min_max_ssl 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +8 -0
  3. data/Gemfile +4 -0
  4. data/Gemfile.lock +24 -0
  5. data/README.md +40 -0
  6. data/Rakefile +10 -0
  7. data/bin/console +14 -0
  8. data/bin/setup +8 -0
  9. data/lib/min_max_ssl.rb +15 -0
  10. data/lib/min_max_ssl/version.rb +3 -0
  11. data/min_max_ssl.gemspec +28 -0
  12. metadata +113 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 0fc97ed3ec204cef8d64b1f27b3f9bc3f38f1ff9
4
+ data.tar.gz: 6f77b6b34424b4825b874d23b06617fff27d2381
5
+ SHA512:
6
+ metadata.gz: 5631a7dbce2ec1cc8d0a9673de9fb4dd847de5d2c999b03e115b51046272c243a0e08776651edd0a9b78ebc102684ddf7c812f7df5cfbe1136e52665ec8f08e3
7
+ data.tar.gz: 1939519283230d7b85f3c13afcf07ffe5684e772f3e844d4a27bdaf8bf1f9237c378409386d67c7e41cfa6092e477b66e5915836873ba9121d2c0d23416f7d80
data/.gitignore ADDED
@@ -0,0 +1,8 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /_yardoc/
4
+ /coverage/
5
+ /doc/
6
+ /pkg/
7
+ /spec/reports/
8
+ /tmp/
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source "https://rubygems.org"
2
+
3
+ # Specify your gem's dependencies in min_max_ssl.gemspec
4
+ gemspec
data/Gemfile.lock ADDED
@@ -0,0 +1,24 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ min_max_ssl (0.1.0)
5
+ openssl (~> 2.1)
6
+
7
+ GEM
8
+ remote: https://rubygems.org/
9
+ specs:
10
+ minitest (5.11.3)
11
+ openssl (2.1.1)
12
+ rake (12.3.1)
13
+
14
+ PLATFORMS
15
+ ruby
16
+
17
+ DEPENDENCIES
18
+ bundler (~> 1.16)
19
+ min_max_ssl!
20
+ minitest (~> 5.0)
21
+ rake (~> 12.0)
22
+
23
+ BUNDLED WITH
24
+ 1.16.1
data/README.md ADDED
@@ -0,0 +1,40 @@
1
+ # MinMaxSSL
2
+
3
+ This gem backports `Net::HTTP#min_version=` and `#max_version=` from Ruby 2.5. These are more flexible than `#ssl_version=` which locks the connection to allow only one specific version, and close the door on future versions down the road (TLS 1.3).
4
+
5
+ The motivation for this gem is guaranteeing client side compliance with the PCI Data Security Standard (PCI DSS) [June 30 2018 deadline](https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls) for phasing out TLS 1.0 connections for safeguarding credit card payment data.
6
+
7
+ The heavy lifting is [done by](https://github.com/ruby/openssl/pull/142) OpenSSL gem 2.1+, which is only compatible with Ruby 2.3 and 2.4.
8
+
9
+ ## Installation
10
+
11
+ Add the following line to your application's Gemfile:
12
+
13
+ ```ruby
14
+ gem 'min_max_ssl'
15
+ ```
16
+
17
+ If you have a gem that uses feature detection of `#min_version=`, you might need to add this line before that gem definition.
18
+
19
+ ## Usage
20
+
21
+ ```ruby
22
+ uri = URI("https://tls-1-1-and-higher-only.example.com/")
23
+ http = Net::HTTP.new(uri.host, uri.port)
24
+ http.use_ssl = true
25
+ http.min_version = :TLS1_1
26
+ http.get("/") # everything works
27
+
28
+ ```
29
+
30
+ ```ruby
31
+ uri = URI("https://tls-1-1-and-higher-only.example.com/")
32
+ http = Net::HTTP.new(uri.host, uri.port)
33
+ http.use_ssl = true
34
+ http.max_version = :TLS1_0
35
+ http.get("/") # raises OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unsupported protocol
36
+ ```
37
+
38
+ ## License
39
+
40
+ The gem is available as open source under the terms of the [Ruby License](https://www.ruby-lang.org/en/about/license.txt), like the original work by @nurse in https://github.com/ruby/ruby/commit/dcea9198a9d80bdf4eeacd9d9e9d883850a4a8d2
data/Rakefile ADDED
@@ -0,0 +1,10 @@
1
+ require "bundler/gem_tasks"
2
+ require "rake/testtask"
3
+
4
+ Rake::TestTask.new(:test) do |t|
5
+ t.libs << "test"
6
+ t.libs << "lib"
7
+ t.test_files = FileList["test/**/*_test.rb"]
8
+ end
9
+
10
+ task :default => :test
data/bin/console ADDED
@@ -0,0 +1,14 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require "bundler/setup"
4
+ require "min_max_ssl"
5
+
6
+ # You can add fixtures and/or initialization code here to make experimenting
7
+ # with your gem easier. You can also use a different console, if you like.
8
+
9
+ # (If you use this, don't forget to add pry to your Gemfile!)
10
+ # require "pry"
11
+ # Pry.start
12
+
13
+ require "irb"
14
+ IRB.start(__FILE__)
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
data/lib/min_max_ssl.rb ADDED
@@ -0,0 +1,15 @@
1
+ require "min_max_ssl/version"
2
+ require "net/http"
3
+
4
+ module MinMaxSSL
5
+ NEW_SSL_IVNAMES = ::Net::HTTP::SSL_IVNAMES + [:@min_version, :@max_version]
6
+ ::Net::HTTP.send(:remove_const, "SSL_IVNAMES")
7
+ ::Net::HTTP.const_set("SSL_IVNAMES", NEW_SSL_IVNAMES)
8
+
9
+ NEW_SSL_ATTRIBUTES = ::Net::HTTP::SSL_ATTRIBUTES + [:min_version, :max_version]
10
+ ::Net::HTTP.send(:remove_const, "SSL_ATTRIBUTES")
11
+ ::Net::HTTP.const_set("SSL_ATTRIBUTES", NEW_SSL_ATTRIBUTES)
12
+
13
+ ::Net::HTTP.send(:attr_accessor, :min_version)
14
+ ::Net::HTTP.send(:attr_accessor, :max_version)
15
+ end
data/lib/min_max_ssl/version.rb ADDED
@@ -0,0 +1,3 @@
1
+ module MinMaxSSL
2
+ VERSION = "0.1.0"
3
+ end
data/min_max_ssl.gemspec ADDED
@@ -0,0 +1,28 @@
1
+
2
+ lib = File.expand_path("../lib", __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require "min_max_ssl/version"
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "min_max_ssl"
8
+ spec.version = MinMaxSSL::VERSION
9
+ spec.authors = ["Bart de Water"]
10
+ spec.email = ["bartdewater@gmail.com"]
11
+
12
+ spec.summary = %q{Ruby 2.5 Net::HTTP#min_version/max_version backport for Ruby 2.3 and 2.4}
13
+ spec.license = "Ruby"
14
+
15
+ spec.files = `git ls-files -z`.split("\x0").reject do |f|
16
+ f.match(%r{^(test|spec|features)/})
17
+ end
18
+ spec.bindir = "exe"
19
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
20
+ spec.require_paths = ["lib"]
21
+
22
+ spec.required_ruby_version = [">= 2.3.0", "< 2.5.0"]
23
+
24
+ spec.add_dependency "openssl", "~> 2.1"
25
+ spec.add_development_dependency "bundler", "~> 1.16"
26
+ spec.add_development_dependency "rake", "~> 12.0"
27
+ spec.add_development_dependency "minitest", "~> 5.0"
28
+ end
metadata ADDED
@@ -0,0 +1,113 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: min_max_ssl
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Bart de Water
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2018-06-03 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: openssl
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '2.1'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '2.1'
27
+ - !ruby/object:Gem::Dependency
28
+ name: bundler
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '1.16'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '1.16'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rake
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '12.0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '12.0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: minitest
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '5.0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '5.0'
69
+ description:
70
+ email:
71
+ - bartdewater@gmail.com
72
+ executables: []
73
+ extensions: []
74
+ extra_rdoc_files: []
75
+ files:
76
+ - ".gitignore"
77
+ - Gemfile
78
+ - Gemfile.lock
79
+ - README.md
80
+ - Rakefile
81
+ - bin/console
82
+ - bin/setup
83
+ - lib/min_max_ssl.rb
84
+ - lib/min_max_ssl/version.rb
85
+ - min_max_ssl.gemspec
86
+ homepage:
87
+ licenses:
88
+ - Ruby
89
+ metadata: {}
90
+ post_install_message:
91
+ rdoc_options: []
92
+ require_paths:
93
+ - lib
94
+ required_ruby_version: !ruby/object:Gem::Requirement
95
+ requirements:
96
+ - - ">="
97
+ - !ruby/object:Gem::Version
98
+ version: 2.3.0
99
+ - - "<"
100
+ - !ruby/object:Gem::Version
101
+ version: 2.5.0
102
+ required_rubygems_version: !ruby/object:Gem::Requirement
103
+ requirements:
104
+ - - ">="
105
+ - !ruby/object:Gem::Version
106
+ version: '0'
107
+ requirements: []
108
+ rubyforge_project:
109
+ rubygems_version: 2.5.2
110
+ signing_key:
111
+ specification_version: 4
112
+ summary: Ruby 2.5 Net::HTTP#min_version/max_version backport for Ruby 2.3 and 2.4
113
+ test_files: []