Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:Update
rubygem-puma.17574
0003-Add-support-for-specifying-ssl-ciphers-via...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0003-Add-support-for-specifying-ssl-ciphers-via-binds-par.patch of Package rubygem-puma.17574
From f51f6b4615a390f0c6bb86559b9a2c5f865e8136 Mon Sep 17 00:00:00 2001 From: dmaiocchi <dmaiocchi@suse.com> Date: Sat, 1 Aug 2020 09:27:59 +0200 Subject: [PATCH] Add support for specifying ssl ciphers via :binds parameters --- ext/puma_http11/org/jruby/puma/MiniSSL.java | 6 ++++++ lib/puma/binder.rb | 2 ++ lib/puma/const.rb | 2 ++ lib/puma/minissl.rb | 2 ++ 4 files changed, 12 insertions(+) diff --git a/ext/puma_http11/org/jruby/puma/MiniSSL.java b/ext/puma_http11/org/jruby/puma/MiniSSL.java index 82464255..111c79d9 100644 --- a/ext/puma_http11/org/jruby/puma/MiniSSL.java +++ b/ext/puma_http11/org/jruby/puma/MiniSSL.java @@ -180,6 +180,12 @@ public class MiniSSL extends RubyObject { engine.setNeedClientAuth(true); } + IRubyObject sslCipherListObject = miniSSLContext.callMethod(threadContext, "ssl_cipher_list"); + if (!sslCipherListObject.isNil()) { + String[] sslCipherList = sslCipherListObject.convertToString().asJavaString().split(","); + engine.setEnabledCipherSuites(sslCipherList); + } + SSLSession session = engine.getSession(); inboundNetData = new MiniSSLBuffer(session.getPacketBufferSize()); outboundAppData = new MiniSSLBuffer(session.getApplicationBufferSize()); diff --git a/lib/puma/binder.rb b/lib/puma/binder.rb index b794446e..d53f0688 100644 --- a/lib/puma/binder.rb +++ b/lib/puma/binder.rb @@ -162,6 +162,7 @@ module Puma end ctx.keystore_pass = params['keystore-pass'] + ctx.ssl_cipher_list = params['ssl_cipher_list'] if params['ssl_cipher_list'] else unless params['key'] @events.error "Please specify the SSL key via 'key='" @@ -182,6 +183,7 @@ module Puma end ctx.ca = params['ca'] if params['ca'] + ctx.ssl_cipher_filter = params['ssl_cipher_filter'] if params['ssl_cipher_filter'] end ctx.no_tlsv1 = true if params['no_tlsv1'] == 'true' diff --git a/lib/puma/const.rb b/lib/puma/const.rb index 7166d8c5..3597bb03 100644 --- a/lib/puma/const.rb +++ b/lib/puma/const.rb @@ -225,5 +225,7 @@ module Puma HIJACK_IO = "rack.hijack_io".freeze EARLY_HINTS = "rack.early_hints".freeze + # Mininum interval to checks worker health + WORKER_CHECK_INTERVAL = 5 end end diff --git a/lib/puma/minissl.rb b/lib/puma/minissl.rb index d48c5c13..c4dcad24 100644 --- a/lib/puma/minissl.rb +++ b/lib/puma/minissl.rb @@ -186,6 +186,7 @@ module Puma # jruby-specific Context properties: java uses a keystore and password pair rather than a cert/key pair attr_reader :keystore attr_accessor :keystore_pass + attr_accessor :ssl_cipher_list def keystore=(keystore) raise ArgumentError, "No such keystore file '#{keystore}'" unless File.exist? keystore @@ -201,6 +202,7 @@ module Puma attr_reader :key attr_reader :cert attr_reader :ca + attr_accessor :ssl_cipher_filter def key=(key) raise ArgumentError, "No such key file '#{key}'" unless File.exist? key -- 2.26.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor