RubyGems - smart_proxy_dynflow_core - Versions diffs - 0.1.9 → 0.1.10 - Mend

smart_proxy_dynflow_core 0.1.9 → 0.1.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/config/settings.yml.example +5 -0
data/lib/smart_proxy_dynflow_core/launcher.rb +13 -0
data/lib/smart_proxy_dynflow_core/settings.rb +1 -0
data/lib/smart_proxy_dynflow_core/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 513d997ccd5078f70b0842c041e891a9b8e6b45d
-  data.tar.gz: 3d9ebc3ed5106830630debc3b861f8cd535c341d
+  metadata.gz: 1d315ce6114aaab495e1f8b87b2dde0489c00592
+  data.tar.gz: bbddf664d388dcb713736088099e1b409a58cb79
 SHA512:
-  metadata.gz: 3cdac1fda7699d6ce75a7be4cef55b624e8f0855558f1bac4db592187af5e42e6c42e48748ebca3a2fb20801c132a0a0ab40bcb0edec790139551dc5dcb0f656
-  data.tar.gz: 5b5c962ae2efd134f2cb0ac764942a0025ef778ebaedbf365e2d0238c74bd68551c768150f1bed9ec2dcb455cd3db9c25ed2b40f17b285e54d242cc6bb1c8ebf
+  metadata.gz: 5677aa0cdce89276aeb29fc8faf2a966f2d866a2a7165d8636532dc926d3d1d01011424469086f6b5124fe4ddaa6199a74adccb7cd9bcd1c160d3fda7065f9e5
+  data.tar.gz: e03f189fa0537ef5cf759d23bc1babfc6155f8a5d6cd9a7d62664b3a90a490ca4c19acdab96563942bd50daa80a3b2a8d694c4e05bfeaa047ca746ab50f7ac16

data/config/settings.yml.example CHANGED Viewed

@@ -34,6 +34,11 @@
 # for more information.
 #:ssl_disabled_ciphers: [CIPHER-SUITE-1, CIPHER-SUITE-2]
+# Use this option only if you need to strictly specify TLS versions to be
+# disabled. SSLv3 and TLS v1.0 are always disabled and cannot be configured.
+# Specify versions like: '1.1', or '1.2'
+#:tls_disabled_versions: []
 # File to log to, leave empty for logging to STDOUT
 # :log_file: /var/log/foreman-proxy/smart_proxy_dynflow_core.log

data/lib/smart_proxy_dynflow_core/launcher.rb CHANGED Viewed

@@ -90,6 +90,19 @@ module SmartProxyDynflowCore
       ssl_options |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3)
       ssl_options |= OpenSSL::SSL::OP_NO_TLSv1 if defined?(OpenSSL::SSL::OP_NO_TLSv1)
+      if Settings.instance.tls_disabled_versions
+        Settings.instance.tls_disabled_versions.each do |version|
+          constant = OpenSSL::SSL.const_get("OP_NO_TLSv#{version.to_s.gsub(/\./, '_')}") rescue nil
+          if constant
+            Log.instance.info "TLSv#{version} will be disabled."
+            ssl_options |= constant
+          else
+            Log.instance.warn "TLSv#{version} was not found."
+          end
+        end
+      end
       {
         :SSLEnable => true,
         :SSLVerifyClient => OpenSSL::SSL::VERIFY_PEER,

data/lib/smart_proxy_dynflow_core/settings.rb CHANGED Viewed

@@ -31,6 +31,7 @@ module SmartProxyDynflowCore
         :ssl_private_key => nil,
         :ssl_certificate => nil,
         :ssl_disabled_ciphers => [],
+        :tls_disabled_versions => [],
         :foreman_ssl_ca => nil,
         :foreman_ssl_key => nil,
         :foreman_ssl_cert => nil,

data/lib/smart_proxy_dynflow_core/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module SmartProxyDynflowCore
-  VERSION = '0.1.9'
+  VERSION = '0.1.10'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_dynflow_core
 version: !ruby/object:Gem::Version
-  version: 0.1.9
+  version: 0.1.10
 platform: ruby
 authors:
 - Ivan Nečas
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-01-23 00:00:00.000000000 Z
+date: 2018-01-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler