RubyGems - smart_proxy_dynflow_core - Versions diffs - 0.1.9 → 0.1.10 - Mend

smart_proxy_dynflow_core 0.1.9 → 0.1.10

Files changed (6) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 513d997ccd5078f70b0842c041e891a9b8e6b45d
-  data.tar.gz: 3d9ebc3ed5106830630debc3b861f8cd535c341d
+  metadata.gz: 1d315ce6114aaab495e1f8b87b2dde0489c00592
+  data.tar.gz: bbddf664d388dcb713736088099e1b409a58cb79
 SHA512:
-  metadata.gz: 3cdac1fda7699d6ce75a7be4cef55b624e8f0855558f1bac4db592187af5e42e6c42e48748ebca3a2fb20801c132a0a0ab40bcb0edec790139551dc5dcb0f656
-  data.tar.gz: 5b5c962ae2efd134f2cb0ac764942a0025ef778ebaedbf365e2d0238c74bd68551c768150f1bed9ec2dcb455cd3db9c25ed2b40f17b285e54d242cc6bb1c8ebf
+  metadata.gz: 5677aa0cdce89276aeb29fc8faf2a966f2d866a2a7165d8636532dc926d3d1d01011424469086f6b5124fe4ddaa6199a74adccb7cd9bcd1c160d3fda7065f9e5
+  data.tar.gz: e03f189fa0537ef5cf759d23bc1babfc6155f8a5d6cd9a7d62664b3a90a490ca4c19acdab96563942bd50daa80a3b2a8d694c4e05bfeaa047ca746ab50f7ac16

data/config/settings.yml.example CHANGED Viewed

@@ -34,6 +34,11 @@
 # for more information.
 #:ssl_disabled_ciphers: [CIPHER-SUITE-1, CIPHER-SUITE-2]
+# Use this option only if you need to strictly specify TLS versions to be
+# disabled. SSLv3 and TLS v1.0 are always disabled and cannot be configured.
+# Specify versions like: '1.1', or '1.2'
+#:tls_disabled_versions: []
 # File to log to, leave empty for logging to STDOUT
 # :log_file: /var/log/foreman-proxy/smart_proxy_dynflow_core.log

data/lib/smart_proxy_dynflow_core/launcher.rb CHANGED Viewed

@@ -90,6 +90,19 @@ module SmartProxyDynflowCore
       ssl_options |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3)
       ssl_options |= OpenSSL::SSL::OP_NO_TLSv1 if defined?(OpenSSL::SSL::OP_NO_TLSv1)
+      if Settings.instance.tls_disabled_versions
+        Settings.instance.tls_disabled_versions.each do |version|
+          constant = OpenSSL::SSL.const_get("OP_NO_TLSv#{version.to_s.gsub(/\./, '_')}") rescue nil
+          if constant
+            Log.instance.info "TLSv#{version} will be disabled."
+            ssl_options |= constant
+          else
+            Log.instance.warn "TLSv#{version} was not found."
+          end
+        end
+      end
       {
         :SSLEnable => true,
         :SSLVerifyClient => OpenSSL::SSL::VERIFY_PEER,

data/lib/smart_proxy_dynflow_core/settings.rb CHANGED Viewed

@@ -31,6 +31,7 @@ module SmartProxyDynflowCore
         :ssl_private_key => nil,
         :ssl_certificate => nil,
         :ssl_disabled_ciphers => [],
+        :tls_disabled_versions => [],
         :foreman_ssl_ca => nil,
         :foreman_ssl_key => nil,
         :foreman_ssl_cert => nil,

data/lib/smart_proxy_dynflow_core/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module SmartProxyDynflowCore
-  VERSION = '0.1.9'
+  VERSION = '0.1.10'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_dynflow_core
 version: !ruby/object:Gem::Version
-  version: 0.1.9
+  version: 0.1.10
 platform: ruby
 authors:
 - Ivan Nečas
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-01-23 00:00:00.000000000 Z
+date: 2018-01-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler