cfn-nag 0.7.4 → 0.7.5
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f5366924d809c99ac47a2bcdfe2d2188dc6956069c80646d3ebd65ca938a0096
|
|
4
|
+
data.tar.gz: 9c6c6a9f5b149351db5ceb54002c7556ebfff9625a40f4e3ca0abee490f5717d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bed1dc0021b7f0af96d5b4a76769c29e0e7313f1fceda215dee60bf521434103714961084b14bb4dbdb73b3cf1cadd6381c123dd641f262f7974d0bc9414e379
|
|
7
|
+
data.tar.gz: f9f450d52f0bc51f2691b6497548e00eb0db8aa69c3416c7294bb55988fc005d855272351f154a721e2a4807556c1a34929dea2086da7f2741e4b37872dd8dd5
|
|
@@ -28,11 +28,12 @@ class CloudfrontMinimumProtocolVersionRule < BaseRule
|
|
|
28
28
|
private
|
|
29
29
|
|
|
30
30
|
def tls_version?(viewer_certificate)
|
|
31
|
-
cert_has_bad_tls_version?(viewer_certificate) || override_tls_config?(viewer_certificate)
|
|
31
|
+
cert_has_bad_tls_version?(viewer_certificate['MinimumProtocolVersion']) || override_tls_config?(viewer_certificate)
|
|
32
32
|
end
|
|
33
33
|
|
|
34
|
-
def cert_has_bad_tls_version?(
|
|
35
|
-
|
|
34
|
+
def cert_has_bad_tls_version?(min_protocol_version)
|
|
35
|
+
min_protocol_version.nil? ||
|
|
36
|
+
(min_protocol_version.is_a?(String) && !min_protocol_version.start_with?('TLSv1.2'))
|
|
36
37
|
end
|
|
37
38
|
|
|
38
39
|
def override_tls_config?(viewer_certificate)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cfn-nag
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.7.
|
|
4
|
+
version: 0.7.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Eric Kascic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-04-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rake
|