View private.rb
class Foo
...
private
...
end
View jsonclient.rb
require 'httpclient'
require 'json'
module HTTP
class Message
# Returns JSON object of message body
alias original_content content
def content
if JSONClient::CONTENT_TYPE_JSON_REGEX =~ content_type
JSON.parse(original_content)
View gist:d5373bb96c5e21c83950
require 'httpclient'
# Obtain Personal access token from https://github.com/settings/applications
personal_access_token = ''
h = HTTPClient.new
h.set_auth(nil, personal_access_token, 'x-oauth-basic')
puts h.get_content('https://api.github.com/user/repos?type=private')
View gist:f27f4c3823845ef66e8b
% mkdir build
% cd build
~/git/ruby/build
% ../configure --without-tk --disable-install-doc
Downloading config.guess...
Downloading config.sub...
checking build system type... x86_64-unknown-linux-gnu
checking host system type... x86_64-unknown-linux-gnu
checking target system type... x86_64-unknown-linux-gnu
checking for gcc... gcc
View 0001-Fix-SSL-client-connection-crash-for-SAN-marked-criti.patch
From 61c3537bd9f8e37b01a8e45644c489fd8696c94b Mon Sep 17 00:00:00 2001
From: Hiroshi Nakamura <nahi@ruby-lang.org>
Date: Fri, 5 Jul 2013 23:22:29 +0900
Subject: [PATCH] Fix SSL client connection crash for SAN marked critical
The patch for CVE-2013-4073 caused SSL crash when a SSL server returns
the certificate that has critical SAN value. X509 extension could
include 2 or 3 elements in it;
[id, criticality, octet_string] if critical,
View null_bytes_in_san_cert.pem
-----BEGIN CERTIFICATE-----
MIIBmjCCAUSgAwIBAgICBNIwDQYJKoZIhvcNAQEFBQAwQDEUMBIGCgmSJomT8ixk
ARkWBHNvbWUxFDASBgoJkiaJk/IsZAEZFgRzaXRlMRIwEAYDVQQDDAlTb21lIFNp
dGUwHhcNMTMwNTI0MDA1MzUwWhcNMTMwNTI0MDA1MzUwWjBAMRQwEgYKCZImiZPy
LGQBGRYEc29tZTEUMBIGCgmSJomT8ixkARkWBHNpdGUxEjAQBgNVBAMMCVNvbWUg
U2l0ZTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCnY4jdC2xJja4+LIBk49M+n4h/
eJqZ4w1x2WGZIABIhA9rO9yZBGqyUgEHwGk4dzPv5vp1ANYDYLLTD9pltzKlAgMB
AAGjKDAmMCQGA1UdEQQdMBuCGXd3dy5leGFtcGxlLmNvbQAuZXZpbC5jb20wDQYJ
KoZIhvcNAQEFBQADQQCBLd3QLJv96/5kjrSnL0n6VRhyHrFudPCNsfG1/BUOCaCk
kDlGeAyQDBqPk+SSOSlh1WlBZyiX+nmAgXdhuyge
View 0001-Hostname-check-bypassing-vulnerability-in-SSL-client.patch
From ddaf5b57bdc051ccc1161ec5273a59d30fc2fb72 Mon Sep 17 00:00:00 2001
From: Hiroshi Nakamura <nahi@ruby-lang.org>
Date: Wed, 5 Jun 2013 23:14:16 +0900
Subject: [PATCH] Hostname check bypassing vulnerability in SSL client
(CVE-2013-4073)
Ruby's SSL client implements hostname identity check but the OpenSSL
function it depends cannot properly handle hostnames in subjectAltName
that contain null bytes. The fix parses DER encoded bytes of
subjectAltName to extract GeneralName of dNSName and check it against
View gist:4449729
require 'refinement'
module StringForceEncodingConcat
refine String do
def +(rhs)
begin
super
rescue Encoding::CompatibilityError
super(rhs.force_encoding(self.encoding))
end
View protected.rb
class Node
def eval(other)
other.protected_method(self)
end
protected
def protected_method(other)
other
end
View signed_request.json
{
"context": {
"user": {
"fullName": "Nakamura Hiroshi",
"userId": "005x0000000KzS8AAK",
"userName": "XXXX",
"email": "XXXX",
"profilePhotoUrl": "/profilephoto/005/F",
...
},