Metasploit-framework: Gemfile source 'https://rubygems.org' connection reset in china

[all3g@core metasploit-framework]$  sudo bundle install
Don't run Bundler as root. Bundler can ask for sudo if it is needed, and installing your bundle as root will break this application for all non-root users on this machine.
Fetching gem metadata from https://rubygems.org/.........
Fetching version metadata from https://rubygems.org/..
Resolving dependencies...
Using rake 10.4.2
Using i18n 0.7.0
Using multi_json 1.0.4
Using activesupport 3.2.21
Using builder 3.0.4
Using activemodel 3.2.21
Using erubis 2.7.0
Using journey 1.0.4
Using rack 1.4.5
Using rack-cache 1.2
Using rack-test 0.6.3
Using hike 1.2.3
Using tilt 1.4.1
Using sprockets 2.2.3
Using actionpack 3.2.21
Using mime-types 1.25.1
Using polyglot 0.3.5
Using treetop 1.4.15
Using mail 2.5.4
Using actionmailer 3.2.21
Using arel 3.0.3
Using tzinfo 0.3.43
Using activerecord 3.2.21
Using activeresource 3.2.21
Using arel-helpers 2.1.0
Using ffi 1.9.3
Using childprocess 0.5.3
Using diff-lcs 1.2.5

Gem::RemoteFetcher::FetchError: Errno::ECONNRESET: Connection reset by peer - SSL_connect (https://rubygems.org/gems/json-1.8.2.gem)
An error occurred while installing json (1.8.2), and Bundler cannot continue.
Make sure that `gem install json -v '1.8.2'` succeeds before bundling.

The issue appears sometimes when os is updated. Please check [os openssl] version and [gem openssl] version. Old (Vuln) version may be here, so it show us "Connection reset by peer".

$ ruby -ropenssl -e 'p OpenSSL::OPENSSL_VERSION'
$ openssl version

If the problem is still, you can do it like this:

$ gem sources --remove https://rubygems.org
$ gem sources --add http://rubygems.org

Continue...

Modify the first line in /path/to/metasploit-framework/Gemfile as follow. (For security, HTTPS is recommended).

$ head -1 /path/to/metasploit-framework/Gemfile
source 'http://rubygems.org'

For example, root msfconsole here:

[root@core metasploit-framework]#  ./msfconsole 
[*] Starting the Metasploit Framework console.../
     ,           ,
    /             \
   ((__---,,,---__))
      (_) O O (_)_________
         \ _ /            |\
          o_o \   M S F   | \
               \   _____  |  *
                |||   WW|||
                |||     |||


       =[ metasploit v4.11.0-dev [core:4.11.0.pre.dev api:1.0.0]]
+ -- --=[ 1443 exploits - 831 auxiliary - 229 post        ]
+ -- --=[ 372 payloads - 37 encoders - 8 nops             ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

msf > 

@all3g Thanks.When I run msfupdate ,I found this solution.First ./msfupdate,and then vi gemfile to modify sources, last bundle update....But,do you think this way so complications?

@abcdlzy the only problem here is the Gemfile will probably be overwritten after each update.

The accepted answer on Stack Overflow should solve your routing issues with a command line switch:

http://stackoverflow.com/questions/8693319/where-can-i-install-gems-from-when-rubygems-org-is-down

You might want to wrap that in a shell script.

Also check out the bit on gem source mirrors, here:

http://bundler.io/v1.5/bundle_config.html

I don't know if the source you're talking about is a true mirror or not.

AFAIK, the mirror from Alibaba is the best solution by far: since I use Bundler, simple

bundle config mirror.https://rubygems.org https://ruby.taobao.org

works for me.

As described in RubyGems Mirror - Taobao or https://ruby.taobao.org, it is due to the Great Fire Wall blocking the rubygems.org mirror in Amazon S3. So it is a helpless idea to use https://ruby.taobao.org/ both for gems source and bundler config.

@qiwihui Yes sure, it really sucks that the Great Fire Wall blocked the RubyGems server, but synchronizing with a mirror is much faster than doing so with the original server over proxy. This may not help you in some sense (excuse me but I still have no idea why), but it did help me out.

@franklinyu it works for me ,Thank you!

@franklinyu 哈哈，谢谢哥们