reset!
+    WebMock.disable!
+  end
 end
-- 
GitLab