smart_proxy_dynflow_core 0.2.4 → 0.2.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 360ced6b9efefcab091ac6870ce28c0c7a1d4282a97bad433c60662180470e94
-  data.tar.gz: da8dcce85083a3db1afe73bbf14e0cbbe9af2b203909b3e6f64ca3dec6578e63
+  metadata.gz: 1e605170d98b043dbebe0199fa07878a479c49517398b76b9ea8763b3f11a944
+  data.tar.gz: 3ca809db6838f8922b523c05b9009f7c06f6f3b7b225f708c0250dab92ee42e5
 SHA512:
-  metadata.gz: 76dc5c88f56a0c16a93e474b46480033d7a23177a5c6d7d0fe8630caaebdca8882179314638e9246573f17a657d79c2abbca48a02b759d5b2deccb7686f8a828
-  data.tar.gz: 4378d3f1c210e996f67dff3c49176838246cbfa97512c18b8ea307fb1c5de34099ce7bc5675c46c90a1886c677015820ae835411993ed12e20f2fb7cf60280f3
+  metadata.gz: 83e7a7cefc7149bbdd9ea1fe75e10abcf3b3264aff1831e64aa87ac9e136404e35c5caf18d376e40be6d7ea845815f30aaa7a3a654d25236d437d7db84472f95
+  data.tar.gz: f748d215cca4ddf825b5f692568f162afdaf16aa394efb776df551365eaf1a09a925f9698a30f16e68c249865976a3aa8115ce5149e845403d1a7598f5de6380

data/lib/smart_proxy_dynflow_core/launcher.rb

@@ -1,11 +1,13 @@
 require 'webrick/https'
 require 'smart_proxy_dynflow_core/bundler_helper'
 require 'smart_proxy_dynflow_core/settings'
-# mute Ruby redefinition warnings when running embedded
-require 'smart_proxy_dynflow_core/webrick-patch' unless defined?(::Proxy::Launcher)
 
 module SmartProxyDynflowCore
   class Launcher
+    CIPHERS = ['ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES256-GCM-SHA384',
+               'AES128-GCM-SHA256', 'AES256-GCM-SHA384', 'AES128-SHA256',
+               'AES256-SHA256', 'AES128-SHA', 'AES256-SHA'].freeze
+
     def self.launch!(options)
       self.new.start options
     end
@@ -93,6 +95,7 @@ module SmartProxyDynflowCore
       ssl_options |= OpenSSL::SSL::OP_NO_SSLv2 if defined?(OpenSSL::SSL::OP_NO_SSLv2)
       ssl_options |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3)
       ssl_options |= OpenSSL::SSL::OP_NO_TLSv1 if defined?(OpenSSL::SSL::OP_NO_TLSv1)
+      ssl_options |= OpenSSL::SSL::OP_NO_TLSv1_1 if defined?(OpenSSL::SSL::OP_NO_TLSv1_1)
 
       if Settings.instance.tls_disabled_versions
         Settings.instance.tls_disabled_versions.each do |version|
@@ -113,6 +116,7 @@ module SmartProxyDynflowCore
         :SSLPrivateKey => ssl_private_key,
         :SSLCertificate => ssl_certificate,
         :SSLCACertificateFile => Settings.instance.ssl_ca_file,
+        :SSLCiphers => CIPHERS - SmartProxyDynflowCore::Settings.instance.ssl_disabled_ciphers,
         :SSLOptions => ssl_options
       }
     end

data/lib/smart_proxy_dynflow_core/version.rb

@@ -1,3 +1,3 @@
 module SmartProxyDynflowCore
-  VERSION = '0.2.4'.freeze
+  VERSION = '0.2.5'.freeze
 end

data/smart_proxy_dynflow_core.gemspec

@@ -22,7 +22,7 @@ Gem::Specification.new do |gem|
   gem.require_paths = ["lib"]
   gem.license = 'GPL-3.0'
 
-  gem.add_development_dependency "bundler", "~> 1.7"
+  gem.add_development_dependency "bundler", ">= 1.7"
   gem.add_development_dependency('minitest')
   gem.add_development_dependency('mocha', '~> 1')
   gem.add_development_dependency('rack-test', '~> 0')

metadata

@@ -1,27 +1,27 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_dynflow_core
 version: !ruby/object:Gem::Version
-  version: 0.2.4
+  version: 0.2.5
 platform: ruby
 authors:
 - Ivan Nečas
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-11-15 00:00:00.000000000 Z
+date: 2020-05-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.7'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.7'
 - !ruby/object:Gem::Dependency
@@ -218,7 +218,6 @@ files:
 - lib/smart_proxy_dynflow_core/task_launcher_registry.rb
 - lib/smart_proxy_dynflow_core/testing.rb
 - lib/smart_proxy_dynflow_core/version.rb
-- lib/smart_proxy_dynflow_core/webrick-patch.rb
 - smart_proxy_dynflow_core.gemspec
 homepage: https://github.com/theforeman/smart_proxy_dynflow
 licenses:

data/lib/smart_proxy_dynflow_core/webrick-patch.rb

@@ -1,38 +0,0 @@
-require 'webrick/https'
-
-CIPHERS = ['ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES256-GCM-SHA384',
-           'AES128-GCM-SHA256', 'AES256-GCM-SHA384', 'AES128-SHA256',
-           'AES256-SHA256', 'AES128-SHA', 'AES256-SHA'].freeze
-
-module WEBrick
-  class GenericServer
-    # rubocop:disable Metrics/AbcSize
-    def setup_ssl_context(config) # :nodoc:
-      unless config[:SSLCertificate]
-        cn = config[:SSLCertName]
-        comment = config[:SSLCertComment]
-        cert, key = Utils.create_self_signed_cert(1024, cn, comment)
-        config[:SSLCertificate] = cert
-        config[:SSLPrivateKey] = key
-      end
-      ctx = OpenSSL::SSL::SSLContext.new
-      ctx.set_params
-      ctx.ciphers = (CIPHERS - SmartProxyDynflowCore::Settings.instance.ssl_disabled_ciphers).join(':')
-      ctx.key = config[:SSLPrivateKey]
-      ctx.cert = config[:SSLCertificate]
-      ctx.client_ca = config[:SSLClientCA]
-      ctx.extra_chain_cert = config[:SSLExtraChainCert]
-      ctx.ca_file = config[:SSLCACertificateFile]
-      ctx.ca_path = config[:SSLCACertificatePath]
-      ctx.cert_store = config[:SSLCertificateStore]
-      ctx.tmp_dh_callback = config[:SSLTmpDhCallback]
-      ctx.verify_mode = config[:SSLVerifyClient]
-      ctx.verify_depth = config[:SSLVerifyDepth]
-      ctx.verify_callback = config[:SSLVerifyCallback]
-      ctx.timeout = config[:SSLTimeout]
-      ctx.options |= config[:SSLOptions] unless config[:SSLOptions].nil?
-      ctx
-    end
-    # rubocop:enable Metrics/AbcSize
-  end
-end