bunny 1.6.0.pre1 → 1.6.0.rc1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: de1627dd44089041db13ab6a5ea76ba2ead5086d
4
- data.tar.gz: 41ae99e1499f57a77636392e2a5d870c6c698ef7
3
+ metadata.gz: 5c49b9aa7f6e95cc32086a6e552754ea104514fa
4
+ data.tar.gz: 08a712ed80f0fe13f97fbf1a0ddf5a0cfaf52bc2
5
5
  SHA512:
6
- metadata.gz: 1e24bb89154db20fe6badb7427bab93de1d9a2e4c880b972340b5d76f4d465aa6410c75c55f5a51a091526deec93d30ced4cd815080d7dc0a7dbce06eb89d95b
7
- data.tar.gz: 4d210c02531f031fdfc5ab021d02b32abdc2d4019440bf76650743e950f310cf2ec27e09193feee987cfc97f65c6d026a1cd0451a4367f35f84c8ce003fe7318
6
+ metadata.gz: 87154ce0c1e4c81691a4ce3237dd2a8dfa3e9f96a61381f65c2efe5febe2d4e7f7675e49a369e93f3e1afa75c516d99f7fd9fa55528462fb5aaf1d59e3a088e6
7
+ data.tar.gz: 033e0352ac1c9aaa0b8408a7093c4c4cf2009945a4dce365e115edba21d45764d69b921c1481f2548c94c5cf575a2787a9e58d3a5068e935bc44101d1836ae36
@@ -1,5 +1,11 @@
1
1
  ## Changes between Bunny 1.5.0 and 1.6.0
2
2
 
3
+ ### TLSv1 by Default
4
+
5
+ Bunny now uses TLSv1 by default due to the recently discovered
6
+ [POODLE attack](https://www.openssl.org/~bodo/ssl-poodle.pdf) on SSLv3.
7
+
8
+
3
9
  ### Socket Read and Write Timeout Improvements
4
10
 
5
11
  Bunny now sets a read timeout on the sockets it opens, and uses
@@ -26,8 +26,8 @@ module Bunny
26
26
  DEFAULT_WRITE_TIMEOUT = 5.0
27
27
 
28
28
  # Default TLS protocol version to use.
29
- # Currently SSLv3, same as in RabbitMQ Java client
30
- DEFAULT_TLS_PROTOCOL = "SSLv3"
29
+ # Currently TLSv1, same as in RabbitMQ Java client
30
+ DEFAULT_TLS_PROTOCOL = "TLSv1"
31
31
 
32
32
  attr_reader :session, :host, :port, :socket, :connect_timeout, :read_timeout, :write_timeout, :disconnect_timeout
33
33
  attr_reader :tls_context
@@ -420,20 +420,24 @@ module Bunny
420
420
  cert_files = []
421
421
  cert_inlines = []
422
422
  certs.each do |cert|
423
- if File.readable? cert
423
+ # if it starts with / then it's a file path that may or may not
424
+ # exists (e.g. a default OpenSSL path). MK.
425
+ if File.readable?(cert) || cert =~ /^\//
424
426
  cert_files.push(cert)
425
427
  else
426
428
  cert_inlines.push(cert)
427
429
  end
428
430
  end
429
431
  @logger.debug "Using CA certificates at #{cert_files.join(', ')}"
430
- @logger.debug "Using #{cert_inlines.count} inline ca_certificates"
432
+ @logger.debug "Using #{cert_inlines.count} inline CA certificates"
431
433
  if certs.empty?
432
434
  @logger.error "No CA certificates found, add one with :tls_ca_certificates"
433
435
  end
434
436
  OpenSSL::X509::Store.new.tap do |store|
435
- cert_files.each { |path| store.add_file(path) }
436
- cert_inlines.each { |cert| store.add_cert(OpenSSL::X509::Certificate.new(cert)) }
437
+ cert_files.select { |path| File.readable?(path) }.
438
+ each { |path| store.add_file(path) }
439
+ cert_inlines.
440
+ each { |cert| store.add_cert(OpenSSL::X509::Certificate.new(cert)) }
437
441
  end
438
442
  end
439
443
 
@@ -2,5 +2,5 @@
2
2
 
3
3
  module Bunny
4
4
  # @return [String] Version of the library
5
- VERSION = "1.6.0.pre1"
5
+ VERSION = "1.6.0.rc1"
6
6
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bunny
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.0.pre1
4
+ version: 1.6.0.rc1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chris Duncan