vault 0.16.0 → 0.18.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +15 -1
- data/LICENSE +2 -0
- data/lib/vault/api/approle.rb +3 -0
- data/lib/vault/api/auth.rb +11 -3
- data/lib/vault/api/auth_tls.rb +3 -0
- data/lib/vault/api/auth_token.rb +3 -0
- data/lib/vault/api/help.rb +3 -0
- data/lib/vault/api/kv.rb +3 -0
- data/lib/vault/api/logical.rb +3 -0
- data/lib/vault/api/secret.rb +3 -0
- data/lib/vault/api/sys/audit.rb +3 -0
- data/lib/vault/api/sys/auth.rb +3 -0
- data/lib/vault/api/sys/health.rb +3 -0
- data/lib/vault/api/sys/init.rb +3 -0
- data/lib/vault/api/sys/leader.rb +3 -0
- data/lib/vault/api/sys/lease.rb +3 -0
- data/lib/vault/api/sys/mount.rb +57 -0
- data/lib/vault/api/sys/namespace.rb +3 -0
- data/lib/vault/api/sys/policy.rb +3 -0
- data/lib/vault/api/sys/quota.rb +3 -0
- data/lib/vault/api/sys/seal.rb +3 -0
- data/lib/vault/api/sys.rb +3 -0
- data/lib/vault/api/transform/alphabet.rb +3 -0
- data/lib/vault/api/transform/role.rb +3 -0
- data/lib/vault/api/transform/template.rb +3 -0
- data/lib/vault/api/transform/transformation.rb +3 -0
- data/lib/vault/api/transform.rb +3 -0
- data/lib/vault/api.rb +3 -0
- data/lib/vault/client.rb +18 -20
- data/lib/vault/configurable.rb +3 -0
- data/lib/vault/defaults.rb +4 -1
- data/lib/vault/encode.rb +3 -0
- data/lib/vault/errors.rb +15 -0
- data/lib/vault/persistent/connection.rb +3 -0
- data/lib/vault/persistent/pool.rb +3 -0
- data/lib/vault/persistent/timed_stack_multi.rb +3 -0
- data/lib/vault/persistent.rb +22 -22
- data/lib/vault/request.rb +3 -0
- data/lib/vault/response.rb +3 -0
- data/lib/vault/vendor/connection_pool/timed_stack.rb +3 -0
- data/lib/vault/vendor/connection_pool/version.rb +3 -0
- data/lib/vault/vendor/connection_pool.rb +3 -0
- data/lib/vault/version.rb +4 -1
- data/lib/vault.rb +9 -5
- metadata +21 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 111fe5b36f83c0d507ec99a0fda7a8cb7a483136f29a0a709dececfa0f1965ed
|
4
|
+
data.tar.gz: 970b448a78d140f8ebaf289bf597ca47ebc25516a189fe1d615ed47d2a8fa671
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 87854275263cc1e88d21be3e2e5eb9ed4d9fa3d61429df0901d1ed278c64ae667a92ffff95789766ee73fb7d132021125bcf6d7de63840c124d5dfe143c89838
|
7
|
+
data.tar.gz: b18967dd085a2e02c2de9d0a7d8570d61069324dd17af21b9b7f2bec0a5382233cc75a534b39acf926947bc9cd4a85ab0b8c7207528961c70e0ee34e277c1ae4
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,20 @@
|
|
1
1
|
# Vault Ruby Changelog
|
2
2
|
|
3
|
-
##
|
3
|
+
## v?.??.? (Unreleased)
|
4
|
+
|
5
|
+
## v0.18.0 (September 14, 2023)
|
6
|
+
|
7
|
+
IMPROVEMENTS
|
8
|
+
|
9
|
+
- Added support for TLS v1.3 by replacing `ssl_version` with `min_version`.
|
10
|
+
|
11
|
+
## v0.17.0 (May 11, 2022)
|
12
|
+
|
13
|
+
IMPROVEMENTS
|
14
|
+
|
15
|
+
- Added MissingRequiredStateErr error type to refer to 412s returned by Vault 1.10 when the WAL index on the node does not match the index in the Server-Side Consistent Token. This error type can be passed as a parameter to `#with_retries`, and will also be retried automatically when `#with_retries` is used with no parameters.
|
16
|
+
|
17
|
+
## v0.16.0 (March 17, 2021)
|
4
18
|
|
5
19
|
IMPROVEMENTS
|
6
20
|
|
data/LICENSE
CHANGED
data/lib/vault/api/approle.rb
CHANGED
data/lib/vault/api/auth.rb
CHANGED
@@ -1,3 +1,6 @@
|
|
1
|
+
# Copyright (c) HashiCorp, Inc.
|
2
|
+
# SPDX-License-Identifier: MPL-2.0
|
3
|
+
|
1
4
|
require "json"
|
2
5
|
|
3
6
|
require_relative "secret"
|
@@ -286,12 +289,17 @@ module Vault
|
|
286
289
|
# @param [String] path (default: 'cert')
|
287
290
|
# The path to the auth backend to use for the login procedure.
|
288
291
|
#
|
292
|
+
# @param [String] name optional
|
293
|
+
# The named certificate role provided to the login request.
|
294
|
+
#
|
289
295
|
# @return [Secret]
|
290
|
-
def tls(pem = nil, path = 'cert')
|
296
|
+
def tls(pem = nil, path = 'cert', name: nil)
|
291
297
|
new_client = client.dup
|
292
298
|
new_client.ssl_pem_contents = pem if !pem.nil?
|
293
299
|
|
294
|
-
|
300
|
+
opts = {}
|
301
|
+
opts[:name] = name if name
|
302
|
+
json = new_client.post("/v1/auth/#{CGI.escape(path)}/login", opts)
|
295
303
|
secret = Secret.decode(json)
|
296
304
|
client.token = secret.auth.client_token
|
297
305
|
return secret
|
@@ -308,7 +316,7 @@ module Vault
|
|
308
316
|
#
|
309
317
|
# @return [String] aws region
|
310
318
|
def region_from_sts_endpoint(sts_endpoint)
|
311
|
-
valid_sts_endpoint = %r{https:\/\/sts\.?(.*)
|
319
|
+
valid_sts_endpoint = %r{https:\/\/sts\.?(.*)\.amazonaws\.com}.match(sts_endpoint)
|
312
320
|
raise "Unable to parse STS endpoint #{sts_endpoint}" unless valid_sts_endpoint
|
313
321
|
valid_sts_endpoint[1].empty? ? 'us-east-1' : valid_sts_endpoint[1]
|
314
322
|
end
|
data/lib/vault/api/auth_tls.rb
CHANGED
data/lib/vault/api/auth_token.rb
CHANGED
data/lib/vault/api/help.rb
CHANGED
data/lib/vault/api/kv.rb
CHANGED
data/lib/vault/api/logical.rb
CHANGED
data/lib/vault/api/secret.rb
CHANGED
data/lib/vault/api/sys/audit.rb
CHANGED
data/lib/vault/api/sys/auth.rb
CHANGED
data/lib/vault/api/sys/health.rb
CHANGED
data/lib/vault/api/sys/init.rb
CHANGED
data/lib/vault/api/sys/leader.rb
CHANGED
data/lib/vault/api/sys/lease.rb
CHANGED
data/lib/vault/api/sys/mount.rb
CHANGED
@@ -1,3 +1,6 @@
|
|
1
|
+
# Copyright (c) HashiCorp, Inc.
|
2
|
+
# SPDX-License-Identifier: MPL-2.0
|
3
|
+
|
1
4
|
require "json"
