Join GitHub today
Weird bug where Typhoeus fails every other request on https #90
Using Ruby 1.9.2, running in irb
The first call to get returns a nice body with my facebook user info. The second call returns
Then if I call it a 3rd time, the proper response is returned, 4th time: bad response, ad infinitum. Odd requests work, even don't.
Running on CentOS:
curl.i386 7.15.5-2.1.el5_3.5 installed
I have the same issue on CentOS with (lib)curl 7.15. After looking into it in some more, I now suspect the underlying problem is with this libcurl version's curl_easy_reset method because the issue occurs whenever a Typhoeus::Easy instance is reused.
The implementation of the above method differs quite significantly between master (https://github.com/bagder/curl/blob/master/lib/easy.c#L698) and 7.15.5 (https://github.com/bagder/curl/blob/curl-7_15_5/lib/easy.c#L628). In the latter, the CAFILE path is for example explicitly reset to CURL_CA_BUNDLE (as defined upon compile time).
Since this very much looks like the root cause, I first tried updating my curl version. However I also quickly abandoned that to a bunch of dependencies (c-ares, libidn, libssl2) which I didn't care for looking further into. My final "solution" is to just ensure the ssl_cacert option is set for every Typhoeus request. You could for example either directly pass it into get, put, etc. as part of the options hash or overwrite Typhoeus::Request#initialize to always set @ssl_cacert.
I think it is outside of typhoeus' scope to work around the (presumably) underlying problem with libcurl but it would be nice to introduce an easy way to set global options such as for ssl_cacert.