|
2
5
|
|
3
6
|
module Vault
|
@@ -23,6 +26,48 @@ module Vault
|
|
23
26
|
field :options
|
24
27
|
end
|
25
28
|
|
29
|
+
class MountTune < Response
|
30
|
+
# @!attribute [r] description
|
31
|
+
# Specifies the description of the mount.
|
32
|
+
# @return [String]
|
33
|
+
field :description
|
34
|
+
|
35
|
+
# @!attribute [r] default_lease_ttl
|
36
|
+
# Specifies the default time-to-live.
|
37
|
+
# @return [Fixnum]
|
38
|
+
field :default_lease_ttl
|
39
|
+
|
40
|
+
# @!attribute [r] max_lease_ttl
|
41
|
+
# Specifies the maximum time-to-live.
|
42
|
+
# @return [Fixnum]
|
43
|
+
field :max_lease_ttl
|
44
|
+
|
45
|
+
# @!attribute [r] audit_non_hmac_request_keys
|
46
|
+
# Specifies the comma-separated list of keys that will not be HMAC'd by audit devices in the request data object.
|
47
|
+
# @return [Array<String>]
|
48
|
+
field :audit_non_hmac_request_keys
|
49
|
+
|
50
|
+
# @!attribute [r] audit_non_hmac_response_keys
|
51
|
+
# Specifies the comma-separated list of keys that will not be HMAC'd by audit devices in the response data object.
|
52
|
+
# @return [Array<String>]
|
53
|
+
field :audit_non_hmac_response_keys
|
54
|
+
|
55
|
+
# @!attribute [r] listing_visibility
|
56
|
+
# Specifies whether to show this mount in the UI-specific listing endpoint.
|
57
|
+
# @return [String]
|
58
|
+
field :listing_visibility
|
59
|
+
|
60
|
+
# @!attribute [r] passthrough_request_headers
|
61
|
+
# Comma-separated list of headers to whitelist and pass from the request to the plugin.
|
62
|
+
# @return [Array<String>]
|
63
|
+
field :passthrough_request_headers
|
64
|
+
|
65
|
+
# @!attribute [r] allowed_response_headers
|
66
|
+
# Comma-separated list of headers to whitelist, allowing a plugin to include them in the response.
|
67
|
+
# @return [Array<String>]
|
68
|
+
field :allowed_response_headers
|
69
|
+
end
|
70
|
+
|
26
71
|
class Sys < Request
|
27
72
|
# List all mounts in the vault.
|
28
73
|
#
|
@@ -57,6 +102,18 @@ module Vault
|
|
57
102
|
return true
|
58
103
|
end
|
59
104
|
|
105
|
+
# Get the mount tunings at a given path.
|
106
|
+
#
|
107
|
+
# @example
|
108
|
+
# Vault.sys.get_mount_tune("pki") #=> { :pki => #<struct Vault::MountTune default_lease_ttl=2764800> }
|
109
|
+
#
|
110
|
+
# @return [MountTune]
|
111
|
+
def get_mount_tune(path)
|
112
|
+
json = client.get("/v1/sys/mounts/#{encode_path(path)}/tune")
|
113
|
+
json = json[:data] if json[:data]
|
114
|
+
return MountTune.decode(json)
|
115
|
+
end
|
116
|
+
|
60
117
|
# Tune a mount at the given path.
|
61
118
|
#
|
62
119
|
# @example
|
data/lib/vault/api/sys/policy.rb
CHANGED
data/lib/vault/api/sys/quota.rb
CHANGED
data/lib/vault/api/sys/seal.rb
CHANGED
data/lib/vault/api/sys.rb
CHANGED
data/lib/vault/api/transform.rb
CHANGED
data/lib/vault/api.rb
CHANGED
data/lib/vault/client.rb
CHANGED
@@ -1,3 +1,6 @@
|
|
1
|
+
# Copyright (c) HashiCorp, Inc.
|
2
|
+
# SPDX-License-Identifier: MPL-2.0
|
3
|
+
|
1
4
|
require "cgi"
|
2
5
|
require "json"
|
3
6
|
require "uri"
|
@@ -45,6 +48,7 @@ module Vault
|
|
45
48
|
|
46
49
|
# Failed to reach the server (aka bad URL)
|
47
50
|
a << Errno::ECONNREFUSED
|
51
|
+
a << Errno::EADDRNOTAVAIL
|
48
52
|
|
49
53
|
# Failed to read body or no response body given
|
50
54
|
a << EOFError
|
@@ -60,11 +64,6 @@ module Vault
|
|
60
64
|
a << PersistentHTTP::Error
|
61
65
|
end.freeze
|
62
66
|
|
63
|
-
# Indicates a requested operation is not possible due to security
|
64
|
-
# concerns.
|
65
|
-
class SecurityError < RuntimeError
|
66
|
-
end
|
67
|
-
|
68
67
|
include Vault::Configurable
|
69
68
|
|
70
69
|
# Create a new Client with the given options. Any options given take
|
@@ -113,8 +112,8 @@ module Vault
|
|
113
112
|
|
114
113
|
@nhp.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
115
114
|
|
116
|
-
# Vault requires TLS1.2
|
117
|
-
@nhp.
|
115
|
+
# Vault requires at least TLS1.2
|
116
|
+
@nhp.min_version = OpenSSL::SSL::TLS1_2_VERSION
|
118
117
|
|
119
118
|
# Only use secure ciphers
|
120
119
|
@nhp.ciphers = ssl_ciphers
|
@@ -245,10 +244,6 @@ module Vault
|
|
245
244
|
request.basic_auth uri.user, uri.password
|
246
245
|
end
|
247
246
|
|
248
|
-
if proxy_address and uri.scheme.downcase == "https"
|
249
|
-
raise SecurityError, "no direct https connection to vault"
|
250
|
-
end
|
251
|
-
|
252
247
|
# Get a list of headers
|
253
248
|
headers = DEFAULT_HEADERS.merge(headers)
|
254
249
|
|
@@ -387,17 +382,20 @@ module Vault
|
|
387
382
|
# the response object from the request
|
388
383
|
def error(response)
|
389
384
|
if response.body && response.body.match("missing client token")
|
390
|
-
|
391
|
-
end
|
392
|
-
|
393
|
-
# Use the correct exception class
|
394
|
-
case response
|
395
|
-
when Net::HTTPClientError
|
385
|
+
# Vault 1.10+ no longer returns "missing" client token" so we use HTTPClientError
|
396
386
|
klass = HTTPClientError
|
397
|
-
when Net::HTTPServerError
|
398
|
-
klass = HTTPServerError
|
399
387
|
else
|
400
|
-
|
388
|
+
# Use the correct exception class
|
389
|
+
case response
|
390
|
+
when Net::HTTPPreconditionFailed
|
391
|
+
raise MissingRequiredStateError.new
|
392
|
+
when Net::HTTPClientError
|
393
|
+
klass = HTTPClientError
|
394
|
+
when Net::HTTPServerError
|
395
|
+
klass = HTTPServerError
|
396
|
+
else
|
397
|
+
klass = HTTPError
|
398
|
+
end
|
401
399
|
end
|
402
400
|
|
403
401
|
if (response.content_type || '').include?("json")
|
data/lib/vault/configurable.rb
CHANGED
data/lib/vault/defaults.rb
CHANGED
@@ -1,3 +1,6 @@
|
|
1
|
+
# Copyright (c) HashiCorp, Inc.
|
2
|
+
# SPDX-License-Identifier: MPL-2.0
|
3
|
+
|
1
4
|
require "pathname"
|
2
5
|
require "base64"
|
3
6
|
|
@@ -35,7 +38,7 @@ module Vault
|
|
35
38
|
|
36
39
|
# The set of exceptions that are detect and retried by default
|
37
40
|
# with `with_retries`
|
38
|
-
RETRIED_EXCEPTIONS = [HTTPServerError]
|
41
|
+
RETRIED_EXCEPTIONS = [HTTPServerError, MissingRequiredStateError]
|
39
42
|
|
40
43
|
class << self
|
41
44
|
# The list of calculated options for this configurable.
|
data/lib/vault/encode.rb
CHANGED
data/lib/vault/errors.rb
CHANGED
@@ -1,3 +1,6 @@
|
|
1
|
+
# Copyright (c) HashiCorp, Inc.
|
2
|
+
# SPDX-License-Identifier: MPL-2.0
|
3
|
+
|
1
4
|
module Vault
|
2
5
|
class VaultError < RuntimeError; end
|
3
6
|
|
@@ -22,6 +25,18 @@ EOH
|
|
22
25
|
end
|
23
26
|
end
|
24
27
|
|
28
|
+
class MissingRequiredStateError < VaultError
|
29
|
+
def initialize
|
30
|
+
super <<-EOH
|
31
|
+
The performance standby node does not yet have the
|
32
|
+
most recent index state required to authenticate
|
33
|
+
the request.
|
34
|
+
|
35
|
+
Generally, the request should be retried with the with_retries clause.
|
36
|
+
EOH
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
25
40
|
class HTTPConnectionError < VaultError
|
26
41
|
attr_reader :address
|
27
42
|
|
data/lib/vault/persistent.rb
CHANGED
@@ -1,3 +1,6 @@
|
|
1
|
+
# Copyright (c) HashiCorp, Inc.
|
2
|
+
# SPDX-License-Identifier: MPL-2.0
|
3
|
+
|
1
4
|
# Vendored and modified from github.com/drbrain/net-http-persistent
|
2
5
|
#
|
3
6
|
require 'net/http'
|
@@ -71,11 +74,11 @@ autoload :OpenSSL, 'openssl'
|
|
71
74
|
# #ca_path :: Directory with certificate-authorities
|
72
75
|
# #cert_store :: An SSL certificate store
|
73
76
|
# #ciphers :: List of SSl ciphers allowed
|
77
|
+
# #min_version :: Minimum SSL version to use
|
74
78
|
# #private_key :: The client's SSL private key
|
75
79
|
# #reuse_ssl_sessions :: Reuse a previously opened SSL session for a new
|
76
80
|
# connection
|
77
81
|
# #ssl_timeout :: SSL session lifetime
|
78
|
-
# #ssl_version :: Which specific SSL version to use
|
79
82
|
# #verify_callback :: For server certificate verification
|
80
83
|
# #verify_depth :: Depth of certificate verification
|
81
84
|
# #verify_mode :: How connections should be verified
|
@@ -364,6 +367,11 @@ class PersistentHTTP
|
|
364
367
|
|
365
368
|
attr_reader :name
|
366
369
|
|
370
|
+
##
|
371
|
+
# Minimum SSL version to use.
|
372
|
+
|
373
|
+
attr_reader :min_version
|
374
|
+
|
367
375
|
##
|
368
376
|
# Seconds to wait until a connection is opened. See Net::HTTP#open_timeout
|
369
377
|
|
@@ -434,14 +442,6 @@ class PersistentHTTP
|
|
434
442
|
|
435
443
|
attr_reader :ssl_timeout
|
436
444
|
|
437
|
-
##
|
438
|
-
# SSL version to use.
|
439
|
-
#
|
440
|
-
# By default, the version will be negotiated automatically between client
|
441
|
-
# and server. Ruby 1.9 and newer only.
|
442
|
-
|
443
|
-
attr_reader :ssl_version
|
444
|
-
|
445
445
|
##
|
446
446
|
# Where this instance's last-use times live in the thread local variables
|
447
447
|
|
@@ -528,9 +528,9 @@ class PersistentHTTP
|
|
528
528
|
@ca_file = nil
|
529
529
|
@ca_path = nil
|
530
530
|
@ciphers = nil
|
531
|
+
@min_version = nil
|
531
532
|
@private_key = nil
|
532
533
|
@ssl_timeout = nil
|
533
|
-
@ssl_version = nil
|
534
534
|
@verify_callback = nil
|
535
535
|
@verify_depth = nil
|
536
536
|
@verify_mode = nil
|
@@ -603,10 +603,10 @@ class PersistentHTTP
|
|
603
603
|
def connection_for uri
|
604
604
|
use_ssl = uri.scheme.downcase == 'https'
|
605
605
|
|
606
|
-
net_http_args = [uri.
|
606
|
+
net_http_args = [uri.hostname, uri.port]
|
607
607
|
|
608
608
|
net_http_args.concat @proxy_args if
|
609
|
-
@proxy_uri and not proxy_bypass? uri.
|
609
|
+
@proxy_uri and not proxy_bypass? uri.hostname, uri.port
|
610
610
|
|
611
611
|
connection = @pool.checkout net_http_args
|
612
612
|
|
@@ -715,7 +715,7 @@ class PersistentHTTP
|
|
715
715
|
# Returns the HTTP protocol version for +uri+
|
716
716
|
|
717
717
|
def http_version uri
|
718
|
-
@http_versions["#{uri.
|
718
|
+
@http_versions["#{uri.hostname}:#{uri.port}"]
|
719
719
|
end
|
720
720
|
|
721
721
|
##
|
@@ -798,7 +798,7 @@ class PersistentHTTP
|
|
798
798
|
|
799
799
|
if @proxy_uri then
|
800
800
|
@proxy_args = [
|
801
|
-
@proxy_uri.
|
801
|
+
@proxy_uri.hostname,
|
802
802
|
@proxy_uri.port,
|
803
803
|
unescape(@proxy_uri.user),
|
804
804
|
unescape(@proxy_uri.password),
|
@@ -973,7 +973,7 @@ class PersistentHTTP
|
|
973
973
|
end
|
974
974
|
end
|
975
975
|
|
976
|
-
@http_versions["#{uri.
|
976
|
+
@http_versions["#{uri.hostname}:#{uri.port}"] ||= response.http_version
|
977
977
|
|
978
978
|
response
|
979
979
|
end
|
@@ -1043,8 +1043,8 @@ class PersistentHTTP
|
|
1043
1043
|
connection.use_ssl = true
|
1044
1044
|
|
1045
1045
|
connection.ciphers = @ciphers if @ciphers
|
1046
|
+
connection.min_version = @min_version if @min_version
|
1046
1047
|
connection.ssl_timeout = @ssl_timeout if @ssl_timeout
|
1047
|
-
connection.ssl_version = @ssl_version if @ssl_version
|
1048
1048
|
|
1049
1049
|
connection.verify_depth = @verify_depth
|
1050
1050
|
connection.verify_mode = @verify_mode
|
@@ -1098,19 +1098,19 @@ application:
|
|
1098
1098
|
end
|
1099
1099
|
|
1100
1100
|
##
|
1101
|
-
# SSL
|
1101
|
+
# Minimum SSL version to use
|
1102
1102
|
|
1103
|
-
def
|
1104
|
-
@
|
1103
|
+
def min_version= min_version
|
1104
|
+
@min_version = min_version
|
1105
1105
|
|
1106
1106
|
reconnect_ssl
|
1107
1107
|
end
|
1108
1108
|
|
1109
1109
|
##
|
1110
|
-
# SSL
|
1110
|
+
# SSL session lifetime
|
1111
1111
|
|
1112
|
-
def
|
1113
|
-
@
|
1112
|
+
def ssl_timeout= ssl_timeout
|
1113
|
+
@ssl_timeout = ssl_timeout
|
1114
1114
|
|
1115
1115
|
reconnect_ssl
|
1116
1116
|
end
|
data/lib/vault/request.rb
CHANGED
data/lib/vault/response.rb
CHANGED
data/lib/vault/version.rb
CHANGED
data/lib/vault.rb
CHANGED
@@ -1,3 +1,6 @@
|
|
1
|
+
# Copyright (c) HashiCorp, Inc.
|
2
|
+
# SPDX-License-Identifier: MPL-2.0
|
3
|
+
|
1
4
|
module Vault
|
2
5
|
require_relative "vault/errors"
|
3
6
|
require_relative "vault/client"
|
@@ -18,12 +21,13 @@ module Vault
|
|
18
21
|
@client = Vault::Client.new
|
19
22
|
|
20
23
|
# Set secure SSL options
|
21
|
-
OpenSSL::SSL::SSLContext::DEFAULT_PARAMS
|
22
|
-
opts &= ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS if defined?(OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS)
|
23
|
-
opts |= OpenSSL::SSL::OP_NO_COMPRESSION if defined?(OpenSSL::SSL::OP_NO_COMPRESSION)
|
24
|
-
opts |= OpenSSL::SSL::OP_NO_SSLv2 if defined?(OpenSSL::SSL::OP_NO_SSLv2)
|
25
|
-
opts |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3)
|
24
|
+
OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.tap do |opts|
|
25
|
+
opts[:options] &= ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS if defined?(OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS)
|
26
|
+
opts[:options] |= OpenSSL::SSL::OP_NO_COMPRESSION if defined?(OpenSSL::SSL::OP_NO_COMPRESSION)
|
27
|
+
opts[:options] |= OpenSSL::SSL::OP_NO_SSLv2 if defined?(OpenSSL::SSL::OP_NO_SSLv2)
|
28
|
+
opts[:options] |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3)
|
26
29
|
end
|
30
|
+
|
27
31
|
|
28
32
|
self
|
29
33
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: vault
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.18.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Seth Vargo
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-09-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sigv4
|
@@ -108,9 +108,23 @@ dependencies:
|
|
108
108
|
- - "~>"
|
109
109
|
- !ruby/object:Gem::Version
|
110
110
|
version: 3.8.3
|
111
|
+
- !ruby/object:Gem::Dependency
|
112
|
+
name: webrick
|
113
|
+
requirement: !ruby/object:Gem::Requirement
|
114
|
+
requirements:
|
115
|
+
- - "~>"
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: '1.5'
|
118
|
+
type: :development
|
119
|
+
prerelease: false
|
120
|
+
version_requirements: !ruby/object:Gem::Requirement
|
121
|
+
requirements:
|
122
|
+
- - "~>"
|
123
|
+
- !ruby/object:Gem::Version
|
124
|
+
version: '1.5'
|
111
125
|
description: Vault is a Ruby API client for interacting with a Vault server.
|
112
126
|
email:
|
113
|
-
-
|
127
|
+
- team-vault-devex@hashicorp.com
|
114
128
|
executables: []
|
115
129
|
extensions: []
|
116
130
|
extra_rdoc_files: []
|
@@ -164,7 +178,7 @@ homepage: https://github.com/hashicorp/vault-ruby
|
|
164
178
|
licenses:
|
165
179
|
- MPL-2.0
|
166
180
|
metadata: {}
|
167
|
-
post_install_message:
|
181
|
+
post_install_message:
|
168
182
|
rdoc_options: []
|
169
183
|
require_paths:
|
170
184
|
- lib
|
@@ -179,8 +193,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
179
193
|
- !ruby/object:Gem::Version
|
180
194
|
version: '0'
|
181
195
|
requirements: []
|
182
|
-
rubygems_version: 3.
|
183
|
-
signing_key:
|
196
|
+
rubygems_version: 3.4.10
|
197
|
+
signing_key:
|
184
198
|
specification_version: 4
|
185
199
|
summary: Vault is a Ruby API client for interacting with a Vault server.
|
186
200
|
test_files: []
|